diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..5858e8d --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,80 @@ +name: Build and Deploy +on: + push: + branches: + - master + pull_request: + branches: + - master +jobs: + maven-verify: + runs-on: ubuntu-24.04 + outputs: + version: ${{ steps.get-version.outputs.version }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Install xmlstarlet + run: | + sudo rm -rf /var/lib/apt/lists/* + sudo apt-get update + sudo apt-get -y install xmlstarlet + - uses: actions/setup-java@v4 + with: + java-version: 17 + distribution: liberica + - name: Cache Maven dependencies + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + ${{ runner.os }}-maven- + ${{ runner.os }}- + + - name: Get version from pom.xml + id: get-version + run: | + VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Detected version: $VERSION" + + - name: Run maven build + run: mvn package + + - name: Sonar Scan + env: + SONAR_TOKEN: ${{ secrets.ENTUR_SONAR_PASSWORD }} + SONAR_PROJECT_NAME: ${{ github.event.repository.name }} + SONAR_PROJECT_KEY: entur_${{ github.event.repository.name }} + run: | + mvn -Psonar org.jacoco:jacoco-maven-plugin:prepare-agent verify \ + org.jacoco:jacoco-maven-plugin:report sonar:sonar \ + -Dmaven.main.skip \ + -DskipTests \ + -Dsonar.projectKey=${SONAR_PROJECT_KEY} \ + -Dsonar.organization=enturas-github \ + -Dsonar.projectName=${SONAR_PROJECT_NAME} \ + -Dsonar.host.url=https://sonarcloud.io \ + -Dsonar.token=${SONAR_TOKEN} + + - name: Upload artifact + uses: actions/upload-artifact@v4.4.3 + with: + name: build-artifacts + path: target/*.jar + + publish-snapshot: + name: Publish snapshot to Maven Central + if: github.repository_owner == 'entur' && github.event_name == 'push' && github.ref == 'refs/heads/master' + needs: maven-verify + uses: ./.github/workflows/maven-jreleaser-release.yml + with: + version: ${{ needs.maven-verify.outputs.version }} + snapshot: true + skip_version_update: true + java_version: 11 + java_distribution: liberica + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/gitflow-hotfix-finish.yml b/.github/workflows/gitflow-hotfix-finish.yml new file mode 100644 index 0000000..68ea738 --- /dev/null +++ b/.github/workflows/gitflow-hotfix-finish.yml @@ -0,0 +1,248 @@ +name: Hotfix Finish (Gitflow) + +on: + workflow_call: + inputs: + hotfix_branch: + description: 'Hotfix branch to finish (e.g., hotfix/2.0.16.1)' + required: true + type: string + merge_to_main: + description: 'Cherry-pick hotfix commits to base branch' + required: false + type: boolean + default: true + runner: + description: 'Runner to use for jobs' + required: false + type: string + default: "ubuntu-24.04" + java_version: + description: 'Java version to use' + required: false + type: number + default: 21 + java_distribution: + description: 'Java distribution to use' + required: false + type: string + default: "liberica" + version_tag_prefix: + description: 'Prefix for version tags' + required: false + type: string + default: "v" + artifact_group_id: + description: 'Maven group ID for summary links (e.g., io.entur)' + required: false + type: string + default: "" + artifact_ids: + description: 'Comma-separated artifact IDs for summary links (e.g., my-library,my-cli)' + required: false + type: string + default: "" + base_branch: + description: 'Base branch to cherry-pick changes to (e.g., main, master, develop)' + required: false + type: string + default: "main" + secrets: + SONATYPE_AUTH_USER: + required: true + SONATYPE_AUTH_TOKEN: + required: true + SONATYPE_GPG_KEY_PUBLIC: + required: true + SONATYPE_GPG_KEY: + required: true + SONATYPE_GPG_KEY_PASSWORD: + required: true + +jobs: + get-hotfix-version: + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + outputs: + version: ${{ steps.get_version.outputs.version }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.hotfix_branch }} + fetch-depth: 0 + + - uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java_version || 21 }} + distribution: ${{ inputs.java_distribution || 'liberica' }} + + - name: Get hotfix version + id: get_version + run: | + VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) + # Remove -SNAPSHOT if present + VERSION="${VERSION%-SNAPSHOT}" + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Hotfix version: $VERSION" + + create-tag: + name: Create hotfix tag + needs: get-hotfix-version + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.hotfix_branch }} + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Create and push tag + run: | + VERSION="${{ needs.get-hotfix-version.outputs.version }}" + TAG="${{ inputs.version_tag_prefix || 'v' }}${VERSION}" + + echo "Creating tag: $TAG from branch ${{ inputs.hotfix_branch }}" + git tag -a "$TAG" -m "Hotfix $VERSION" + git push origin "$TAG" + + publish-hotfix: + name: Publish to Maven Central + needs: [get-hotfix-version, create-tag] + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + env: + JRELEASER_MAVENCENTRAL_URL: "https://central.sonatype.com/api/v1/publisher" + JRELEASER_DEPLOY_MAVEN_MAVENCENTRAL_ACTIVE: "RELEASE" + JRELEASER_DEPLOY_MAVEN_NEXUS2_ACTIVE: "SNAPSHOT" + JRELEASER_NEXUS2_URL: "https://ossrh-staging-api.central.sonatype.com/service/local" + JRELEASER_NEXUS2_SNAPSHOT_URL: "https://central.sonatype.com/repository/maven-snapshots" + JRELEASER_OVERWRITE: true + JRELEASER_UPDATE: true + JRELEASER_GIT_ROOT_SEARCH: true + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.version_tag_prefix || 'v' }}${{ needs.get-hotfix-version.outputs.version }} + fetch-depth: 0 + + - uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java_version || 21 }} + distribution: ${{ inputs.java_distribution || 'liberica' }} + cache: maven + + - name: Install xmlstarlet + run: | + sudo rm -rf /var/lib/apt/lists/* + sudo apt-get update + sudo apt-get -y install xmlstarlet + + - name: JReleaser Release to Maven Central + uses: entur/gha-maven-central/.github/actions/jreleaser-release@v1 + with: + version: ${{ needs.get-hotfix-version.outputs.version }} + version_tag_prefix: ${{ inputs.version_tag_prefix || 'v' }} + github_token: ${{ secrets.GITHUB_TOKEN }} + sonatype_username: ${{ secrets.SONATYPE_AUTH_USER }} + sonatype_password: ${{ secrets.SONATYPE_AUTH_TOKEN }} + gpg_public_key: ${{ secrets.SONATYPE_GPG_KEY_PUBLIC }} + gpg_secret_key: ${{ secrets.SONATYPE_GPG_KEY }} + gpg_passphrase: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }} + artifactory_user: ${{ secrets.ARTIFACTORY_AUTH_USER }} + artifactory_token: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + + - name: Upload Build Reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: jreleaser-reports + path: | + **/target/site + **/target/reports/ + **/target/surefire-reports + + merge-to-base-branch: + name: Cherry-pick hotfix to base branch + needs: [get-hotfix-version, publish-hotfix] + if: inputs.merge_to_main == true + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.base_branch || 'main' }} + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Cherry-pick hotfix commits + run: | + HOTFIX_BRANCH="${{ inputs.hotfix_branch }}" + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + echo "Cherry-picking commits from $HOTFIX_BRANCH to $BASE_BRANCH" + + # Get the base commit (where hotfix branched from) + git fetch origin "$HOTFIX_BRANCH" + + # Find all commits in the hotfix branch + HOTFIX_COMMITS=$(git log --reverse --pretty=format:"%H" origin/$HOTFIX_BRANCH --not $(git merge-base origin/$BASE_BRANCH origin/$HOTFIX_BRANCH)) + + # Cherry-pick each commit + for commit in $HOTFIX_COMMITS; do + echo "Cherry-picking commit: $commit" + git