Sign upLogin

lowes/auditor

View on GitHub
Star
.github/workflows/gradle-publish.yml

Summary

Maintainability
Test Coverage
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a package using Gradle and then publish it to GitHub packages when a release is created
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#Publishing-using-gradle

name: Gradle Package

on:
  push: 
    branches: [ 'main' ]
    tags: [ 'v*' ]
  pull_request:
    branches: [ 'main' ]

jobs:
  build:
    runs-on: ubuntu-latest 
    environment: PROD
    steps:
    - uses: actions/checkout@v2
    - name: Set up JDK 17
      uses: actions/setup-java@v2
      with:
        java-version: '17'
        distribution: 'temurin'
        server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
        settings-path: ${{ github.workspace }} # location for the settings.xml file
        
    - name: Build on Pull requests or merges
      if: ${{ github.event_name == 'pull_request' || github.event.pull_request.merged == 'true' || github.ref == 'refs/heads/main' }}
      uses: gradle/gradle-build-action@937999e9cc2425eddc7fd62d1053baf041147db7
      with:
        arguments: clean build

    - name: Test & publish code coverage
      if: ${{ github.event.pull_request.merged == 'true' || github.ref == 'refs/heads/main' }}
      uses: paambaati/codeclimate-action@v3.0.0
      env:
        CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
        JACOCO_SOURCE_PATH: ${{github.workspace}}/client/src/main/kotlin
      with:
        coverageLocations: ${{github.workspace}}/client/build/reports/jacoco/test/jacocoTestReport.xml:jacoco

    - name: Assemble binaries on tags
      if: ${{ startsWith(github.ref, 'refs/tags/v') }}
      uses: gradle/gradle-build-action@937999e9cc2425eddc7fd62d1053baf041147db7
      with:
        arguments: clean assemble

    - name: Publish to MavenCentral
      if: ${{ startsWith(github.ref, 'refs/tags/v') }}
      run: |
        export AUDITOR_VERSION=${GITHUB_REF#refs/*/}
        echo $SECRETS_GPG_KEY | base64 -d > secrets-keys.gpg 
        ./gradlew -Dorg.gradle.project.signing.keyId=$SIGNING_KEYID -Dorg.gradle.project.signing.password=$SIGNING_PASSWORD -Dorg.gradle.project.signing.secretKeyRingFile=/home/runner/work/auditor/auditor/secrets-keys.gpg publishAllPublicationsToReleaseRepository
      env: 
        SIGNING_KEYID: ${{ secrets.SIGNING_KEYID }}
        SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
        OSSRH_USER: ${{ secrets.OSSRH_USER }}
        OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
        AUDITOR_VERSION: ${{ steps.tag.outputs.new_tag }}
        SECRETS_GPG_KEY: ${{ secrets.ENCODED_SECRET_GPG_KEY }}