Skip to content

ci: update version after release #188

ci: update version after release

ci: update version after release #188

name: Run Build and Release Process
on:
push:
branches: [ main ]
repository_dispatch:
types: [ build ]
env:
build_latest: auto
jobs:
# code_quality:
# runs-on: ubuntu-latest
# steps:
# - name: 'Qodana Scan'
# uses: JetBrains/qodana-action@main
# env:
# QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
test:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: true
matrix:
mongodb-version: [ '4.4', '5.0', '6.0', '7.0' ]
os: [ ubuntu-latest ]
steps:
- name: Git Checkout
uses: actions/[email protected]
- name: Setup TimeZone
uses: szenius/[email protected]
with:
timezoneLinux: "Europe/Berlin"
timezoneMacos: "Europe/Berlin"
timezoneWindows: "W. Europe Standard Time"
- name: Set up JDK
uses: coursier/setup-action@v1
with:
jvm: graalvm-java17:22.3.3
apps: sbt scala scalac
- name: Start MongoDB ${{ matrix.mongodb-version }}
uses: MongoCamp/[email protected]
with:
mongodb-version: ${{ matrix.mongodb-version }}
mongodb-port: 4711
- name: Run tests
run: sbt test
release:
needs: test
runs-on: ubuntu-latest
steps:
- name: Git Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
token: ${{ secrets.GH_ADMIN_TOKEN }}
- id: install-secret-key
name: Install gpg secret key
run: cat <(echo -e "${{ secrets.PGP_SECRET_KEY }}") | gpg --batch --import
- name: Set up JDK
uses: coursier/setup-action@v1
with:
jvm: graalvm-java17:22.3.3
apps: sbt scala scalac
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Release
env:
CONVENTIONAL_GITHUB_RELEASER_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_USER: ${{ github.actor }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
PGP_PASSPHRASE: ${{ secrets.PGP_PASSWORD }}
PGP_SECRET: ${{ secrets.PGP_SECRET_KEY }}
run: |
docker login -u ${{ secrets.DOCKERHUB_USER }} -p ${{ secrets.DOCKERHUB_PASSWORD }}
git config --global user.email "[email protected]"
git config --global user.name "MongoCamp CI"
sbt ci-release
sync-readme:
needs: release
runs-on: ubuntu-latest
steps:
- name: Git Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
- name: Check out the repo
uses: meeDamian/[email protected]
with:
user: ${{ secrets.DOCKERHUB_USER }}
pass: ${{ secrets.DOCKERHUB_PASSWORD }}
slug: mongocamp/mongocamp-server
readme: README.md
description: true
vulnerability_scanner:
needs: release
runs-on: ubuntu-latest
steps:
- name: Run Trivy vulnerability scanner
if: ${{ env.build_latest == 'auto' }}
uses: aquasecurity/trivy-action@master
with:
image-ref: 'mongocamp/mongocamp-server:latest'
format: 'sarif'
output: 'trivy-results.sarif'
ignore-unfixed: true
- name: Upload Trivy scan results to GitHub Security tab
if: ${{ env.build_latest == 'auto' }}
uses: github/codeql-action/upload-sarif@main
with:
sarif_file: 'trivy-results.sarif'