Bump org.sonarsource.scanner.maven:sonar-maven-plugin from 4.0.0.4121 to 5.0.0.4389 #5358
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy | |
on: [push, pull_request] | |
jobs: | |
build: | |
name: Build and Test Images | |
runs-on: ubuntu-latest | |
# NOTE (DP): Publish on develop and master, test on PRs against these | |
# TODO(DP) Reinstate CRONed release builds to update stock apps regularly | |
if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master' || github.base_ref == 'develop' || github.base_ref == 'master' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: liberica | |
java-version: '17' | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: Make buildkit default | |
uses: docker/setup-buildx-action@v3 | |
id: buildx | |
with: | |
install: true | |
- name: Cache Maven packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: deploy-${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: deploy-${{ runner.os }}-maven | |
- name: Install bats | |
run: sudo apt-get install bats | |
# Hack around #5450 | |
- name: pull base image | |
run: | | |
docker pull --platform linux/amd64 --platform linux/arm64 gcr.io/distroless/java17-debian12:latest | |
- name: Build images | |
run: mvn -V -B -q -Pdocker -DskipTests -Ddependency-check.skip=true -P !mac-dmg-on-unix,!installer,!concurrency-stress-tests,!micro-benchmarks,skip-build-dist-archives clean package | |
- name: Check local images | |
run: docker image ls | |
- name: Check license headers | |
run: mvn license:check | |
working-directory: exist-docker | |
- name: Start exist-ci container | |
run: | | |
docker run -dit -p 8080:8080 --name exist-ci --rm existdb/existdb:latest | |
sleep 35s | |
- name: Run tests | |
run: bats --tap exist-docker/src/test/bats/*.bats | |
# NOTE (DP): When on master push release, when on develop push latest: Version is included automatically | |
# TODO (DP): Confirm that releases triggered from maven publish images with the non SNAPSHOT version | |
- name: Publish latest images | |
if: github.ref == 'refs/heads/develop' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
run: mvn -q -Ddocker.tag=latest -Ddocker.username=$DOCKER_USERNAME -Ddocker.password=$DOCKER_PASSWORD docker:build docker:push | |
working-directory: ./exist-docker | |
- name: Publish release images | |
if: github.ref == 'refs/heads/master' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
run: mvn -q -Ddocker.tag=release -Ddocker.username=$DOCKER_USERNAME -Ddocker.password=$DOCKER_PASSWORD docker:build docker:push | |
working-directory: ./exist-docker | |
# NOTE (DP): This is for debugging, publishes an experimental image from inside PRs against develop | |
# - name: Publish experimental images | |
# if: github.base_ref == 'develop' | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
# DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
# run: mvn -q -Ddocker.tag=experimental -Ddocker.username=$DOCKER_USERNAME -Ddocker.password=$DOCKER_PASSWORD docker:build docker:push | |
# working-directory: ./exist-docker | |