Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created | |
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path | |
name: Publish to cdoc2-shares-server GitHub Packages Apache Maven (Maven repository) | |
on: | |
release: | |
types: [created] | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
settings-path: ${{ github.workspace }} # location for the settings.xml file | |
# Maven versioning is broken in so many ways (Maven is older than git). In semver you want to increase version only when there | |
# are changes in module. Maven forces to change submodule version even when only change was main pom version change | |
# Here: deploy for each submodule is necessary | |
# to deploy submodules even when main module didn't change | |
- name: Publish to GitHub Packages Apache Maven | |
run: | | |
mvn deploy -s $GITHUB_WORKSPACE/settings.xml | |
mvn -f shared-crypto deploy -Dmaven.test.skip=true -s $GITHUB_WORKSPACE/settings.xml | |
mvn -f server-openapi deploy -Dmaven.test.skip=true -s $GITHUB_WORKSPACE/settings.xml | |
mvn -f server-db deploy -Dmaven.test.skip=true -s $GITHUB_WORKSPACE/settings.xml | |
mvn -f shares-server deploy -Dmaven.test.skip=true -s $GITHUB_WORKSPACE/settings.xml | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
MAVEN_REPO: open-eid/cdoc2-shares-server # maven repo to download dependencies | |
# test if username and password are correct (may still fail if no write access or wrong package name) | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ github.token }} | |
- name: Build Docker/OCI images and publish to GH Container registry (ghcr.io) | |
run: | | |
mvn spring-boot:build-image -f shares-server \ | |
-s $GITHUB_WORKSPACE/settings.xml \ | |
-Dmaven.test.skip=true \ | |
-Dspring-boot.build-image.publish=true \ | |
-Ddocker.publishRegistry.url=${REGISTRY} \ | |
-Ddocker.publishRegistry.username=${USERNAME} \ | |
-Ddocker.publishRegistry.password=${GITHUB_TOKEN} \ | |
-Dspring-boot.build-image | |
.imageName=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/shares-server:${TAG}-${GITHUB_SHA} \ | |
-Dspring-boot.build-image.tags=${REGISTRY}/${GITHUB_REPOSITORY_OWNER}/shares-server:latest | |
env: | |
REGISTRY: ghcr.io | |
USERNAME: ${{ github.actor }} | |
GITHUB_TOKEN: ${{ github.token }} | |
# Note: git tag can contain more symbols than Container registry, allowed for docker tag: | |
# lowercase and uppercase letters, digits, underscores, periods, and hyphens. | |
# Note: imageName tag is built from git tag which can be different from module version | |
TAG: ${{ github.event.release.tag_name }} | |
# use open-eid Maven repo for dependencies download, see pom.xml | |
MAVEN_REPO: open-eid/cdoc2-shares-server | |