Skip to content

Commit 77abbb5

Browse files
BernhardFuchsBernhardFuchs
authored
ci: use centralised maven workflows with secret inherit (#54)
1 parent b574f50 commit 77abbb5

File tree

2 files changed

+13
-73
lines changed

2 files changed

+13
-73
lines changed

.github/workflows/maven-release.yml

Lines changed: 7 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ name: Maven release
33
on:
44
workflow_dispatch:
55
inputs:
6-
version-core:
6+
release_type:
77
description: 'Major, Minor or Patch release'
88
type: choice
99
required: true
@@ -14,44 +14,9 @@ on:
1414
- "patch"
1515

1616
jobs:
17-
build:
18-
runs-on: ubuntu-latest
19-
steps:
20-
- uses: actions/checkout@master
21-
22-
- name: Import Secrets
23-
uses: hashicorp/[email protected]
24-
with:
25-
url: ${{ secrets.VAULT_ADDR }}
26-
token: ${{ secrets.CI_SECRET_READER_PERIODIC_TOKEN }}
27-
caCertificate: ${{ secrets.VAULTCA }}
28-
secrets: |
29-
ci/data/gh-workflows/maven-danubetech-nexus username | MAVEN_USERNAME ;
30-
ci/data/gh-workflows/maven-danubetech-nexus password | MAVEN_PASSWORD ;
31-
ci/data/gh-workflows/maven-release-workflow token | TOKEN
32-
33-
- name: Release to Danubetech Nexus
34-
uses: BernhardFuchs/docker-maven-release@use-dynamic-input
35-
with:
36-
release-branch-name: main
37-
maven-repo-server-id: danubetech-maven-releases
38-
maven-repo-server-username: ${{ env.MAVEN_USERNAME }}
39-
maven-repo-server-password: ${{ env.MAVEN_PASSWORD }}
40-
access-token: ${{ env.TOKEN }}
41-
version-core: ${{ github.event.inputs.version-core }}
42-
maven-development-version-format-minor: ${parsedVersion.majorVersion}.${parsedVersion.nextMinorVersion}-SNAPSHOT
43-
maven-development-version-format-major: ${parsedVersion.nextMajorVersion}.1-SNAPSHOT
44-
maven-release-version-format-minor: ${parsedVersion.majorVersion}.${parsedVersion.minorVersion}.0
45-
maven-release-version-format-major: ${parsedVersion.nextMajorVersion}.0.0
46-
git-release-bot-name: "admin-bot"
47-
git-release-bot-email: "[email protected]"
48-
maven-args: "-Dmaven.javadoc.skip=true -DskipITs"
49-
50-
- name: Slack notification
51-
if: failure()
52-
uses: 8398a7/action-slack@v3
53-
with:
54-
status: ${{ job.status }}
55-
fields: repo,commit,action,eventName,ref,workflow
56-
env:
57-
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
17+
maven-release:
18+
uses: danubetech/workflows/.github/workflows/maven-release.yml@main
19+
with:
20+
MAVEN_REPO_SERVER_ID: 'danubetech-maven-releases'
21+
RELEASE_TYPE: ${{ github.event.inputs.release_type }}
22+
secrets: inherit

.github/workflows/maven-snapshot.yml

Lines changed: 6 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -7,37 +7,12 @@ on:
77
- 'README.md'
88
- 'LICENSE'
99
- 'docs'
10-
branches: [main]
10+
branches: [ main ]
1111
workflow_dispatch:
1212

1313
jobs:
14-
build:
15-
runs-on: ubuntu-latest
16-
steps:
17-
- uses: actions/checkout@master
18-
- name: Import Secrets
19-
uses: hashicorp/[email protected]
20-
with:
21-
url: ${{ secrets.VAULT_ADDR }}
22-
token: ${{ secrets.CI_SECRET_READER_PERIODIC_TOKEN }}
23-
caCertificate: ${{ secrets.VAULTCA }}
24-
secrets: |
25-
ci/data/gh-workflows/maven-danubetech-nexus username | MAVEN_USERNAME ;
26-
ci/data/gh-workflows/maven-danubetech-nexus password | MAVEN_PASSWORD
27-
28-
- name: Run maven deploy action
29-
uses: danubetech/github-action-maven-deploy@master
30-
with:
31-
server_id: danubetech-maven-snapshots
32-
env:
33-
MAVEN_USERNAME: ${{ env.MAVEN_USERNAME }}
34-
MAVEN_PASSWORD: ${{ env.MAVEN_PASSWORD }}
35-
36-
- name: Slack notification
37-
if: failure()
38-
uses: 8398a7/action-slack@v3
39-
with:
40-
status: ${{ job.status }}
41-
fields: repo,commit,action,eventName,ref,workflow
42-
env:
43-
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
14+
maven-snapshot:
15+
uses: danubetech/workflows/.github/workflows/maven-snapshot.yml@main
16+
with:
17+
MAVEN_REPO_SERVER_ID: 'danubetech-maven-snapshots'
18+
secrets: inherit

0 commit comments

Comments
 (0)