cherry-pick "$commit" || { + echo "::warning::Cherry-pick conflict on commit $commit. Resolve manually." + git cherry-pick --abort + exit 1 + } + done + + - name: Push to base branch + run: | + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + git push origin "$BASE_BRANCH" + + - name: Delete hotfix branch + continue-on-error: true + run: | + HOTFIX_BRANCH="${{ inputs.hotfix_branch }}" + echo "Deleting hotfix branch: $HOTFIX_BRANCH" + git push origin --delete "$HOTFIX_BRANCH" || echo "Branch already deleted" + + - name: Create summary + run: | + VERSION="${{ needs.get-hotfix-version.outputs.version }}" + TAG_PREFIX="${{ inputs.version_tag_prefix || 'v' }}" + GROUP_ID="${{ inputs.artifact_group_id }}" + ARTIFACT_IDS="${{ inputs.artifact_ids }}" + + cat >> $GITHUB_STEP_SUMMARY <> $GITHUB_STEP_SUMMARY + done + fi + + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + + cat >> $GITHUB_STEP_SUMMARY <> $GITHUB_OUTPUT + echo "Release version: $VERSION" + + create-tag: + name: Create release tag + needs: get-release-version + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.release_branch }} + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Create and push tag + run: | + VERSION="${{ needs.get-release-version.outputs.version }}" + TAG="${{ inputs.version_tag_prefix || 'v' }}${VERSION}" + + echo "Creating tag: $TAG from branch ${{ inputs.release_branch }}" + git tag -a "$TAG" -m "Release $VERSION" + git push origin "$TAG" + + publish-release: + name: Publish to Maven Central + needs: [get-release-version, create-tag] + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + env: + JRELEASER_MAVENCENTRAL_URL: "https://central.sonatype.com/api/v1/publisher" + JRELEASER_DEPLOY_MAVEN_MAVENCENTRAL_ACTIVE: "RELEASE" + JRELEASER_DEPLOY_MAVEN_NEXUS2_ACTIVE: "SNAPSHOT" + JRELEASER_NEXUS2_URL: "https://ossrh-staging-api.central.sonatype.com/service/local" + JRELEASER_NEXUS2_SNAPSHOT_URL: "https://central.sonatype.com/repository/maven-snapshots" + JRELEASER_OVERWRITE: true + JRELEASER_UPDATE: true + JRELEASER_GIT_ROOT_SEARCH: true + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.version_tag_prefix || 'v' }}${{ needs.get-release-version.outputs.version }} + fetch-depth: 0 + + - uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java_version || 21 }} + distribution: ${{ inputs.java_distribution || 'liberica' }} + cache: maven + + - name: Install xmlstarlet + run: | + sudo rm -rf /var/lib/apt/lists/* + sudo apt-get update + sudo apt-get -y install xmlstarlet + + - name: JReleaser Release to Maven Central + uses: entur/gha-maven-central/.github/actions/jreleaser-release@v1 + with: + version: ${{ needs.get-release-version.outputs.version }} + version_tag_prefix: ${{ inputs.version_tag_prefix || 'v' }} + github_token: ${{ secrets.GITHUB_TOKEN }} + sonatype_username: ${{ secrets.SONATYPE_AUTH_USER }} + sonatype_password: ${{ secrets.SONATYPE_AUTH_TOKEN }} + gpg_public_key: ${{ secrets.SONATYPE_GPG_KEY_PUBLIC }} + gpg_secret_key: ${{ secrets.SONATYPE_GPG_KEY }} + gpg_passphrase: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }} + artifactory_user: ${{ secrets.ARTIFACTORY_AUTH_USER }} + artifactory_token: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + + - name: Upload Build Reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: jreleaser-reports + path: | + **/target/site + **/target/reports/ + **/target/surefire-reports + + merge-release-to-base: + name: Merge release branch to base branch + needs: [get-release-version, publish-release] + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.base_branch || 'main' }} + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Merge release branch + run: | + RELEASE_BRANCH="${{ inputs.release_branch }}" + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + VERSION="${{ needs.get-release-version.outputs.version }}" + + echo "Merging $RELEASE_BRANCH into $BASE_BRANCH" + git fetch origin "$RELEASE_BRANCH" + git merge "origin/$RELEASE_BRANCH" -m "chore: merge release $VERSION into $BASE_BRANCH" + git push origin "$BASE_BRANCH" + + update-base-branch: + name: Update base branch to next SNAPSHOT version + needs: [get-release-version, merge-release-to-base] + runs-on: ${{ inputs.runner || 'ubuntu-24.04' }} + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.base_branch || 'main' }} + fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java_version || 21 }} + distribution: ${{ inputs.java_distribution || 'liberica' }} + + - name: Calculate next development version + id: next_version + run: | + CURRENT_VERSION="${{ needs.get-release-version.outputs.version }}" + + # Use custom version if provided, otherwise increment + if [ -n "${{ inputs.next_version }}" ]; then + NEXT_VERSION="${{ inputs.next_version }}" + # Ensure it has -SNAPSHOT + if [[ ! "$NEXT_VERSION" =~ -SNAPSHOT$ ]]; then + NEXT_VERSION="${NEXT_VERSION}-SNAPSHOT" + fi + else + INCREMENT_TYPE="${{ inputs.next_version_increment }}" + + # Parse version components + IFS='.' read -ra VERSION_PARTS <<< "$CURRENT_VERSION" + MAJOR="${VERSION_PARTS[0]:-0}" + MINOR="${VERSION_PARTS[1]:-0}" + PATCH="${VERSION_PARTS[2]:-0}" + + # Calculate next version based on increment type + case "$INCREMENT_TYPE" in + major) + MAJOR=$((MAJOR + 1)) + MINOR=0 + PATCH=0 + ;; + minor) + MINOR=$((MINOR + 1)) + PATCH=0 + ;; + patch) + PATCH=$((PATCH + 1)) + ;; + *) + echo "Error: Invalid increment type: $INCREMENT_TYPE" + exit 1 + ;; + esac + + NEXT_VERSION="$MAJOR.$MINOR.$PATCH-SNAPSHOT" + fi + + echo "next_version=$NEXT_VERSION" >> $GITHUB_OUTPUT + echo "Next development version: $NEXT_VERSION" + + - name: Update base branch version + run: | + NEXT_VERSION="${{ steps.next_version.outputs.next_version }}" + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + echo "Updating $BASE_BRANCH to: $NEXT_VERSION" + + mvn -B versions:set -DnewVersion="$NEXT_VERSION" -DgenerateBackupPoms=false -DprocessAllModules=true + + git add '*/pom.xml' pom.xml + git commit -m "chore: prepare for next development iteration $NEXT_VERSION [skip ci]" + git push origin "$BASE_BRANCH" + + - name: Delete release branch + continue-on-error: true + run: | + RELEASE_BRANCH="${{ inputs.release_branch }}" + echo "Deleting release branch: $RELEASE_BRANCH" + git push origin --delete "$RELEASE_BRANCH" || echo "Branch already deleted" + + - name: Create summary + run: | + VERSION="${{ needs.get-release-version.outputs.version }}" + TAG_PREFIX="${{ inputs.version_tag_prefix || 'v' }}" + GROUP_ID="${{ inputs.artifact_group_id }}" + ARTIFACT_IDS="${{ inputs.artifact_ids }}" + + cat >> $GITHUB_STEP_SUMMARY <> $GITHUB_STEP_SUMMARY + done + fi + + BASE_BRANCH="${{ inputs.base_branch || 'main' }}" + + cat >> $GITHUB_STEP_SUMMARY <> $GITHUB_OUTPUT + echo "Publishing hotfix version: $VERSION" + + - name: JReleaser Release to Maven Central + uses: entur/gha-maven-central/.github/actions/jreleaser-release@v1 + with: + version: ${{ steps.get_version.outputs.version }} + version_tag_prefix: v + github_token: ${{ secrets.GITHUB_TOKEN }} + sonatype_username: ${{ secrets.SONATYPE_AUTH_USER }} + sonatype_password: ${{ secrets.SONATYPE_AUTH_TOKEN }} + gpg_public_key: ${{ secrets.SONATYPE_GPG_KEY_PUBLIC }} + gpg_secret_key: ${{ secrets.SONATYPE_GPG_KEY }} + gpg_passphrase: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }} + artifactory_user: ${{ secrets.ARTIFACTORY_AUTH_USER }} + artifactory_token: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + + - name: Upload Build Reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: jreleaser-reports + path: | + **/target/site + **/target/reports/ + **/target/surefire-reports \ No newline