Skip to content

Merge pull request #1234 from atlanhq/dependabot/gradle/org.owasp.dep… #1032

Merge pull request #1234 from atlanhq/dependabot/gradle/org.owasp.dep…

Merge pull request #1234 from atlanhq/dependabot/gradle/org.owasp.dep… #1032

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
# Copyright 2022 Atlan Pte. Ltd.
name: "Merge"
on:
push:
branches: [main]
jobs:
merge-build:
runs-on: ubuntu-latest
name: "Merge"
outputs:
version: ${{ steps.get_version.outputs.version }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
- name: Set version
id: get_version
run: |
echo "version=$(./gradlew properties --no-daemon --console=plain -q | grep '^version:' | awk '{printf $2}')" >> $GITHUB_OUTPUT
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- name: Check formatting
run: ./gradlew spotlessCheck
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- name: Build artifacts
run: ./gradlew assemble shadowJar buildZip
env:
GH_USERNAME: ${{ github.actor }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- uses: actions/upload-artifact@v4
with:
name: sdk
path: sdk/build/libs/atlan-java-*-jar-with-dependencies.jar
- uses: actions/upload-artifact@v4
with:
name: package-toolkit-config
path: package-toolkit/config/build/libs/package-toolkit-config-*-jar-with-dependencies.jar
- uses: actions/upload-artifact@v4
with:
name: typedef-toolkit-config
path: typedef-toolkit/model/build/libs/typedef-toolkit-model-*-jar-with-dependencies.jar
- uses: actions/upload-artifact@v4
with:
name: package-toolkit-runtime
path: package-toolkit/runtime/build/libs/package-toolkit-runtime-*-jar-with-dependencies.jar
- uses: actions/upload-artifact@v4
with:
name: api-token-connection-admin
path: jars/api-token-connection-admin-*.jar
- uses: actions/upload-artifact@v4
with:
name: admin-export
path: jars/admin-export-*.jar
- uses: actions/upload-artifact@v4
with:
name: adoption-export
path: jars/adoption-export-*.jar
- uses: actions/upload-artifact@v4
with:
name: asset-export-basic
path: jars/asset-export-basic-*.jar
- uses: actions/upload-artifact@v4
with:
name: asset-import
path: jars/asset-import-*.jar
- uses: actions/upload-artifact@v4
with:
name: cube-assets-builder
path: jars/cube-assets-builder-*.jar
- uses: actions/upload-artifact@v4
with:
name: custom-metadata-extender
path: jars/custom-metadata-extender-*.jar
- uses: actions/upload-artifact@v4
with:
name: duplicate-detector
path: jars/duplicate-detector-*.jar
- uses: actions/upload-artifact@v4
with:
name: enrichment-migrator
path: jars/enrichment-migrator-*.jar
- uses: actions/upload-artifact@v4
with:
name: lake-formation-tag-sync
path: jars/lake-formation-tag-sync-*.jar
- uses: actions/upload-artifact@v4
with:
name: lineage-builder
path: jars/lineage-builder-*.jar
- uses: actions/upload-artifact@v4
with:
name: metadata-impact-report
path: jars/metadata-impact-report-*.jar
- uses: actions/upload-artifact@v4
with:
name: openapi-spec-loader
path: jars/openapi-spec-loader-*.jar
- uses: actions/upload-artifact@v4
with:
name: owner-propagator
path: jars/owner-propagator-*.jar
- uses: actions/upload-artifact@v4
with:
name: relational-assets-builder
path: jars/relational-assets-builder-*.jar
- uses: actions/upload-artifact@v4
with:
name: tests-cleanup
path: jars/tests-cleanup-*.jar
- uses: actions/upload-artifact@v4
with:
name: lambda-layer
path: sdk/build/distributions/sdk-*.zip
publish-docs:
runs-on: ubuntu-latest
name: "JavaDocs"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
- name: Publish Javadoc
run: |
./gradlew gitPublishPush --stacktrace --info -Dorg.gradle.jvmargs="-Xms512m -Xmx2g -XX:MaxMetaspaceSize=512m"
env:
GIT_AUTHOR_NAME: "GitHub Actions Bot"
GIT_AUTHOR_EMAIL: "github-actions[bot]@users.noreply.github.com"
GH_USERNAME: ${{ github.actor }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GRGIT_USER: ${{ github.actor }}
GRGIT_PASS: ${{ secrets.GITHUB_TOKEN }}
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
publish-snapshot:
runs-on: ubuntu-latest
name: "Snapshot"
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
- name: Configure GPG key
run: |
set -ex
echo $GPG_SIGNING_PRIVKEY | base64 --decode | gpg --import --batch --yes --pinentry-mode loopback --passphrase "$GPG_SIGNING_PASSPHRASE"
env:
GPG_SIGNING_PRIVKEY: ${{ secrets.GPG_SIGNING_PRIVKEY }}
GPG_SIGNING_PASSPHRASE: ${{ secrets.GPG_SIGNING_PASSPHRASE }}
- name: Publish package
run: |
./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository -Dorg.gradle.project.sonatypeUsername=$SONATYPE_USER -Dorg.gradle.project.sonatypePassword=$SONATYPE_TOKEN -Dorg.gradle.project.signing.gnupg.keyName=$GPG_SIGNING_KEYID -Dorg.gradle.project.signing.gnupg.passphrase=$GPG_SIGNING_PASSPHRASE
env:
GH_USERNAME: ${{ github.actor }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
SONATYPE_TOKEN: ${{ secrets.SONATYPE_TOKEN }}
GPG_SIGNING_KEYID: ${{ secrets.GPG_SIGNING_KEYID }}
GPG_SIGNING_PASSPHRASE: ${{ secrets.GPG_SIGNING_PASSPHRASE }}
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
publish-base-image:
needs: merge-build
runs-on: ubuntu-latest
name: "Base image"
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- name: Log in to container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create assembly area
run: |
mkdir -p ./containers/base/assembly
- uses: actions/download-artifact@v4
with:
name: sdk
path: ./containers/base/assembly
- uses: actions/download-artifact@v4
with:
name: package-toolkit-runtime
path: ./containers/base/assembly
- name: Build and publish container image
if: ${{ github.ref == 'refs/heads/main'}}
uses: docker/build-push-action@v6
with:
push: true
tags: ghcr.io/atlanhq/atlan-java:${{ needs.merge-build.outputs.version }}, ghcr.io/atlanhq/atlan-java:latest
context: ./containers/base
platforms: linux/amd64
custom-package-images:
strategy:
matrix:
package_name:
- api-token-connection-admin
- admin-export
- adoption-export
- asset-export-basic
- asset-import
- cube-assets-builder
- custom-metadata-extender
- duplicate-detector
- enrichment-migrator
- lake-formation-tag-sync
- lineage-builder
- metadata-impact-report
- openapi-spec-loader
- owner-propagator
- relational-assets-builder
- tests-cleanup
needs:
- merge-build
- publish-base-image
uses: atlanhq/atlan-java/.github/workflows/custom-package-container.yml@main
with:
package_name: ${{ matrix.package_name }}
version: ${{ needs.merge-build.outputs.version }}