red6/dmn-check

View on GitHub
.github/workflows/publish.yml

Summary

Maintainability
Test Coverage
name: Publish packages to the Maven Central Repository
on:
  push:
    tags:
      - '*'
jobs:
  create_staging_repository:
    runs-on: ubuntu-latest
    name: Create staging repository
    outputs:
      repository_id: ${{ steps.create.outputs.repository_id }}
    steps:
      - id: create
        uses: nexus-actions/create-nexus-staging-repo@v1.2
        with:
          # The username you use to connect to Sonatype's Jira
          username: ${{ secrets.OSSRH_USERNAME }}
          password: ${{ secrets.OSSRH_TOKEN }}
          # Your staging profile ID. You can get it at https://oss.sonatype.org/#stagingProfiles;$staginProfileId
          staging_profile_id: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }}
          description: Created by Github Action

  publish-dmn-check:
    runs-on: ubuntu-latest
    needs: create_staging_repository
    steps:
      - uses: actions/checkout@v4
      - name: Set up Maven Central Repository
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'adopt'
          cache: maven
          server-id: ossrh
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD

      - id: install-secret-key
        name: Install gpg secret key
        run: |
          cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
          gpg --list-secret-keys --keyid-format LONG

      - name: Publish package
        run: |
          mvn clean install deploy \
            --batch-mode \
            --update-snapshots \
            --activate-profiles release \
            -DstagingRepositoryId=${{ needs.create_staging_repository.outputs.repository_id }} \
            -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
        env:
          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}

  publish-gradle-plugin:
    runs-on: ubuntu-latest
    needs: publish-dmn-check
    steps:
      - uses: actions/checkout@v4
      - name: Set up Java
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'adopt'
          cache: maven
      - name: Publish package
        # Note that until #19 is done, the publishToSonatype closeAndReleaseSonatypeStagingRepository tasks have to be executed in the same Gradle invocation because closeAndRelease relies on information that is not persisted between calls to Gradle.
        # https://github.com/gradle-nexus/publish-plugin
        run: cd gradle-plugin && ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository
        env:
          ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.OSSRH_USERNAME }}
          ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.OSSRH_TOKEN }}
          ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
          ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_KEY_NEW }}

  finalize:
    runs-on: ubuntu-latest
    needs: [create_staging_repository, publish-dmn-check, publish-gradle-plugin]
    if: ${{ always() && needs.create_staging_repository.result == 'success' }}
    steps:
      - name: Discard
        if: ${{ needs.publish-dmn-check.result != 'success' || needs.publish-gradle-plugin.result != 'success' }}
        uses: nexus-actions/drop-nexus-staging-repo@v1
        with:
          username: ${{ secrets.OSSRH_USERNAME }}
          password: ${{ secrets.OSSRH_TOKEN }}
          staging_repository_id: ${{ needs.create_staging_repository.outputs.repository_id }}
      - name: Release
        if: ${{ needs.publish-dmn-check.result == 'success' && needs.publish-gradle-plugin.result == 'success' }}
        uses: nexus-actions/release-nexus-staging-repo@v1.2
        with:
          username: ${{ secrets.OSSRH_USERNAME }}
          password: ${{ secrets.OSSRH_TOKEN }}
          staging_repository_id: ${{ needs.create_staging_repository.outputs.repository_id }}