Update README.md (#197) #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yamllint --format github .github/workflows/deploy.yml | |
--- | |
name: deploy | |
# We deploy on master and release versions, regardless of if the commit is | |
# documentation-only or not. | |
# | |
# See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet | |
on: | |
push: | |
# Don't deploy tags as they conflict with [maven-release-plugin] prepare release MAJOR.MINOR.PATCH | |
tags: '' | |
branches: master | |
jobs: | |
deploy: | |
runs-on: ubuntu-20.04 # newest available distribution, aka focal | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 # only needed to get the sha label | |
- name: Cache local Maven repository | |
uses: actions/cache@v2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-maven- | |
# We can't cache Docker without using buildx because GH actions restricts /var/lib/docker | |
# That's ok because DOCKER_PARENT_IMAGE is always ghcr.io and local anyway. | |
- name: Deploy | |
env: | |
# GH_USER=<user that created GH_TOKEN> | |
GH_USER: ${{ secrets.GH_USER }} | |
# GH_TOKEN=<hex token value> | |
# - pushes Docker images to ghcr.io | |
# - create via https://github.com/settings/tokens | |
# - needs repo:status, public_repo, write:packages, delete:packages | |
GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} | |
# GPG_PASSPHRASE=<passphrase for GPG_SIGNING_KEY> | |
# - referenced in .settings.xml | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
# SONATYPE_USER=<sonatype account token> | |
# - deploys snapshots and releases to Sonatype | |
# - needs access to io.zipkin via https://issues.sonatype.org/browse/OSSRH-16669 | |
# - generate via https://oss.sonatype.org/#profile;User%20Token | |
# - referenced in .settings.xml | |
SONATYPE_USER: ${{ secrets.SONATYPE_USER }} | |
# SONATYPE_PASSWORD=<password to sonatype account token> | |
# - referenced in .settings.xml | |
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
# DOCKERHUB_USER=<typically dockerzipkindeployer> | |
# - only push top-level projects: zipkin zipkin-aws zipkin-dependencies zipkin-aws to Docker Hub, only on release | |
# - login like this: echo "$DOCKERHUB_TOKEN"| docker login -u "$DOCKERHUB_USER" --password-stdin | |
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }} | |
# DOCKERHUB_TOKEN=<access token for DOCKERHUB_USER> | |
# - Access Token from here https://hub.docker.com/settings/security | |
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
run: | # GITHUB_REF will be refs/heads/master or refs/tags/MAJOR.MINOR.PATCH | |
build-bin/configure_deploy && | |
build-bin/deploy $(echo ${GITHUB_REF} | cut -d/ -f 3) |