Skip to content
Maven CI/CD Workflow

Merge pull request #1157 from Norconex/bugfix/maxdocs-resume #596

Sign in to view logs

Merge pull request #1157 from Norconex/bugfix/maxdocs-resume

Merge pull request #1157 from Norconex/bugfix/maxdocs-resume #596

Workflow file for this run

.github/workflows/maven-ci-cd.yaml at 7c43a67
#-------------------------------------------------------------------------------
# Copyright 2023-2024 Norconex Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#-------------------------------------------------------------------------------
# This workflow automates the continuous integration (CI) and
# continuous delivery (CD) process for the Maven project. It includes
# building, testing, and analyzing changes in pull requests, as well
# as deploying snapshot releases to artifact repositories upon
# pushes to the main branch. The workflow ensures that code changes
# are validated and deployed efficiently, maintaining the project's
# quality and reliability.
name: Maven CI/CD Workflow
on:
push:
branches:
- main
- release/*
# Only run this workflow if one or more files were changed and not part of
# 'paths-ignore'.
paths-ignore:
- ./V4_MIGRATION.md
- '**/README.md'
- '**/TODO.txt'
pull_request:
branches:
- '*'
types: [opened, synchronize, reopened]
# Unfortunately GitHub actions does not yet support Yaml anchors and aliases
# so we have to repeat the paths-ignore here.
paths-ignore:
- ./V4_MIGRATION.md
- '**/README.md'
- '**/TODO.txt'
jobs:
build:
runs-on: ubuntu-latest
# Env. vars. defined here are available to all steps.
env:
SHOULD_DEPLOY: ${{ github.repository == 'Norconex/crawlers' && github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/')) }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
permissions:
id-token: write
# write is required to publish the dependency graph
contents: write
# write is required to publish our snapshots to GitHub Packages
packages: write
steps:
- run: |
echo "Should deploy: ${{ env.SHOULD_DEPLOY }}"
#--- Step ------------------------------------------------------------------
- name: Checkout code
uses: actions/checkout@v4
with:
# depth 0 means checkout all commits... we need that
# in case there are many commits in a push/PR
fetch-depth: 0
#--- Step ------------------------------------------------------------------
- name: Get project version
id: get_version
run: |
version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "version=$version" >> $GITHUB_OUTPUT
#--- Step ------------------------------------------------------------------
- name: Merge main|release into PR branch
if: >
github.event_name == 'pull_request' && (
github.event.pull_request.base.ref == 'main' ||
startsWith(github.event.pull_request.base.ref, 'release/')
)
run: git merge --ff-only "origin/${{ github.event.pull_request.base.ref }}"
#--- Step ------------------------------------------------------------------
- name: Cache Maven installation
id: cache-maven
uses: actions/cache@v4
with:
path: /opt/maven
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
#--- Step ------------------------------------------------------------------
- name: Install recent Maven
if: ${{ steps.cache-maven.outputs.cache-hit != 'true' }}
run: |
MAVEN_VERSION=3.9.10
if [ ! -d "/opt/maven/apache-maven-$MAVEN_VERSION" ]; then
wget https://downloads.apache.org/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz
tar xzvf apache-maven-$MAVEN_VERSION-bin.tar.gz
sudo mkdir -p /opt/maven
sudo mv apache-maven-$MAVEN_VERSION /opt/maven/
rm apache-maven-$MAVEN_VERSION-bin.tar.gz
fi
sudo rm -f /usr/bin/mvn
sudo ln -sf /opt/maven/apache-maven-$MAVEN_VERSION/bin/mvn /usr/bin/mvn
#--- Step ------------------------------------------------------------------
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
# Maven servers are configured in the settings.xml in the next step.
# Value of the GPG private key to import
gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
# Env variable name for GPG private key passphrase
gpg-passphrase: MAVEN_GPG_PASSPHRASE
- run: mvn --version
#--- Step ------------------------------------------------------------------
- name: Generate Maven settings.xml with multiple servers
uses: s4u/[email protected]
with:
# adds a "github" server entry to the settings.xml
githubServer: true
