Skip to content

Bump github/codeql-action from 3.25.15 to 3.26.0 #1615

Bump github/codeql-action from 3.25.15 to 3.26.0

Bump github/codeql-action from 3.25.15 to 3.26.0 #1615

Workflow file for this run

---
# Copyright 2016-present Thomas Leplus
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This workflow will build a Java project with Maven
# For more information see:
# https://help.github.com/actions/language-and-framework-guides
# /building-and-testing-java-with-maven
name: Maven
on:
push:
pull_request:
schedule:
- cron: '0 0 * * 0'
workflow_dispatch:
permissions:
# Read commit contents
contents: read
env:
MAVEN_OPTS: >
-Dhttps.protocols=TLSv1.2
-Dmaven.repo.local=.m2/repository
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN
-Dorg.slf4j.simpleLogger.showDateTime=true
-Djava.awt.headless=true
MAVEN_CLI_OPTS: >
--batch-mode
--errors
--fail-at-end
--show-version
-DinstallAtEnd=true
-DdeployAtEnd=true
jobs:
build:
if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-latest
strategy:
matrix:
java: [8, 11, 17, 21]
name: Java ${{ matrix.java }}
steps:
- name: Set REPOSITORY
run: echo "REPOSITORY=${GITHUB_REPOSITORY#*/}" >> "${GITHUB_ENV}"
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
distribution: temurin
java-version: ${{ matrix.java }}
gpg-private-key: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }}
gpg-passphrase: MAVEN_GPG_PASSPHRASE
- name: Build with Maven
env:
MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PASSPHRASE }}
run: |
if [ -z "${MAVEN_GPG_PASSPHRASE}" ]
then
# shellcheck disable=SC2086
./mvnw ${MAVEN_CLI_OPTS} -DdependencyCheck.skip=true -Dgpg.skip=true verify
else
# shellcheck disable=SC2086
./mvnw ${MAVEN_CLI_OPTS} -DdependencyCheck.skip=true verify
fi
- name: Publish site
env:
GITHUB_TOKEN: ${{ github.token }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
if: ${{ matrix.java == 8 && github.event_name == 'push' && github.ref == 'refs/heads/main' }}
run: |
git config --global user.email \
"${GITHUB_REPOSITORY_OWNER}@users.noreply.github.com"
git config --global user.name "${GITHUB_REPOSITORY_OWNER}"
ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
ssh-add - <<< "${{ secrets.GH_SSH_PRIVATE_KEY }}"
# shellcheck disable=SC2086
./mvnw ${MAVEN_CLI_OPTS} site site:stage scm-publish:publish-scm
- name: Upload artifacts
if: ${{ matrix.java == 8 }}
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
with:
name: ${{ env.REPOSITORY }}
path: target/
- name: Clean up
run: rm "${HOME}/.m2/settings.xml"