Write settings.xml to root user's home dir, not $HOME #20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Java CI with Maven/Tycho | |
| on: | |
| push: | |
| branches-ignore: | |
| - main | |
| - master | |
| pull_request: | |
| branches: | |
| - develop | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| GITHUB_ACTOR: ${{ github.actor }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| container: | |
| image: ghcr.io/${{ github.repository }}:graphviz-11.0.0 | |
| credentials: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Set up settings.xml for Maven and GitHub packages access | |
| run: | | |
| mkdir -p /root/.m2 | |
| cat > /root/.m2/settings.xml <<EOF | |
| <settings> | |
| <servers> | |
| <server> | |
| <id>github-packages-flexmark</id> | |
| <username>${GITHUB_ACTOR}</username> | |
| <password>${GITHUB_TOKEN}</password> | |
| </server> | |
| <server> | |
| <id>github-packages-markdown-core</id> | |
| <username>${GITHUB_ACTOR}</username> | |
| <password>${GITHUB_TOKEN}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| # - name: Check user and working dir | |
| # run: whoami; pwd | |
| - name: Check if settings.xml exists | |
| run: find /root/.m2/ -type f -name "settings.xml" | |
| # - name: Check token in settings.xml is expanded | |
| # run: grep -q GITHUB_TOKEN ~/.m2/settings.xml && echo "literal token expression found (bad)" || echo "no literal expression — expanded" | |
| # - name: Check token in settings.xml is expanded | |
| # run: grep -q "<password></password>" ~/.m2/settings.xml && echo "empty token found (bad)" || echo "token not empty (good)" | |
| # - name: Check username in settings.xml is expanded | |
| # run: grep "<username>" ~/.m2/settings.xml | |
| # - name: Quick auth test against GitHub Packages | |
| # run: | | |
| # curl -v -u "${GITHUB_ACTOR}:${GITHUB_TOKEN}" -I -L \ | |
| # "https://maven.pkg.github.com/advantest/markdown-core/com/advantest/markdown/markdown-core/1.0.10-20251110-1607/markdown-core-1.0.10-20251110-1607.pom" | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| - name: Build with Maven/Tycho | |
| # -U means update snapshots (needed, since we might depend on a markdown-core SNAPSHOT version) | |
| run: mvn -B clean verify --file pom.xml -U -Dcode-coverage | |
| # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive | |
| #- name: Update dependency graph | |
| # uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6 | |
| # see https://github.com/uhafner/quality-monitor | |
| # - name: Run quality monitor | |
| # uses: uhafner/quality-monitor@v1 | |
| # with: | |
| # config: > | |
| # { | |
| # "tests": { | |
| # "name": "JUnit", | |
| # "tools": [ | |
| # { | |
| # "id": "test", | |
| # "name": "Unittests", | |
| # "pattern": "**/target/*-reports/TEST*.xml" | |
| # } | |
| # ] | |
| # }, | |
| # "coverage": [ | |
| # { | |
| # "name": "JaCoCo", | |
| # "tools": [ | |
| # { | |
| # "id": "jacoco", | |
| # "name": "Line Coverage", | |
| # "metric": "line", | |
| # "sourcePath": "src", | |
| # "pattern": "**/jacoco.xml" | |
| # }, | |
| # { | |
| # "id": "jacoco", | |
| # "name": "Branch Coverage", | |
| # "metric": "branch", | |
| # "sourcePath": "src", | |
| # "pattern": "**/jacoco.xml" | |
| # } | |
| # ] | |
| # } | |
| # ] | |
| # } |