.github/workflows/build.yml

# This workflow will build a Java project with Maven including tests
# Also runs SonarQube analysis and deploys artifacts
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven

name: build

on:
  push:
    branches:
      - master
  pull_request:
    types: [ opened, synchronize, reopened ]

jobs:
  build-on-linux:
    runs-on: ubuntu-latest
    env:
      MAVEN_OPTS: >- # strip any newlines
        -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
        -Dorg.slf4j.simpleLogger.log.org.codehaus.mojo.license.model.LicenseRepository=warn
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Set up JDK 17
        uses: actions/setup-java@v2
        with:
          distribution: 'adopt'
          java-version: 17
          server-id: ossrh
          server-username: SONATYPE_USER
          server-password: SONATYPE_PASSWORD
          gpg-private-key: ${{ secrets.ARTIFACT_SIGNING_GPG_PRIVATE_KEY }}
          gpg-passphrase: ARTIFACT_SIGNING_GPG_PRIVATE_KEY_PASSPHRASE
      - name: Wait for previous workflows to complete
        uses: softprops/turnstyle@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Cache SonarCloud packages
        uses: actions/cache@v1
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Cache Maven packages
        uses: actions/cache@v2
        with:
          path: ~/.m2
          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-m2
      - name: Build & Analyze
        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      - name: Deploy
        if: github.ref == 'refs/heads/master'
        run: mvn -B deploy -Ddeploy -DskipTests
        env:
          SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
          ARTIFACT_SIGNING_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.ARTIFACT_SIGNING_GPG_PRIVATE_KEY_PASSPHRASE }}