π release and deploy #48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: π release and deploy | |
| on: | |
| workflow_dispatch: # for debugging | |
| push: | |
| tags: | |
| - 'axon-dynamodb-*' # tagged by maven-release-plugin | |
| jobs: | |
| build: | |
| name: release next version | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: setup jdk and maven | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| cache: 'maven' | |
| server-id: 'sonatype-nexus' | |
| server-username: DEPLOY_USERNAME | |
| server-password: DEPLOY_PASSWORD | |
| # only entry that can resolve the secret directly | |
| gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| gpg-passphrase: GPG_PASSPHRASE | |
| - name: release and deploy | |
| env: | |
| DEPLOY_USERNAME: ${{ secrets.DEPLOY_USERNAME }} | |
| DEPLOY_PASSWORD: ${{ secrets.DEPLOY_PASSWORD }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| mkdir ~/.ssh && chmod 700 ~/.ssh | |
| echo importing private key | |
| echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_ed25519 | |
| echo importing public key | |
| echo "${{ secrets.SSH_KEY_PUB }}" > ~/.ssh/id_ed25519.pub | |
| chmod 400 ~/.ssh/id_ed25519* | |
| git config user.name github-actions | |
| git config user.email [email protected] | |
| mvn -B release:prepare -P release | |
| mvn -B release:perform -P release |