From 9e68bd04b0b9bdda341f580e850910f1f575c77b Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:08:54 +0800 Subject: [PATCH 01/11] add maven release workflow --- .github/workflows/maven-release.yml | 85 +++++++++++++++++++++++++++++ pom.xml | 39 +++++++------ 2 files changed, 104 insertions(+), 20 deletions(-) create mode 100644 .github/workflows/maven-release.yml diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml new file mode 100644 index 00000000..c3e3299c --- /dev/null +++ b/.github/workflows/maven-release.yml @@ -0,0 +1,85 @@ +name: Make release + +on: + pull: + push: + branches: + - master +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: 8 + distribution: 'temurin' + - name: Cache Maven packages + uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build + run: mvn clean verify + + test: + name: Test + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: 8 + distribution: 'temurin' + - name: Cache Maven packages + uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build + run: mvn clean package install -DskipTests=true + - name: Build, test + run: mvn -B test + + publish-OSSRH: + runs-on: ubuntu-latest + name: Publish to Maven Central + needs: test + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - id: install-secret-key + name: Install gpg secret key + run: | + cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import + gpg --list-secret-keys --keyid-format LONG + + - name: Set up Maven Central Repository + uses: actions/setup-java@v3 + with: + java-version: 8 + distribution: 'temurin' + server-id: central + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD + + - name: Publish package + run: mvn -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.OSS_PASSWORD }} deploy + env: + MAVEN_USERNAME: ${{ secrets.OSS_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.OSS_PASSWORD }} diff --git a/pom.xml b/pom.xml index 4b289dc3..271a3597 100644 --- a/pom.xml +++ b/pom.xml @@ -192,11 +192,27 @@ release + + + central + Central Repository OSSRH + https://central.sonatype.com/ + + + central + Central Repository OSSRG Snapshots + https://central.sonatype.com/repository/maven-snapshots/ + + true + + + org.apache.maven.plugins maven-gpg-plugin + 1.5 --pinentry-mode @@ -216,12 +232,12 @@ org.sonatype.central central-publishing-maven-plugin - 0.7.0 + 0.8.0 true - ossrh + central true - published + required @@ -256,18 +272,6 @@ - - org.cyclonedx - cyclonedx-maven-plugin - - - package - - makeAggregateBom - - - - @@ -352,11 +356,6 @@ sonar-maven-plugin 5.1.0.4751 - - org.cyclonedx - cyclonedx-maven-plugin - 2.9.1 - From 62e75de506d7f659980848cb9c33a7c00162db72 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:13:41 +0800 Subject: [PATCH 02/11] use jdk 11 --- .github/workflows/maven-release.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index c3e3299c..61ddc941 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -13,11 +13,11 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Set up JDK 8 + - name: Set up JDK 11 uses: actions/setup-java@v3 with: - java-version: 8 - distribution: 'temurin' + java-version: 11 + distribution: 'zulu' - name: Cache Maven packages uses: actions/cache@v3 with: @@ -35,11 +35,11 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Set up JDK 8 + - name: Set up JDK 11 uses: actions/setup-java@v3 with: - java-version: 8 - distribution: 'temurin' + java-version: 11 + distribution: 'zulu' - name: Cache Maven packages uses: actions/cache@v3 with: @@ -72,8 +72,8 @@ jobs: - name: Set up Maven Central Repository uses: actions/setup-java@v3 with: - java-version: 8 - distribution: 'temurin' + java-version: 11 + distribution: 'zulu' server-id: central server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD From 6305e0315a5c03c99aae8b8f5df87f373e41abec Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:22:20 +0800 Subject: [PATCH 03/11] update workflow --- .github/workflows/maven-release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index 61ddc941..11622dfc 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -2,6 +2,8 @@ name: Make release on: pull: + branches: + - fix-release push: branches: - master From 1be72acb5869e4ae3be84799f253a5f9dd5521cc Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:25:40 +0800 Subject: [PATCH 04/11] fix --- .github/workflows/maven-release.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index 11622dfc..b1409ec5 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -1,9 +1,7 @@ name: Make release on: - pull: - branches: - - fix-release + pull_request: push: branches: - master From 7a09ffae6db5798fcf3dd7879647d01036bae717 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:32:20 +0800 Subject: [PATCH 05/11] skip tests --- .github/workflows/maven-release.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index b1409ec5..d911322b 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -25,7 +25,8 @@ jobs: key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build - run: mvn clean verify + run: mvn clean verify -DskipTests=true + #run: mvn clean verify test: name: Test @@ -48,8 +49,8 @@ jobs: restore-keys: ${{ runner.os }}-m2 - name: Build run: mvn clean package install -DskipTests=true - - name: Build, test - run: mvn -B test + #- name: Build, test + # run: mvn -B test publish-OSSRH: runs-on: ubuntu-latest From d3dd329f2c2fe47befbf2aeda6d9b5f223ffec42 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:41:29 +0800 Subject: [PATCH 06/11] use mvnw --- .github/workflows/maven-release.