fix: local-kms-db maven publishing #499
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run CI | |
| on: | |
| push: | |
| workflow_dispatch: | |
| jobs: | |
| gradle: | |
| outputs: | |
| success: ${{ steps.build.outcome == 'success' }} | |
| strategy: | |
| matrix: | |
| # Removed windows, because build failing with docker network. "bridge" network driver is not supported for Windows containers | |
| # os: [ ubuntu-latest, windows-latest ] | |
| os: [ ubuntu-latest ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| - name: Grant execute permission for Gradlew (Linux/Mac) | |
| if: runner.os != 'Windows' | |
| run: chmod +x ./gradlew | |
| - name: Execute build | |
| id: build | |
| env: | |
| APP_KEY: ${{ secrets.APP_KEY }} | |
| DATASOURCE_USER: ${{ secrets.DATASOURCE_USER }} | |
| DATASOURCE_PASSWORD: ${{ secrets.DATASOURCE_PASSWORD }} | |
| DATASOURCE_URL: ${{ secrets.DATASOURCE_URL }} | |
| LOCAL_KMS_DATASOURCE_USER: ${{ secrets.LOCAL_KMS_DATASOURCE_USER }} | |
| LOCAL_KMS_DATASOURCE_PASSWORD: ${{ secrets.LOCAL_KMS_DATASOURCE_PASSWORD }} | |
| LOCAL_KMS_DATASOURCE_URL: ${{ secrets.LOCAL_KMS_DATASOURCE_URL }} | |
| NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} | |
| NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| KMS_PROVIDER: local | |
| run: | | |
| ./gradlew build | |
| ./gradlew :modules:openapi:jsPublicPackageJson | |
| ./gradlew :modules:openid-federation-common:jsPublicPackageJson | |
| ./gradlew publishJsPackageToNpmjsRegistry | |
| ./gradlew publishAllPublicationsToSphereon-opensourceRepository | |
| auto-tag: | |
| needs: gradle | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| if: github.event_name == 'repository_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true) || (github.event_name == 'push' && needs.gradle.outputs.success == 'true') | |
| permissions: | |
| contents: write | |
| actions: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Get version info | |
| id: get_version_info | |
| run: | | |
| git config --local user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
| git config --local user.name "${GITHUB_ACTOR}" | |
| EVENT_NAME="${{ github.event_name }}" | |
| if [[ "$EVENT_NAME" == "pull_request" ]]; then | |
| BRANCH_NAME="${{ github.event.pull_request.head.ref }}" | |
| else | |
| BRANCH_NAME="${GITHUB_REF#refs/heads/}" | |
| fi | |
| if [[ $BRANCH_NAME == "develop" ]]; then | |
| PREFIX="dev" | |
| elif [[ $BRANCH_NAME == "main" ]]; then | |
| PREFIX="main" | |
| elif [[ $BRANCH_NAME == feature/* ]]; then | |
| PREFIX="feat" | |
| elif [[ $BRANCH_NAME == hotfix/* ]]; then | |
| PREFIX="fix" | |
| elif [[ $BRANCH_NAME == release/* ]]; then | |
| PREFIX="rel" | |
| else | |
| PREFIX="build" | |
| fi | |
| GRADLE_VERSION=$(grep 'version = ' build.gradle.kts | sed 's/.*version = "\(.*\)".*/\1/') | |
| GRADLE_VERSION=${GRADLE_VERSION%-SNAPSHOT} | |
| COMMIT_SHA=$(git rev-parse --short HEAD) | |
| PR_NUMBER=${{ github.event.pull_request.number }} | |
| if [[ -n $PR_NUMBER ]]; then | |
| NEW_VERSION="v${GRADLE_VERSION}-${PREFIX}.pr${PR_NUMBER}.${COMMIT_SHA}" | |
| else | |
| NEW_VERSION="v${GRADLE_VERSION}-${PREFIX}.${COMMIT_SHA}" | |
| fi | |
| echo "new_version=${NEW_VERSION}" >> $GITHUB_OUTPUT | |
| git tag -a ${NEW_VERSION} -m "Release ${NEW_VERSION}" | |
| git push origin ${NEW_VERSION} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |