Skip to content

Commit

Permalink
chore(action): format action
Browse files Browse the repository at this point in the history
  • Loading branch information
Langleu committed Aug 6, 2021
1 parent 98d67a0 commit fc0a8e3
Showing 1 changed file with 66 additions and 66 deletions.
132 changes: 66 additions & 66 deletions action.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
- name: Release Camunda Community Project on Maven Central
description: Encapsulates the release process of Camunda community extensions
inputs:
name: Release Camunda Community Project on Maven Central
description: Encapsulates the release process of Camunda community extensions
inputs:
artifacts-pattern:
description: Which artifacts to store. Set to empty string to disable
required: false
Expand Down Expand Up @@ -49,11 +49,11 @@
description: TODO
required: false
default: true
outputs:
outputs:
artifacts_archive_path:
description: Filename of zipfile containing all files matched by artifacts-pattern.
value: ${{ steps.create-archive.outputs.filename }}
runs:
runs:
using: composite
steps:
- name: Initialize
Expand All @@ -69,65 +69,65 @@
test -z "${{ inputs.run-tests }}" && SKIP_TESTS="-DskipTests"
mvn -B ${{ inputs.maven-additional-options }} ${{ inputs.maven-build-options }} package ${SKIP_TESTS}
shell: bash
###########################################
# Download and install Trivy and template #
###########################################
- name: Download and Install Trivy
shell: bash
run: |
if [[ "${{ inputs.vulnerability-scan }}" == "true" ]];
then
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b ${GITHUB_WORKSPACE}
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/sarif.tpl -o sarif.tpl
./trivy --version
./trivy fs -t @sarif.tpl -f template -o trivy-results.sarif .
###########################################
# Download and install Trivy and template #
###########################################
- name: Download and Install Trivy
shell: bash
run: |
if [[ "${{ inputs.vulnerability-scan }}" == "true" ]];
then
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b ${GITHUB_WORKSPACE}
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/sarif.tpl -o sarif.tpl
./trivy --version
./trivy fs -t @sarif.tpl -f template -o trivy-results.sarif .
if [[ $(cat trivy-results.sarif | grep -E 'Severity: (HIGH|CRITICAL)' | wc -l) > 0 ]];
then
./trivy fs .
exit 1
else
exit 0
fi
fi
- name: Publish SNAPSHOT
run: |-
test -n "${{ inputs.release-version }}" && echo "::debug::Not publishing SNAPSHOT because release-version is set" && exit 0
mvn -B ${{ inputs.maven-additional-options }} -DskipTests ${{ inputs.maven-release-options }} deploy
find . -path '**target/nexus-staging/deferred/.index' -exec sed -i 's@:camunda-nexus:.*$@:central:https://oss.sonatype.org/content/repositories/snapshots/@g' {} +
mvn -B ${{ inputs.maven-additional-options }} -DskipTests ${{ inputs.maven-release-options }} org.sonatype.plugins:nexus-staging-maven-plugin:deploy-staged
shell: bash
env:
NEXUS_USR: ${{ inputs.nexus-usr}}
NEXUS_PSW: ${{ inputs.nexus-psw }}
MAVEN_USR: ${{ inputs.maven-usr }}
MAVEN_PSW: ${{ inputs.maven-psw }}
- name: Publish Maven Release
run: |-
test -z "${{ inputs.release-version }}" && echo "::debug::Skipping Release because release-version is unset" && exit 0
# 1. set version
mvn -B ${{ inputs.maven-additional-options }} versions:set org.codehaus.mojo:versions-maven-plugin:2.8.1:update-child-modules -DnewVersion=${{ inputs.release-version }}
# 2. perform release
mvn -B ${{ inputs.maven-additional-options }} ${RELEASE_PROFILE} ${{ inputs.maven-release-options }} -DskipTests -DnexusUrl=https://oss.sonatype.org/ -DserverId=central -Drelease-version=${{ inputs.release-version }} -Dgpg.sign initialize \
