OPE-843 Moving to github actions

Author: lukasz-jarocki-sonarsource

.github/workflows/private-prod.yml

@@ -0,0 +1,47 @@
+name: Private Production Update Center
+
+on:
+  workflow_dispatch:
+
+jobs:
+  generate-update-center-prod:
+    runs-on: sonar-runner-large
+    environment: production
+    steps:
+      - name: Checkout
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+      - name: Setup Mise
+        uses: jdx/mise-action@c37c93293d6b742fc901e1406b8f764f6fb19dac # v2.4.4
+        with:
+          version: 2025.7.12
+      - name: Vault Secrets
+        id: secrets
+        uses: SonarSource/vault-action-wrapper@320bd31b03e5dacaac6be51bbbb15adf7caccc32 # v3.1.0
+        with:
+          paths: |
+            development/artifactory/token/${{ github.repository_owner }}-${{ github.event.repository.name }}-public-reader
+            development/aws/sts/downloads
+            development/kv/data/repox
+      - name: Prepare Maven Settings
+        run: cp ~/.m2/settings-public-auth.xml ~/.m2/settings.xml
+      - name: Generate Update Center Metadata
+        run: |
+          source po-generate-update-center-prod/generate.sh
+          source po-generate-update-center-prod/prepare_transfer_dir.sh
+      - name: Upload Metadata
+        if: always() && ! canceled()
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        with:
+          name: update-center-prod
+          path: target/update-center/json/*.json
+      - name: Upload to S3
+        run: po-generate-update-center-prod/upload.sh
+        env:
+          AWS_ACCESS_KEY_ID: ${{ fromJSON(steps.secrets.outputs.vault).AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ fromJSON(steps.secrets.outputs.vault).AWS_SECRET_ACCESS_KEY }}
+          AWS_SESSION_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).AWS_SESSION_TOKEN }}
+          S3_BUCKET: downloads-cdn-eu-central-1-prod
+          AWS_DEFAULT_REGION: eu-central-1
+          ARTIFACTORY_URL: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_URL }}
+          ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
+

.github/workflows/public-build.yml

@@ -0,0 +1,30 @@
+name: Public Build
+
+on:
+  pull_request:
+    branches:
+      - '**'
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04-large
+    steps:
+      - name: Checkout
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
+      - name: Setup Mise
+        uses: jdx/mise-action@c37c93293d6b742fc901e1406b8f764f6fb19dac # v2.4.4
+        with:
+          version: 2025.7.12
+      - name: Maven Build & Validate
+        run: |
+          mvn org.sonarsource.update-center:sonar-update-center-mojo:1.35.0.2835:generate-metadata \
+            -DinputFile=update-center-source.properties \
+            -DvalidateOnly=true \
+            -DoutputDir=/tmp
+      - name: Upload Metadata
+        if: always() && ! canceled()
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        with:
+          name: update-center-metadata
+          path: /tmp
+

README.md

@@ -1,5 +1,5 @@
 # Sonar Update Center Properties
-
+[![Build Status](https://github.com/SonarSource/sonar-update-center-properties/actions/workflows/public-build.yml/badge.svg?branch=master)](https://github.com/SonarSource/sonar-update-center-properties/actions/workflows/public-build.yml)
 This allows you to deploy a plugin to the [SonarQube Marketplace](https://docs.sonarqube.org/latest/instance-administration/marketplace/).
 
 [Read here for more information](https://community.sonarsource.com/t/deploying-to-the-marketplace/35236).