chore: Change version to v2.2.3 (#859) #28

Workflow file for this run

.github/workflows/publish-release.yml at d9a2138

	name: Create Release & Upload Asset

	on:
	push:
	tags:
	- "v*"

	permissions:
	contents: read

	jobs:
	# Build LPVS
	build:
	runs-on: ubuntu-latest
	name: Build LPVS
	outputs:
	artifacts: ${{ steps.build.outputs.artifacts }}
	hashes: ${{ steps.hash.outputs.hashes }}
	version: ${{ steps.lpvs_version.outputs.version }}

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit

	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

	- name: Set up JDK 17
	uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
	with:
	java-version: '17'
	distribution: 'temurin'
	cache: maven

	- name: Build using maven
	id: build
	run: \|
	# Your normal build workflow targets here
	# mvn clean package
	mvn -B package --file pom.xml

	# Save the location of the maven output files for easier reference
	ARTIFACT_PATTERN=./target/$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)-$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)*.jar
	echo "artifact_pattern=$ARTIFACT_PATTERN" >> "$GITHUB_OUTPUT"

	- name: Generate subject
	id: hash
	run: \|
	echo "hashes=$(sha256sum ${{ steps.build.outputs.artifact_pattern }} \| base64 -w0)" >> "$GITHUB_OUTPUT"

	- name: Get LPVS version
	id: lpvs_version
	run: \|
	VERSION=${{ github.ref_name }}
	echo "version=lpvs-${VERSION:1}.jar" >> "$GITHUB_OUTPUT"

	- name: Upload build artifacts
	uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
	with:
	name: ${{ steps.lpvs_version.outputs.version }}
	path: ./target/${{ steps.lpvs_version.outputs.version }}
	if-no-files-found: error

	# Create Release
	create-release:
	permissions:
	contents: write # for marvinpinto/action-automatic-releases to generate pre-release
	needs: [build]
	name: Create Release
	runs-on: "ubuntu-latest"

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit

	- uses: marvinpinto/action-automatic-releases@d68defdd11f9dcc7f52f35c1b7c236ee7513bcc1 # latest
	with:
	repo_token: "${{ secrets.GITHUB_TOKEN }}"
	prerelease: false
	title: "LPVS ${{ github.ref_name }}"

	# Generate Provenance
	provenance:
	needs: [build, create-release]
	name: Generate Provenance
	permissions:
	actions: read # To read the workflow path.
	id-token: write # To sign the provenance.
	contents: write # To add assets to a release.
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
	with:
	base64-subjects: "${{ needs.build.outputs.hashes }}"
	upload-assets: true # Optional: Upload to a new release

	# Upload Assets
	release:
	permissions:
	contents: write # for softprops/action-gh-release to create GitHub release
	needs: [build, create-release, provenance]
	name: Upload Assets
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/')
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit

	- name: Download ${{ needs.build.outputs.version }}
	uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
	with:
	name: ${{ needs.build.outputs.version }}

	- name: Upload assets
	uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
	with:
	files: \|
	${{ needs.build.outputs.version }}

	# Publish package to GitHub Packages
	publish_package:
	name: Publish package to GitHub Packages
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	- name: Set up JDK 17
	uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
	with:
	java-version: '17'
	distribution: 'temurin'
	- name: Publish package
	run: mvn --batch-mode deploy
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# Publish Docker Image to ghcr.io
	publish_docker_image:
	name: Publish Docker Image to ghcr.io
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit

	- name: Check out the repo
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

	- name: Log in to the Container registry
	uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata (tags, labels) for Docker
	id: meta
	uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
	with:
	images: ghcr.io/${{ github.repository }}

	- name: Build and push Docker image
	uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
	with:
	context: .
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: Change version to v2.2.3 (#859) #28

Workflow file

chore: Change version to v2.2.3 (#859) #28

Uh oh!

Workflow file for this run