dont release before scan success #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build and publish to the Maven Central Repository | |
| on: | |
| workflow_dispatch: | |
| release: | |
| types: | |
| - created | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| - releases/** | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: setup gpg key | |
| id: gpg | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
| fingerprint: ${{ vars.GPG_SIGNING_KEY_ID }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| git_config_global: true | |
| - uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: corretto | |
| cache: maven | |
| gpg-passphrase: MAVEN_GPG_PASSPHRASE | |
| - name: Build Package | |
| run: mvn --batch-mode --no-transfer-progress install -Prelease | |
| env: | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| # - name: Test with or without coverage | |
| # - name: Store test results | |
| # - name: Check test results | |
| - name: Build Results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: maven-distro | |
| retention-days: 1 | |
| path: | | |
| target | |
| !target/apidocs/** | |
| !target/classes/** | |
| !target/test-classes/** | |
| !target/maven-archiver/** | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: scan | |
| uses: JetBrains/qodana-action@v2023.2 | |
| env: | |
| QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} | |
| release: | |
| if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master' | |
| runs-on: ubuntu-latest | |
| needs: [build, scan] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: maven-distro | |
| - name: Setup Maven Central | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: corretto | |
| cache: maven | |
| server-id: ossrh | |
| server-username: MAVEN_USERNAME | |
| server-password: MAVEN_PASSWORD | |
| - name: Publish Package | |
| run: mvn --batch-mode --no-transfer-progress deploy -Prelease | |
| env: | |
| MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
| MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} |