-
Notifications
You must be signed in to change notification settings - Fork 1
110 lines (103 loc) · 3.81 KB
/
push.yml
File metadata and controls
110 lines (103 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: Build and push
on:
push:
branches:
- master
pull_request:
branches:
- master
jobs:
maven-verify:
env:
JFROG_USER: ${{ secrets.ARTIFACTORY_AUTH_USER }}
JFROG_PASS: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }}
runs-on: ubuntu-24.04
permissions:
contents: read
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Copy maven settings
run: |
wget https://raw.githubusercontent.com/entur/ror-maven-settings/master/.m2/settings.xml -O .github/workflows/settings.xml
- uses: actions/setup-java@v5
with:
java-version: 21
distribution: temurin
- name: Cache Maven dependencies
uses: actions/cache@v5
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
${{ runner.os }}-maven-
${{ runner.os }}-
- name: Run maven build
run: mvn verify -s .github/workflows/settings.xml
- name: Check OpenAPI spec is up-to-date
run: |
if git diff --exit-code src/main/resources/public/openapi.json; then
echo "OpenAPI spec is up-to-date"
else
echo "Error: OpenAPI spec has changes. Please run 'mvn verify' locally and commit the updated openapi.json file."
exit 1
fi
- name: Check for breaking API changes
if: github.event_name == 'pull_request'
uses: oasdiff/oasdiff-action/breaking@v0.0.36
with:
base: 'origin/${{ github.base_ref }}:src/main/resources/public/openapi.json'
revision: 'HEAD:src/main/resources/public/openapi.json'
fail-on: ERR
- name: Sonar Scan
env:
SONAR_TOKEN: ${{ secrets.ENTUR_SONAR_PASSWORD }}
SONAR_PROJECT_NAME: ${{ github.event.repository.name }}
SONAR_PROJECT_KEY: entur_${{ github.event.repository.name }}
run: |
mvn -s .github/workflows/settings.xml \
org.jacoco:jacoco-maven-plugin:prepare-agent verify \
org.jacoco:jacoco-maven-plugin:report sonar:sonar \
-Dmaven.main.skip \
-DskipTests \
-Dsonar.projectKey=${SONAR_PROJECT_KEY} \
-Dsonar.organization=enturas-github \
-Dsonar.projectName=${SONAR_PROJECT_NAME} \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.token=${SONAR_TOKEN}
- uses: actions/upload-artifact@v4.6.2
with:
name: target
path: target
- uses: actions/upload-artifact@v4.6.2
with:
name: apispec
path: src/main/resources/public/openapi.json
openapi-lint:
needs: [maven-verify]
uses: entur/gha-api/.github/workflows/lint.yml@v4
secrets: inherit
with:
artifact: apispec
artifact_contents: openapi.json
upload_to_bucket: ${{ github.repository_owner == 'entur' && github.event_name == 'push' && github.ref == 'refs/heads/master' }}
openapi-publish:
if: github.repository_owner == 'entur' && github.event_name == 'push' && github.ref == 'refs/heads/master'
needs: [ openapi-lint ]
uses: entur/gha-api/.github/workflows/publish.yml@v4
secrets: inherit
with:
visibility: 'public'
spec: 'src/main/resources/public/openapi.json'
docker-build:
if: github.repository_owner == 'entur' && github.event_name == 'push' && github.ref == 'refs/heads/master'
needs: [maven-verify]
uses: entur/gha-docker/.github/workflows/build.yml@v1
with:
build_artifact_name: target
build_artifact_path: target
docker-push:
needs: [docker-build]
uses: entur/gha-docker/.github/workflows/push.yml@v1