# This workflow will build a Java project with Maven # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven name: build on: push: branches: - '**' tags: - '**' pull_request: branches: [master, development] jobs: maven-build-reporting: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 - name: Set up JDK 8 uses: actions/setup-java@v2 with: java-version: '8' distribution: 'adopt' - name: Cache Maven packages uses: actions/cache@v2 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build with Maven run: mvn clean install -e -P let_reporting - name: Reporting uses: codecov/codecov-action@v1 with: flags: unittests name: SEB Server Build fail_ci_if_error: false verbose: false maven-build-docker: needs: maven-build-reporting # Run only on tagging if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - name: Get short SHA uses: benjlevesque/short-sha@v1.2 id: short-sha - name: Store short SHA as environment variable run: echo $SHA env: SHA: ${{ steps.short-sha.outputs.sha }} - name: Set env run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Test tag name run: | echo $TAG_NAME echo ${{ env.TAG_NAME }} - name: Checkout repository uses: actions/checkout@v2 - name: Set up JDK 11 uses: actions/setup-java@v2 with: java-version: '11' distribution: 'adopt' - name: Cache Maven packages uses: actions/cache@v2 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build with Maven run: mvn clean install -Dmaven.test.skip=true -Dsebserver-version="${{ env.TAG_NAME }}-${{ env.SHA }}" env: sebserver-version: ${{ env.TAG_NAME }}-${{ env.SHA }} - name: Simplify package name run: mv target/seb-server-${{ env.TAG_NAME }}-${{ env.SHA }}.jar target/seb-server.jar - uses: actions/upload-artifact@v2 with: name: Package path: target/seb-server.jar docker-build: needs: maven-build-docker # Run only on tagging if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: - name: Set env run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Test run: | echo $TAG_NAME echo ${{ env.TAG_NAME }} - name: Install Cosign uses: sigstore/cosign-installer@main - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Checkout repository uses: actions/checkout@v2 - name: Download a single artifact uses: actions/download-artifact@v2 with: name: Package - name: Build and push id: docker_build uses: docker/build-push-action@v2 with: context: . file: ./docker/Dockerfile push: true tags: | anhefti/seb-server:${{ env.TAG_NAME }} - name: Sign image with a key run: | echo ${COSIGN_PRIVATE_KEY} > /tmp/my_cosign.key && cosign sign --key /tmp/my_cosign.key anhefti/seb-server:${{ env.TAG_NAME }} env: TAGS: | anhefti/seb-server:${{ env.TAG_NAME }} COSIGN_KEY: ${{secrets.COSIGN_PRIVATE_KEY}} COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}