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index d911322b..ec579e68 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -25,8 +25,8 @@ jobs: key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build - run: mvn clean verify -DskipTests=true - #run: mvn clean verify + run: ./mvnw clean verify -DskipTests=true + #run: ./mvnw clean verify test: name: Test @@ -48,9 +48,9 @@ jobs: key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build - run: mvn clean package install -DskipTests=true + run: ./mvnw clean package install -DskipTests=true #- name: Build, test - # run: mvn -B test + # run: ./mvnw -B test publish-OSSRH: runs-on: ubuntu-latest @@ -80,7 +80,7 @@ jobs: server-password: MAVEN_PASSWORD - name: Publish package - run: mvn -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.OSS_PASSWORD }} deploy + run: ./mvnw -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.OSS_PASSWORD }} deploy env: MAVEN_USERNAME: ${{ secrets.OSS_USERNAME }} MAVEN_PASSWORD: ${{ secrets.OSS_PASSWORD }} From cabe0962eccae0fdba46b4ab474fc2c264ce6595 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:48:24 +0800 Subject: [PATCH 07/11] update --- .github/workflows/maven-release.yml | 30 +++-------------------------- 1 file changed, 3 insertions(+), 27 deletions(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index ec579e68..7cf938eb 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -25,37 +25,13 @@ jobs: key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build - run: ./mvnw clean verify -DskipTests=true - #run: ./mvnw clean verify - - test: - name: Test - needs: build - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 - with: - java-version: 11 - distribution: 'zulu' - - name: Cache Maven packages - uses: actions/cache@v3 - with: - path: ~/.m2 - key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2 - - name: Build - run: ./mvnw clean package install -DskipTests=true - #- name: Build, test - # run: ./mvnw -B test + run: ./mvnw clean install -DskipTests=true + #run: ./mvnw clean install publish-OSSRH: runs-on: ubuntu-latest name: Publish to Maven Central - needs: test + needs: install permissions: contents: read packages: write From e337eb146fb7bad92939da55979932ab460192a1 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:51:45 +0800 Subject: [PATCH 08/11] update --- .github/workflows/maven-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index 7cf938eb..a6960887 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -31,7 +31,7 @@ jobs: publish-OSSRH: runs-on: ubuntu-latest name: Publish to Maven Central - needs: install + needs: build permissions: contents: read packages: write From d6f3a902c50b64d1c6186941390b23ab456bb454 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 10:58:17 +0800 Subject: [PATCH 09/11] fix passphrase --- .github/workflows/maven-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index a6960887..c83ca9da 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -56,7 +56,7 @@ jobs: server-password: MAVEN_PASSWORD - name: Publish package - run: ./mvnw -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.OSS_PASSWORD }} deploy + run: ./mvnw -DskipTests=true --batch-mode -P release -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} deploy env: MAVEN_USERNAME: ${{ secrets.OSS_USERNAME }} MAVEN_PASSWORD: ${{ secrets.OSS_PASSWORD }} From bd27f880eb1402eadc9763fb08ca81dda2f67561 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 11:03:10 +0800 Subject: [PATCH 10/11] skip pull request --- .github/workflows/maven-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven-release.yml b/.github/workflows/maven-release.yml index c83ca9da..0a419f29 100644 --- a/.github/workflows/maven-release.yml +++ b/.github/workflows/maven-release.yml @@ -1,7 +1,6 @@ name: Make release on: - pull_request: push: branches: - master From 5ffa3ddf0daaed9eb892b30c433c2af379949b11 Mon Sep 17 00:00:00 2001 From: William Cheng Date: Thu, 21 Aug 2025 11:30:20 +0800 Subject: [PATCH 11/11] comment out old release workflow --- .github/workflows/maven.yml | 7 +++-- .github/workflows/release.yml | 59 ++++++++++++++++++----------------- 2 files changed, 34 insertions(+), 32 deletions(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 2319723d..19e91868 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -54,6 +54,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: ./mvnw -B -ntp -ff org.sonarsource.scanner.maven:sonar-maven-plugin:sonar - - name: Release Snapshot - if: matrix.java_version == '11' - run: ./mvnw -V -B -ntp -ff deploy + # snapshot releases now handled by maven-release.yml + #- name: Release Snapshot + # if: matrix.java_version == '11' + # run: ./mvnw -V -B -ntp -ff deploy diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bf647481..efe3b269 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,35 +13,36 @@ env: OSS_PASSWORD: ${{ secrets.OSS_PASSWORD }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} jobs: - release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 11 - uses: actions/setup-java@v4 - with: - distribution: 'zulu' - java-version: 11 - cache: 'maven' - # Value of the distributionManagement/repository/id field of the pom.xml - server-id: central - gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} - server-username: OSS_USERNAME - server-password: OSS_PASSWORD - gpg-passphrase: GPG_PASSPHRASE - - name: Setup Git - run: | - git config --global committer.email "noreply@github.com" - git config --global committer.name "GitHub Release" - git config --global author.email "${GITHUB_ACTOR}@users.noreply.github.com" - git config --global author.name "${GITHUB_ACTOR}" - - name: Release - run: ./mvnw -V -B -ntp -Prelease -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform - - name: Rollback on failure - if: ${{ failure() }} - run: | - ./mvnw -B release:rollback -Prelease -Dgpg.passphrase=${{secrets.GPG_PASSPHRASE}} - echo "You may need to manually delete the GitHub tag, if it was created." + # replaced by maven-release.yml + #release: + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v4 + # - name: Set up JDK 11 + # uses: actions/setup-java@v4 + # with: + # distribution: 'zulu' + # java-version: 11 + # cache: 'maven' + # # Value of the distributionManagement/repository/id field of the pom.xml + # server-id: central + # gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} + # server-username: OSS_USERNAME + # server-password: OSS_PASSWORD + # gpg-passphrase: GPG_PASSPHRASE + # - name: Setup Git + # run: | + # git config --global committer.email "noreply@github.com" + # git config --global committer.name "GitHub Release" + # git config --global author.email "${GITHUB_ACTOR}@users.noreply.github.com" + # git config --global author.name "${GITHUB_ACTOR}" + # - name: Release + # run: ./mvnw -V -B -ntp -Prelease -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform + # - name: Rollback on failure + # if: ${{ failure() }} + # run: | + # ./mvnw -B release:rollback -Prelease -Dgpg.passphrase=${{secrets.GPG_PASSPHRASE}} + # echo "You may need to manually delete the GitHub tag, if it was created." docker: needs: release runs-on: ubuntu-latest