schmalz/shared-actions
15
0
Fork 0
Code Issues Pull requests 1 Releases Packages Activity Actions
shared-actions/maven-build/README.md
Michael Seele a8be9bf8dc
All checks were successful
validate-shared-actions / validate-shared-actions (pull_request) Successful in 44s
Details
Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 53s
Details
feat: add maven-build action
2026-05-05 13:07:32 +00:00

58 lines
2.1 KiB
Markdown
Raw Permalink Blame History

# maven-build
Action for building and validating Maven projects.
## Inputs
| Input | Required | Default | Description |
|-------|----------|---------|-------------|
| `java-version` | No | `25` | Java version to set up for the build |
| `maven-version` | No | `3.9.15` | Maven version to set up for the build |
| `distribution` | No | `temurin` | JDK distribution to use |
| `phase` | No | `verify` | Build phase to execute: `verify` runs code-quality checks; `deploy` builds and pushes a Docker image |
| `verify-goals` | No | `spotless:check checkstyle:check test` | Space-separated Maven goals to run during the verify phase |
| `maven-profile` | No | `test` | Maven profile to activate during deploy |
| `service-dir` | No | `.` | Working directory for the Maven build |
| `maven-settings` | **Yes** | — | Secret containing the `settings.xml` content used for repository authentication |
| `extra-args` | No | `""` | Additional Maven arguments appended to the build command |
## Outputs
| Output | Description |
|--------|-------------|
| `image-tag` | The Docker image tag used during the deploy phase |
## Usage
### Verify (code quality + tests)
```yaml
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/maven-build@maven-build-v1
with:
maven-settings: ${{ secrets.MAVEN_SETTINGS }}
```
### Deploy (build and push Docker image)
```yaml
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/maven-build@maven-build-v1
with:
phase: deploy
maven-profile: prod
maven-settings: ${{ secrets.MAVEN_SETTINGS }}
```
### Multi-module project
```yaml
- uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/maven-build@maven-build-v1
with:
service-dir: my-service
maven-settings: ${{ secrets.MAVEN_SETTINGS }}
```
## Notes
- The `maven-settings` input is written to a temporary file (`/tmp/maven-settings.xml`) and removed after the build, even on failure.
- During the `deploy` phase, the image tag is generated as `<FORGEJO_SHA>-<unix-timestamp>` and exposed via the `image-tag` output.
- Third-party actions used internally are pinned to exact commit SHAs to prevent supply chain attacks.
View git blame Copy permalink