schmalz/shared-actions
15
0
Fork 0
Code Issues Pull requests 1 Releases Packages Activity Actions
shared-actions/maven-build/action.yml
Sebastian Böhringer 9783972537
All checks were successful
Aikido Security PR Check / Aikido Security Scan (pull_request) Successful in 59s
Details
validate-shared-actions / validate-shared-actions (pull_request) Successful in 41s
Details
fix: actually provide maven profile
2026-06-17 09:41:57 +02:00

125 lines
4.1 KiB
YAML
Raw Permalink Blame History

name: maven-build
description: Action for building and validating Maven projects
inputs:
java-version:
required: false
default: '25'
description: 'Java version to set up for the build'
maven-version:
required: false
default: '3.9.15'
description: 'Maven version to set up for the build'
distribution:
required: false
default: 'temurin'
description: 'JDK distribution to use'
phase:
required: false
default: 'verify'
description: 'Build phase to execute: "verify" runs code-quality checks; "deploy" builds and pushes a Docker image'
verify-goals:
required: false
default: 'spotless:check checkstyle:check test'
description: 'Space-separated Maven goals to run during the verify phase'
maven-profile:
required: false
default: 'test'
description: 'Maven profile to activate during deploy'
service-dir:
required: false
default: '.'
description: 'Working directory for the Maven build'
maven-settings:
required: true
description: 'Secret containing the settings.xml content used for repository authentication'
extra-args:
required: false
default: ''
description: 'Additional Maven arguments appended to the build command'
outputs:
image-tag:
description: 'The Docker image tag used during the deploy phase'
value: ${{ steps.deploy.outputs.image-tag }}
runs:
using: composite
steps:
- name: Validate phase
shell: bash
env:
BUILD_PHASE: ${{ inputs.phase }}
run: |
case "$BUILD_PHASE" in
verify|deploy) ;;
*) echo "Invalid phase '$BUILD_PHASE'. Must be 'verify' or 'deploy'." && exit 1 ;;
esac
# Pinned to commit SHA instead of a tag to prevent supply chain attacks.
# actions/setup-java v4.8.0 — https://github.com/actions/setup-java/tree/v4.8.0
- name: Setup Java
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9
with:
java-version: ${{ inputs.java-version }}
distribution: ${{ inputs.distribution }}
- name: Setup Maven
shell: bash
env:
MAVEN_VERSION: ${{ inputs.maven-version }}
run: |
curl -fsSL "https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz" \
| tar -xzf - -C /opt
echo "/opt/apache-maven-${MAVEN_VERSION}/bin" >> "$GITHUB_PATH"
echo "Maven ${MAVEN_VERSION} installed successfully"
- name: Cache Maven local repository
uses: https://schmalz-git.git.onstackit.cloud/schmalz/shared-actions/cache@cache-v1
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ inputs.java-version }}-${{ hashFiles(format('{0}/**/pom.xml', inputs.service-dir)) }}
restore-keys: ${{ runner.os }}-maven-${{ inputs.java-version }}-
- name: Write Maven settings
shell: bash
env:
MAVEN_SETTINGS: ${{ inputs.maven-settings }}
run: printf '%s\n' "$MAVEN_SETTINGS" > /tmp/maven-settings.xml
- name: Verify
if: ${{ inputs.phase == 'verify' }}
shell: bash
working-directory: ${{ inputs.service-dir }}
env:
VERIFY_GOALS: ${{ inputs.verify-goals }}
EXTRA_ARGS: ${{ inputs.extra-args }}
MAVEN_PROFILE: ${{ inputs.maven-profile }}
run: |
mvn --batch-mode $VERIFY_GOALS \
-s /tmp/maven-settings.xml \
-P "$MAVEN_PROFILE" \
$EXTRA_ARGS
- name: Deploy
id: deploy
if: ${{ inputs.phase == 'deploy' }}
shell: bash
working-directory: ${{ inputs.service-dir }}
env:
MAVEN_PROFILE: ${{ inputs.maven-profile }}
EXTRA_ARGS: ${{ inputs.extra-args }}
run: |
IMAGE_TAG="${FORGEJO_SHA}-$(date +%s)"
mvn --batch-mode clean package jib:build \
-DsendCredentialsOverHttp=true \
"-Djib.to.tags=$IMAGE_TAG" \
-P "$MAVEN_PROFILE" \
-s /tmp/maven-settings.xml \
$EXTRA_ARGS
echo "image-tag=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
- name: Remove Maven settings
if: always()
shell: bash
run: rm -f /tmp/maven-settings.xml
View git blame Copy permalink