package source:jar javadoc:jar \
deploy org.apache.maven.plugins:maven-gpg-plugin:sign \
nexus-staging:deploy
shell: bash
env:
NEXUS_USR: ${{ inputs.nexus-usr}}
NEXUS_PSW: ${{ inputs.nexus-psw }}
MAVEN_USR: ${{ inputs.maven-usr }}
MAVEN_PSW: ${{ inputs.maven-psw }}
MAVEN_GPG_PASSPHRASE: ${{ inputs.maven-gpg-passphrase }}
- name: Prepare next development version
run: ${{ github.action_path }}/resources/prepare-next-development-version.sh "${{ github.event.repository.default_branch }}" "${{ inputs.release-version }}" "${{ inputs.maven-additional-options }}"
shell: bash
- name: Archive artifacts
run: |-
test -z "${{ inputs.artifacts-pattern }}" && echo "::debug::Skipping archiving because artifacts-pattern is unset" && exit 0
# Filename: [repo without org]-[version].zip
ZIPFILE=${GITHUB_REPOSITORY#*/}-${{ inputs.release-version }}.zip
zip $ZIPFILE $(find . -path ${{ inputs.artifacts-pattern }})
echo "::set-output name=filename::${ZIPFILE}"
shell: bash
id: create-archive
if [[ $(cat trivy-results.sarif | grep -E 'Severity: (HIGH|CRITICAL)' | wc -l) > 0 ]];
then
./trivy fs .
exit 1
else
exit 0
fi
fi
- name: Publish SNAPSHOT
run: |-
test -n "${{ inputs.release-version }}" && echo "::debug::Not publishing SNAPSHOT because release-version is set" && exit 0
mvn -B ${{ inputs.maven-additional-options }} -DskipTests ${{ inputs.maven-release-options }} deploy
find . -path '**target/nexus-staging/deferred/.index' -exec sed -i 's@:camunda-nexus:.*$@:central:https://oss.sonatype.org/content/repositories/snapshots/@g' {} +
mvn -B ${{ inputs.maven-additional-options }} -DskipTests ${{ inputs.maven-release-options }} org.sonatype.plugins:nexus-staging-maven-plugin:deploy-staged
shell: bash
env:
NEXUS_USR: ${{ inputs.nexus-usr}}
NEXUS_PSW: ${{ inputs.nexus-psw }}
MAVEN_USR: ${{ inputs.maven-usr }}
MAVEN_PSW: ${{ inputs.maven-psw }}
- name: Publish Maven Release
run: |-
test -z "${{ inputs.release-version }}" && echo "::debug::Skipping Release because release-version is unset" && exit 0
# 1. set version
mvn -B ${{ inputs.maven-additional-options }} versions:set org.codehaus.mojo:versions-maven-plugin:2.8.1:update-child-modules -DnewVersion=${{ inputs.release-version }}
# 2. perform release
mvn -B ${{ inputs.maven-additional-options }} ${RELEASE_PROFILE} ${{ inputs.maven-release-options }} -DskipTests -DnexusUrl=https://oss.sonatype.org/ -DserverId=central -Drelease-version=${{ inputs.release-version }} -Dgpg.sign initialize \
package source:jar javadoc:jar \
deploy org.apache.maven.plugins:maven-gpg-plugin:sign \
nexus-staging:deploy
shell: bash
env:
NEXUS_USR: ${{ inputs.nexus-usr}}
NEXUS_PSW: ${{ inputs.nexus-psw }}
MAVEN_USR: ${{ inputs.maven-usr }}
MAVEN_PSW: ${{ inputs.maven-psw }}
MAVEN_GPG_PASSPHRASE: ${{ inputs.maven-gpg-passphrase }}
- name: Prepare next development version
run: ${{ github.action_path }}/resources/prepare-next-development-version.sh "${{ github.event.repository.default_branch }}" "${{ inputs.release-version }}" "${{ inputs.maven-additional-options }}"
shell: bash
- name: Archive artifacts
run: |-
test -z "${{ inputs.artifacts-pattern }}" && echo "::debug::Skipping archiving because artifacts-pattern is unset" && exit 0
# Filename: [repo without org]-[version].zip
ZIPFILE=${GITHUB_REPOSITORY#*/}-${{ inputs.release-version }}.zip
zip $ZIPFILE $(find . -path ${{ inputs.artifacts-pattern }})
echo "::set-output name=filename::${ZIPFILE}"
shell: bash
id: create-archive

0 comments on commit fc0a8e3

Please sign in to comment.