-
-
Notifications
You must be signed in to change notification settings - Fork 4
139 lines (129 loc) · 5.36 KB
/
build_and_release_github.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Build and deploy releases to GitHub
on:
push:
tags:
- '*'
jobs:
createrelease:
name: createrelease
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
steps:
- name: Check out code
uses: actions/checkout@v2
- name: create release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }}
draft: true
prerelease: false
- name: Output Release URL File
run: echo "${{ steps.create_release.outputs.upload_url }}" > release_url.txt
- name: Save Release URL file for publish
uses: actions/upload-artifact@v2
with:
name: release_url
path: release_url.txt
- uses: little-core-labs/get-git-tag@v3.0.1
id: tagName
- name: Output git tag
run: echo "${{ steps.tagName.outputs.tag }}" > git_tag.txt
- name: Save git tag file for publish
uses: actions/upload-artifact@v2
with:
name: git_tag
path: git_tag.txt
build_and_upload:
needs: createrelease
name: build_and_upload
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: Set up GPG
run: |
echo "$GPG_PRIVATE_KEY" | gpg --batch --import
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Build with Maven
run: mvn -B -Psign -Dgpg.passphrase=${GPG_PASSPHRASE} -Dtest=org.purejava.integrations.keychain.KeePassXCAccessTest install --file pom.xml
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Load Release URL File from release job
uses: actions/download-artifact@v1
with:
name: release_url
- name: Get Release File Name & Upload URL
id: get_release_info
run: |
value=`cat release_url/release_url.txt`
echo ::set-output name=upload_url::$value
- name: Load git tag from release job
uses: actions/download-artifact@v1
with:
name: git_tag
- name: Get git tag info
id: get_tag_info
run: |
value=`cat git_tag/git_tag.txt`
echo ::set-output name=git_tag::$value
- name: Sign uber jar with key 5BFB2076ABC48776
run: |
echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 5BFB2076ABC48776 --detach-sign ./target/keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.jar
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Sign source tarball with key 5BFB2076ABC48776
if: startsWith(github.ref, 'refs/tags/')
run: |
git archive --prefix="keepassxc-cryptomator-${{ github.ref_name }}/" -o "keepassxc-cryptomator-${{ github.ref_name }}.tar.gz" ${{ github.ref }}
echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 5BFB2076ABC48776 --detach-sign keepassxc-cryptomator-*.tar.gz
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Upload uber jar
id: upload-release-asset
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_info.outputs.upload_url }}
asset_path: ./target/keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.jar
asset_name: keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.jar
asset_content_type: application/java-archive
- name: Upload signature file for uber jar
id: upload-signature-file-for-uber-jar
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_info.outputs.upload_url }}
asset_path: ./target/keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.jar.sig
asset_name: keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.jar.sig
asset_content_type: application/pgp-signature
- name: Upload tarball
id: upload-release-asset-2
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_info.outputs.upload_url }}
asset_path: ./keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.tar.gz
asset_name: keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.tar.gz
asset_content_type: application/tar+gzip
- name: Upload signature file for source tarball
id: upload-signature-file-for-source-tarball
uses: actions/upload-release-asset@v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.get_release_info.outputs.upload_url }}
asset_path: ./keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.tar.gz.sig
asset_name: keepassxc-cryptomator-${{ steps.get_tag_info.outputs.git_tag }}.tar.gz.sig
asset_content_type: application/pgp-signature