# ids must match the server IDs in the pom.xml
servers: |
[
{
"id": "central",
"username": "${{ secrets.OSSRH_USERNAME }}",
"password": "${{ secrets.OSSRH_TOKEN }}"
}
]
#--- Step ------------------------------------------------------------------
- name: Debug Maven settings location
run: |
echo "MAVEN_CONFIG: $MAVEN_CONFIG"
echo "MAVEN_SETTINGS_PATH: $MAVEN_SETTINGS_PATH"
echo "Default settings.xml:"
cat ~/.m2/settings.xml || echo "Not found"
#--- Step ------------------------------------------------------------------
- name: Cache Maven repository
uses: actions/cache@v4
with:
path: |
~/.m2/repository
!~/.m2/repository/com/norconex
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
${{ runner.os }}-maven-
#--- Step ------------------------------------------------------------------
- name: Cache SonarCloud analysis
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
#--- Step ------------------------------------------------------------------
# Resolving before other mvn commands will fail early if there is an issue.
# Downloaded items won't be downloaded again in this workflow.
# We use :go-offline instead of :resolve so it does not fail if our own
# internal dependencies are not yet found on central.
- name: Resolve Maven Dependencies
run: |
mvn dependency:go-offline -U \
-Dmaven.wagon.rss.buffer.size=2048 \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
#--- Step ------------------------------------------------------------------
- name: Show Maven Dependency Tree
run: mvn dependency:tree -Dverbose
#--- Step ------------------------------------------------------------------
# Node, Sonar does not work well or as expected with -pl -am so
# we build all each time.
- name: Build, Test, and Deploy (Snapshot or Release)
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" && "${{ steps.get_version.outputs.version }}" == *-SNAPSHOT ]]; then
echo "Publishing SNAPSHOT to GitHub Packages"
mvn clean deploy -Pgithub-snapshots \
-Dgpg.skip=true \
-Dmaven.javadoc.skip=true \
-Dmaven.wagon.rss.buffer.size=2048 \
-Dlog4j.configurationFile=${{ github.workspace }}/.github/log4j2-ci.xml \
-Dorg.apache.logging.log4j.debug=true \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-Pjacoco \
-C \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.verbose=false \
-B
elif [[ "${{ github.ref }}" == refs/heads/release/* && "${{ steps.get_version.outputs.version }}" != *-SNAPSHOT ]]; then
echo "Publishing RELEASE to Maven Central"
mvn clean deploy \
-Dmaven.compiler.maxmem=3072m \
-DargLine="-Xmx3g" \
-Dmaven.javadoc.skip=true \
-Dmaven.wagon.rss.buffer.size=2048 \
-Dlog4j.configurationFile=${{ github.workspace }}/.github/log4j2-ci.xml \
-Dorg.apache.logging.log4j.debug=true \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-Pjacoco \
-C \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.verbose=false \
-B
else
echo "Not a deploy branch or version, running install only"
mvn clean install \
-Dmaven.compiler.maxmem=3072m \
-DargLine="-Xmx3g" \
-Dmaven.javadoc.skip=true \
-Dmaven.wagon.rss.buffer.size=2048 \
-Dlog4j.configurationFile=${{ github.workspace }}/.github/log4j2-ci.xml \
-Dorg.apache.logging.log4j.debug=true \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-Pjacoco \
-C \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.verbose=false \
-B
fi
env:
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
#--- Step ------------------------------------------------------------------
- name: Tag release version
if: |
github.ref != 'refs/heads/main' &&
startsWith(github.ref, 'refs/heads/release/') &&
steps.get_version.outputs.version != '' &&
!endsWith(steps.get_version.outputs.version, '-SNAPSHOT') &&
success()
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git tag "v${{ steps.get_version.outputs.version }}"
git push origin "v${{ steps.get_version.outputs.version }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
#--- Step ------------------------------------------------------------------
# Uploads the full dependency graph to GitHub to improve the quality
# of Dependabot alerts this repository can receive
- name: Update Maven dependency graph
if: ${{ env.SHOULD_DEPLOY == 'true' }}
uses: advanced-security/maven-dependency-submission-action@v4