.github/workflows/maven.yml

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

name: Java CI with Maven

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  build:
    name: Build
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
        java-version: [ 17 ]
        os: [ "ubuntu-latest" ]

    steps:
      # 检出代码
      - name: Checkout repository
        uses: actions/checkout@v3

      # 设置JDK版本
      - name: Set up JDK ${{ matrix.java-version }}
        uses: actions/setup-java@v3
        with:
          java-version: ${{ matrix.java-version }}
          distribution: 'temurin'

      - name: Cache modules
        uses: actions/cache@v3
        id: cache-modules
        with:
          path: |
            ~/.m2/repository
            ~/.npm
            $GITHUB_WORKSPACE/passport-ui/node/
            $GITHUB_WORKSPACE/passport-ui/node_modules/
            $GITHUB_WORKSPACE/ui/node/
            $GITHUB_WORKSPACE/ui/node_modules/
          key: ${{ matrix.os }}-${{ hashFiles('pom.xml', '**/pom.xml', '**/**/pom.xml', '**/package.json') }}
          restore-keys: |
            ${{ matrix.os }}-

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: CI ENV
        id: date
        # bash, sh, cmd, powershell, pwsh
        # shell 类型必须为 sh，否则：
        # $GITHUB_ENV：仅支持 ubuntu、macos
        # $env:GITHUB_ENV：仅支持 windows
        shell: sh
        run: |
          env
          echo $GITHUB_RUN_ID
          echo $GITHUB_JOB-${{ matrix.java-version }}
          echo "CI_PIPELINE_ID=$GITHUB_RUN_ID" >> $GITHUB_ENV
          echo "CI_JOB_ID=$GITHUB_JOB-${{ matrix.java-version }}" >> $GITHUB_ENV

      - name: Build with Maven
        run: |
          mvn clean -e -U package source:jar javadoc:jar install -DskipTests
          sed -i 's@registry\.jihulab\.com/xuxiaowei-cloud/xuxiaowei-cloud-next/alibabadragonwell/dragonwell@docker.io/alibabadragonwell/dragonwell@g' ./**/Dockerfile ./**/**/Dockerfile
          sed -i 's@registry\.jihulab\.com/xuxiaowei-cloud/xuxiaowei-cloud-next/nginx@docker.io/library/nginx@g' ./**/Dockerfile
          mvn -pl admin-server docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl gateway docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl passport docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/canal docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/file docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/master-data docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/user docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/webservice docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/websocket docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/wechat-miniprogram docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl resource-services-parent/wechat-offiaccount docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl ui docker:build -Ddocker.host=unix:///var/run/docker.sock
          mvn -pl xxl-job-admin docker:build -Ddocker.host=unix:///var/run/docker.sock
          docker images
          rm -rf /home/runner/.m2/repository/cloud/xuxiaowei
          rm -rf /home/runner/.m2/repository/cn/com/xuxiaowei


  # https://docs.github.com/zh/enterprise-cloud@latest/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
  dependabot:
    name: Dependabot
    # 需要所有 build 完成后，才运行
    needs: build
    runs-on: ${{ matrix.os }}
    permissions:
      # 可以修改仓库中的文件内容
      contents: write
      # # 可以新建或修改 Pull Request
      pull-requests: write
    # 依赖机器人 && 仅PR
    if: ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request' }}

    strategy:
      matrix:
        os: [ "ubuntu-latest" ]

    steps:
      # 检出代码
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # 获取所有的代码历史记录，包括分支和标签
          fetch-depth: 0

      - name: Dependabot metadata
        id: metadata
        uses: dependabot/fetch-metadata@v1
        with:
          github-token: "${{ secrets.GITHUB_TOKEN }}"

      - name: echo
        run: |
          echo ${{ github.event.pull_request.html_url }}
          echo ${{ steps.metadata.outputs.dependency-names }}
          echo ${{ steps.metadata.outputs.update-type }}
          echo ${{ 'version-update:semver-patch' }}

      - name: Enable auto-merge for Dependabot PRs
        # if: ${{contains(steps.metadata.outputs.dependency-names, 'my-dependency') && steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
        run: gh pr merge --auto --merge "$PR_URL"
        env:
          PR_URL: ${{ github.event.pull_request.html_url }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      # 将 main 分支代码同步到 极狐GitLab
      - name: Sync JihuLab
        run: |
          git config --global user.email "xuxiaowei@xuxiaowei.com.cn"
          git config --global user.name "徐晓伟"
          # 设置 SSH 秘钥
          mkdir -p ~/.ssh
          echo "${{ secrets.JIHULAB_ID_RSA }}" >> ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          eval $(ssh-agent -s) && ssh-add ~/.ssh/id_rsa
          # 信任域名
          ssh-keyscan -H jihulab.com >> ~/.ssh/known_hosts
          # 切换 main 分支
          git checkout main
          # 拉取 main 分支
          git pull origin main
          # 查看远端 极狐GitLab
          echo git@jihulab.com:$GITHUB_REPOSITORY.git
          # 添加远端 极狐GitLab
          git remote add jihulab git@jihulab.com:$GITHUB_REPOSITORY.git
          # 拉取 main 分支
          git pull --progress -v --no-rebase jihulab main
          # 推送 main 分支
          git push --progress jihulab main:main

  sync:
    name: Sync
    # 需要所有 build 完成后，才运行
    needs: build
    # 仅在推送代码时执行
    if: github.event_name == 'push'
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
        os: [ "ubuntu-latest" ]

    steps:
      # 检出代码
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # 获取所有的代码历史记录，包括分支和标签
          fetch-depth: 0

      # 将代码同步到 极狐GitLab
      - name: Sync JihuLab
        run: |
          git config --global user.email "xuxiaowei@xuxiaowei.com.cn"
          git config --global user.name "徐晓伟"
          # 设置 SSH 秘钥
          mkdir -p ~/.ssh
          echo "${{ secrets.JIHULAB_ID_RSA }}" >> ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          eval $(ssh-agent -s) && ssh-add ~/.ssh/id_rsa
          # 信任域名
          ssh-keyscan -H jihulab.com >> ~/.ssh/known_hosts
          # 查看当前分支
          echo 当前分支：$GITHUB_REF_NAME
          # 查看远端 极狐GitLab
          echo git@jihulab.com:$GITHUB_REPOSITORY.git
          # 添加远端 极狐GitLab
          git remote add jihulab git@jihulab.com:$GITHUB_REPOSITORY.git
          # 拉取
          git pull --progress -v --no-rebase jihulab $GITHUB_REF_NAME
          # 推送当前分支
          git push --progress jihulab $GITHUB_REF_NAME:$GITHUB_REF_NAME