| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 |
- name: Build
- on:
- push:
- pull_request_target:
- types: [labeled]
- env:
- JAVA_VERSION: 17
- defaults:
- run:
- shell: bash
- jobs:
- release-check-precondition:
- name: Validate pushed commit to release/hotfix branch or pushed tag
- runs-on: ubuntu-latest
- if: "(startsWith(github.ref, 'refs/tags/') || startsWith(github.ref, 'refs/heads/hotfix/') || startsWith(github.ref, 'refs/heads/release/'))
- && !(contains(github.event.head_commit.message, '[ci skip]') || contains(github.event.head_commit.message, '[skip ci]'))"
- steps:
- - uses: actions/checkout@v2
- - id: validate-pom-version
- name: Validate POM version
- run: |
- if [[ $GITHUB_REF =~ refs/heads/(hotfix|release)/[0-9]+\.[0-9]+\.[0-9]+.* ]]; then
- SEM_VER_STR=${GITHUB_REF##*/}
- elif [[ $GITHUB_REF =~ refs/tags/[0-9]+\.[0-9]+\.[0-9]+.* ]]; then
- SEM_VER_STR=${GITHUB_REF##*/}
- else
- echo "Failed to parse version"
- exit 1
- fi
- if [[ ${SEM_VER_STR} == `mvn help:evaluate -Dexpression=project.version -q -DforceStdout` ]]; then
- echo "::set-output name=semVerStr::${SEM_VER_STR}"
- else
- echo "Version not set in POM"
- exit 1
- fi
- - name: Validate release in org.cryptomator.Cryptomator.metainfo.xml file
- run: |
- if ! grep -q "<release date=\".*\" version=\"${{ steps.validate-pom-version.outputs.semVerStr }}\"/>" dist/linux/common/org.cryptomator.Cryptomator.metainfo.xml; then
- echo "Release not set in dist/linux/common/org.cryptomator.Cryptomator.metainfo.xml"
- exit 1
- fi
- test:
- name: Compile and Test
- needs: release-check-precondition
- runs-on: ubuntu-latest
- if: "always()
- && (needs.release-check-precondition.result=='success' || needs.release-check-precondition.result=='skipped')
- && !(contains(github.event.head_commit.message, '[ci skip]') || contains(github.event.head_commit.message, '[skip ci]'))"
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-java@v2
- with:
- distribution: 'temurin'
- java-version: ${{ env.JAVA_VERSION }}
- cache: 'maven'
- - name: Cache SonarCloud packages
- uses: actions/cache@v2
- with:
- path: ~/.sonar/cache
- key: ${{ runner.os }}-sonar
- restore-keys: ${{ runner.os }}-sonar
- - name: Build and Test
- run: >
- xvfb-run
- mvn -B verify
- jacoco:report
- org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- -Pcoverage,dependency-check
- -Dsonar.projectKey=cryptomator_cryptomator
- -Dsonar.organization=cryptomator
- -Dsonar.host.url=https://sonarcloud.io
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- - name: Sign source tarball with key 615D449FE6E6A235
- if: startsWith(github.ref, 'refs/tags/')
- run: |
- git archive --prefix="cryptomator-${{ github.ref_name }}/" -o "cryptomator-${{ github.ref_name }}.tar.gz" ${{ github.ref }}
- echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
- echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.tar.gz
- env:
- GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
- GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
- - name: Draft a release
- if: startsWith(github.ref, 'refs/tags/')
- uses: softprops/action-gh-release@v1
- with:
- draft: true
- discussion_category_name: releases
- token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
- generate_release_notes: true
- files: |
- cryptomator-*.tar.gz.asc
- fail_on_unmatched_files: true
- body: |-
- :construction: Work in Progress
-
- ---
|
