name: Build on: push: pull_request_target: types: [labeled] env: JAVA_VERSION: 17 defaults: run: shell: bash jobs: test: name: Compile and Test runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')" steps: - uses: actions/checkout@v2 - uses: actions/setup-java@v2 with: distribution: 'temurin' java-version: ${{ env.JAVA_VERSION }} cache: 'maven' - name: Cache SonarCloud packages uses: actions/cache@v2 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: Build and Test run: > xvfb-run mvn -B verify jacoco:report org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Pcoverage,dependency-check -Dsonar.projectKey=cryptomator_cryptomator -Dsonar.organization=cryptomator -Dsonar.host.url=https://sonarcloud.io env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - name: Sign source tarball with key 615D449FE6E6A235 if: startsWith(github.ref, 'refs/tags/') run: | git archive --prefix="cryptomator-${{ github.ref_name }}/" -o "cryptomator-${{ github.ref_name }}.tar.gz" ${{ github.ref }} echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.tar.gz env: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Draft a release if: startsWith(github.ref, 'refs/tags/') uses: softprops/action-gh-release@v1 with: draft: true discussion_category_name: releases token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} generate_release_notes: true files: | cryptomator-*.tar.gz.asc fail_on_unmatched_files: true body: |- :construction: Work in Progress ---