at end of file diff --git a/.github/workflows/hotfix-start.yml b/.github/workflows/hotfix-start.yml new file mode 100644 index 0000000..b653f7f --- /dev/null +++ b/.github/workflows/hotfix-start.yml @@ -0,0 +1,20 @@ +name: Hotfix Start (Gitflow) + +on: + workflow_dispatch: + inputs: + hotfix_version: + description: 'Hotfix version (e.g., 2.0.15.1 or leave empty to auto-increment patch)' + required: false + type: string + base_tag: + description: 'Base tag to create hotfix from (e.g., v2.0.15). Leave empty to use latest master.' + required: false + type: string + +jobs: + hotfix-start: + uses: entur/ror-gha-workflows/.github/workflows/hotfix-start.yml@v1 + with: + hotfix_version: ${{ inputs.hotfix_version }} + base_tag: ${{ inputs.base_tag }} \ No newline at end of file diff --git a/.github/workflows/maven-jreleaser-release.yml b/.github/workflows/maven-jreleaser-release.yml new file mode 100644 index 0000000..0dfc5ab --- /dev/null +++ b/.github/workflows/maven-jreleaser-release.yml @@ -0,0 +1,174 @@ +name: JReleaser Release to Maven Central (Maven) + +on: + workflow_call: + inputs: + runner: + description: "Job Runner" + required: false + type: string + default: "ubuntu-24.04" + git_ref: + description: "Option to override git reference to checkout before build" + type: string + required: false + settings-xml_file: + description: "Link to the external settings.xml file" + required: false + type: string + default: "" + java_version: + description: "Java Runtime Version" + required: false + type: number + default: 21 + java_distribution: + description: "Java distribution for Setup-Java" + required: false + type: string + default: "liberica" + version: + description: "The version to release (e.g., '1.3.0' or '1.3.0-SNAPSHOT'). This is required for this standalone workflow." + required: true + type: string + version_file_name: + description: "The name of the file containing the version number" + required: false + type: string + default: "pom.xml" + version_tag_prefix: + description: "The prefix for the git tag (e.g., 'v' for 'v1.0.0')" + required: false + type: string + default: "v" + snapshot: + description: "Whether the artifact is a snapshot or not" + required: false + type: boolean + default: false + skip_version_update: + description: "Skip setting version in pom.xml (useful if version is already set)" + required: false + type: boolean + default: false + secrets: + GIT_SSH_KEY: + description: "Option to override git ssh key to checkout before build" + required: false + SONATYPE_AUTH_USER: + required: true + SONATYPE_AUTH_TOKEN: + required: true + SONATYPE_GPG_KEY_PUBLIC: + required: true + SONATYPE_GPG_KEY: + required: true + SONATYPE_GPG_KEY_PASSWORD: + required: true + + outputs: + version: + description: Published version + value: ${{ jobs.release.outputs.version }} + +concurrency: + group: maven-jreleaser-release-${{ github.ref }} + +jobs: + release: + runs-on: ${{ inputs.runner }} + permissions: + contents: write + issues: write + packages: write + env: + JRELEASER_MAVENCENTRAL_URL: "https://central.sonatype.com/api/v1/publisher" + JRELEASER_DEPLOY_MAVEN_MAVENCENTRAL_ACTIVE: "RELEASE" + JRELEASER_DEPLOY_MAVEN_NEXUS2_ACTIVE: "SNAPSHOT" + JRELEASER_NEXUS2_URL: "https://ossrh-staging-api.central.sonatype.com/service/local" + JRELEASER_NEXUS2_SNAPSHOT_URL: "https://central.sonatype.com/repository/maven-snapshots" + JRELEASER_OVERWRITE: true + JRELEASER_UPDATE: true + JRELEASER_GIT_ROOT_SEARCH: true + outputs: + version: ${{ steps.release.outputs.version }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + if: ${{ inputs.git_ref == '' }} + with: + fetch-depth: 0 + ssh-key: ${{ secrets.GIT_SSH_KEY }} + + - name: Checkout code with reference + uses: actions/checkout@v4 + if: ${{ inputs.git_ref != '' }} + with: + ref: ${{ inputs.git_ref }} + fetch-depth: 0 + ssh-key: ${{ secrets.GIT_SSH_KEY }} + + - name: Set up Java ${{ inputs.java_version }} + uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java_version }} + distribution: ${{ inputs.java_distribution }} + cache: maven + + - name: Copy maven settings + if: ${{ inputs.settings-xml_file != '' }} + run: | + wget ${{ inputs.settings-xml_file }} -O ~/.m2/settings.xml + + - name: Install xmlstarlet + run: | + sudo rm -rf /var/lib/apt/lists/* + sudo apt-get update + sudo apt-get -y install xmlstarlet + + - name: Validate version input + shell: bash + env: + GHA_MAVENCENTRAL_VERSION: ${{ inputs.version }} + run: | + if [ -z "$GHA_MAVENCENTRAL_VERSION" ]; then + echo "Error: version input is required for this workflow" + exit 1 + fi + echo "Using version: $GHA_MAVENCENTRAL_VERSION" + + - name: Set version + if: ${{ inputs.skip_version_update == false }} + shell: bash + env: + GHA_MAVENCENTRAL_VERSION_FILE_NAME: ${{ inputs.version_file_name}} + GHA_MAVENCENTRAL_VERSION: ${{ inputs.version }} + JFROG_USER: ${{ secrets.ARTIFACTORY_AUTH_USER }} + JFROG_PASS: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + run: | + mvn -B versions:set -f $GHA_MAVENCENTRAL_VERSION_FILE_NAME -DnewVersion=$GHA_MAVENCENTRAL_VERSION -DgenerateBackupPoms=false -DprocessAllModules=true + + - name: JReleaser Release to Maven Central + id: release + uses: entur/gha-maven-central/.github/actions/jreleaser-release@v1 + with: + version: ${{ inputs.version }} + version_tag_prefix: ${{ inputs.version_tag_prefix }} + github_token: ${{ secrets.GITHUB_TOKEN }} + sonatype_username: ${{ secrets.SONATYPE_AUTH_USER }} + sonatype_password: ${{ secrets.SONATYPE_AUTH_TOKEN }} + gpg_public_key: ${{ secrets.SONATYPE_GPG_KEY_PUBLIC }} + gpg_secret_key: ${{ secrets.SONATYPE_GPG_KEY }} + gpg_passphrase: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }} + artifactory_user: ${{ secrets.ARTIFACTORY_AUTH_USER }} + artifactory_token: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + + - name: Upload Build Reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: jreleaser-reports + path: | + **/target/site + **/target/reports/ + **/target/surefire-reports \ No newline at end of file diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml deleted file mode 100644 index 2d9f854..0000000 --- a/.github/workflows/push.yml +++ /dev/null @@ -1,95 +0,0 @@ -name: Build and push -on: - push: - branches: - - master - pull_request: - branches: - - master -env: - JFROG_USER: ${{ secrets.ARTIFACTORY_AUTH_USER }} - JFROG_PASS: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} - -jobs: - maven-package: - if: "!contains(github.event.head_commit.message, 'ci skip')" - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Install xmlstarlet - run: | - sudo rm -rf /var/lib/apt/lists/* - sudo apt-get update - sudo apt-get -y install xmlstarlet - - name: Copy maven settings - run: | - wget https://raw.githubusercontent.com/entur/ror-maven-settings/master/.m2/settings.xml -O .github/workflows/settings.xml - - uses: actions/setup-java@v4 - with: - java-version: 17.0.15 - distribution: temurin - - name: Cache Maven dependencies - uses: actions/cache@v4 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - ${{ runner.os }}-maven- - ${{ runner.os }}- - - - name: Run maven build - run: mvn package -s .github/workflows/settings.xml - - name: Sonar Scan - env: - SONAR_TOKEN: ${{ secrets.ENTUR_SONAR_PASSWORD }} - SONAR_PROJECT_NAME: ${{ github.event.repository.name }} - SONAR_PROJECT_KEY: entur_${{ github.event.repository.name }} - run: | - mvn -Psonar -s .github/workflows/settings.xml \ - org.jacoco:jacoco-maven-plugin:prepare-agent verify \ - org.jacoco:jacoco-maven-plugin:report sonar:sonar \ - -Dmaven.main.skip \ - -DskipTests \ - -Dsonar.projectKey=${SONAR_PROJECT_KEY} \ - -Dsonar.organization=enturas-github \ - -Dsonar.projectName=${SONAR_PROJECT_NAME} \ - -Dsonar.host.url=https://sonarcloud.io \ - -Dsonar.token=${SONAR_TOKEN} - - deploy-artifactory: - if: github.repository_owner == 'entur' && github.event_name == 'push' && github.ref == 'refs/heads/master' - needs: [maven-package] - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Install xmlstarlet - run: | - sudo rm -rf /var/lib/apt/lists/* - sudo apt-get update - sudo apt-get -y install xmlstarlet - - name: Copy maven settings - run: | - wget https://raw.githubusercontent.com/entur/ror-maven-settings/master/.m2/settings.xml -O .github/workflows/settings.xml - - uses: actions/setup-java@v4 - with: - java-version: 17.0.15 - distribution: temurin - - name: Cache Maven dependencies - uses: actions/cache@v4 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - ${{ runner.os }}-maven- - ${{ runner.os }}- - - - name: Deploy to Entur Artifactory - run: mvn deploy -s .github/workflows/settings.xml -DskipTests - - diff --git a/.github/workflows/release-finish.yml b/.github/workflows/release-finish.yml new file mode 100644 index 0000000..f93f24b --- /dev/null +++ b/.github/workflows/release-finish.yml @@ -0,0 +1,38 @@ +name: Release Finish (Gitflow) + +on: + workflow_dispatch: + inputs: + release_branch: + description: 'Release branch to finish (e.g., release/2.0.16)' + required: true + type: string + next_version_increment: + description: 'Next version increment type for master' + required: false + type: choice + default: 'patch' + options: + - major + - minor + - patch + next_version: + description: 'Or specify exact next version for master (e.g., 2.1.0-SNAPSHOT)' + required: false + type: string + +jobs: + release-finish: + uses: ./.github/workflows/gitflow-release-finish.yml + with: + release_branch: ${{ inputs.release_branch }} + next_version_increment: ${{ inputs.next_version_increment }} + next_version: ${{ inputs.next_version }} + base_branch: master + runner: ubuntu-24.04 + java_version: 11 + java_distribution: liberica + version_tag_prefix: v + artifact_group_id: org.entur + artifact_ids: netex-java-model + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/release-manual.yml b/.github/workflows/release-manual.yml new file mode 100644 index 0000000..177b328 --- /dev/null +++ b/.github/workflows/release-manual.yml @@ -0,0 +1,84 @@ +name: Manual Release (Emergency/Fallback) + +# This workflow is a FALLBACK for emergency situations. +# For normal releases, use: "Release Start" → "Release Finish" workflows +# Only use this if the gitflow workflows fail or for emergency releases. + +on: + workflow_dispatch: + inputs: + git_ref: + description: 'Git tag to release (e.g., v2.0.16). Tag must already exist!' + required: true + type: string + version: + description: 'Version to release (if different from tag, e.g., 2.0.16)' + required: false + type: string + +jobs: + publish-release: + name: Publish release to Maven Central + runs-on: ubuntu-24.04 + env: + JRELEASER_MAVENCENTRAL_URL: "https://central.sonatype.com/api/v1/publisher" + JRELEASER_DEPLOY_MAVEN_MAVENCENTRAL_ACTIVE: "RELEASE" + JRELEASER_DEPLOY_MAVEN_NEXUS2_ACTIVE: "SNAPSHOT" + JRELEASER_NEXUS2_URL: "https://ossrh-staging-api.central.sonatype.com/service/local" + JRELEASER_NEXUS2_SNAPSHOT_URL: "https://central.sonatype.com/repository/maven-snapshots" + JRELEASER_OVERWRITE: true + JRELEASER_UPDATE: true + JRELEASER_GIT_ROOT_SEARCH: true + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.git_ref }} + fetch-depth: 0 + + - uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: liberica + cache: maven + + - name: Install xmlstarlet + run: | + sudo rm -rf /var/lib/apt/lists/* + sudo apt-get update + sudo apt-get -y install xmlstarlet + + - name: Get version from tag or input + id: get_version + run: | + if [ -n "${{ github.event.inputs.version }}" ]; then + VERSION="${{ github.event.inputs.version }}" + else + GIT_REF="${{ github.event.inputs.git_ref }}" + VERSION="${GIT_REF#v}" + fi + echo "version=$VERSION" >> $GITHUB_OUTPUT + echo "Publishing version: $VERSION" + + - name: JReleaser Release to Maven Central + uses: entur/gha-maven-central/.github/actions/jreleaser-release@v1 + with: + version: ${{ steps.get_version.outputs.version }} + version_tag_prefix: v + github_token: ${{ secrets.GITHUB_TOKEN }} + sonatype_username: ${{ secrets.SONATYPE_AUTH_USER }} + sonatype_password: ${{ secrets.SONATYPE_AUTH_TOKEN }} + gpg_public_key: ${{ secrets.SONATYPE_GPG_KEY_PUBLIC }} + gpg_secret_key: ${{ secrets.SONATYPE_GPG_KEY }} + gpg_passphrase: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }} + artifactory_user: ${{ secrets.ARTIFACTORY_AUTH_USER }} + artifactory_token: ${{ secrets.ARTIFACTORY_AUTH_TOKEN }} + + - name: Upload Build Reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: jreleaser-reports + path: | + **/target/site + **/target/reports/ + **/target/surefire-reports \ No newline at end of file diff --git a/.github/workflows/release-start.yml b/.github/workflows/release-start.yml new file mode 100644 index 0000000..063ffbf --- /dev/null +++ b/.github/workflows/release-start.yml @@ -0,0 +1,21 @@ +name: Release Start (Gitflow) + +on: + workflow_dispatch: + inputs: + release_version: + description: 'Release version (e.g., 2.0.16). Leave empty to auto-detect from develop.' + required: false + type: string + base_branch: + description: 'Base branch to create release from' + required: false + type: string + default: 'master' + +jobs: + release-start: + uses: entur/ror-gha-workflows/.github/workflows/release-start.yml@v1 + with: + release_version: ${{ inputs.release_version }} + base_branch: ${{ inputs.base_branch }} \ No newline at end of file diff --git a/pom.xml b/pom.xml index dd9377c..b5be055 100644 --- a/pom.xml +++ b/pom.xml @@ -111,14 +111,11 @@ 9.0.2 0.8.14 5.5.0.6356 + 1.18.0 - - gpg - ${env.GPG_KEY_NAME} - @@ -222,6 +219,48 @@ maven-deploy-plugin ${maven-deploy-plugin.version} + + org.jreleaser + jreleaser-maven-plugin + ${jreleaser-maven-plugin.version} + + + + ALWAYS + true + + + + + + RELEASE + https://central.sonatype.com/api/v1/publisher + target/staging-deploy + + + + + SNAPSHOT + https://ossrh-staging-api.central.sonatype.com/service/local + https://central.sonatype.com/repository/maven-snapshots + true + true + true + true + target/staging-deploy + + + + + + + false + true + + + + + @@ -621,46 +660,59 @@ + + + org.jreleaser + jreleaser-maven-plugin + - - sign + sonar false + + + 11 + 3.9.1.2184 + + - - - - org.apache.maven.plugins - maven-surefire-plugin - ${maven-surefire-plugin.version} - - false - - - - + - org.apache.maven.plugins - maven-surefire-plugin - ${maven-surefire-plugin.version} + org.sonarsource.scanner.maven + sonar-maven-plugin + ${sonar-maven-plugin.version} + + + + + + publication + + local::file:./target/staging-deploy + + + deploy + org.apache.maven.plugins - maven-gpg-plugin - ${maven-gpg-plugin.version} + maven-javadoc-plugin + ${maven-javadoc-plugin.version} - sign-artifacts - verify + attach-javadocs - sign + jar + + true + @@ -674,79 +726,16 @@ jar + + true + - - org.apache.maven.plugins - maven-javadoc-plugin - ${maven-javadoc-plugin.version} - - none - - - - attach-javadocs - - jar - - - - - - org.sonatype.plugins - nexus-staging-maven-plugin - ${nexus-staging-maven-plugin.version} - true - - ossrh - https://oss.sonatype.org/ - - false - - - - release - - false - - - - - ossrh - https://oss.sonatype.org/service/local/staging/deploy/maven2/ - - - - - - sonar - - false - - - - 17 - - - - - - - org.sonarsource.scanner.maven - sonar-maven-plugin - ${sonar-maven-plugin.version} - - - -