From dd962e388e0af147352203b89f414b387c8f41bd Mon Sep 17 00:00:00 2001 From: James Navin Date: Thu, 14 May 2026 18:03:16 +1000 Subject: [PATCH 1/3] Add GitHub Actions workflows and update SCM URLs - Add CI workflow: runs mvn verify on push to all branches - Add Release workflow: manual workflow_dispatch with GPG signing and Artifactory publish via OIDC - Update SCM, URL, and issue management in pom.xml to point to GitHub --- .github/workflows/ci.yml | 30 ++++++++++++++++ .github/workflows/release.yml | 68 +++++++++++++++++++++++++++++++++++ pom.xml | 13 ++++--- 3 files changed, 104 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..3eba1e78 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,30 @@ +name: CI + +on: + push: + branches: + - '**' + pull_request: + branches: + - '**' + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'corretto' + cache: 'maven' + + - name: Show Maven version + run: mvn --version + + - name: Build and verify + run: mvn clean verify javadoc:jar --settings ./bin/settings.xml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..6cddeabb --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,68 @@ +name: Release + +on: + workflow_dispatch: + inputs: + releaseVersion: + description: 'Release version (e.g. 3.0.1)' + required: true + nextDevVersion: + description: 'Next development version (e.g. 3.0.2-SNAPSHOT)' + required: true + +jobs: + perform-release: + runs-on: ubuntu-latest + + permissions: + contents: write + id-token: write + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'corretto' + cache: 'maven' + + - name: Configure Git user + run: | + git config user.email "${{ secrets.GH_EMAIL }}" + git config user.name "${{ secrets.GH_USERNAME }}" + + - name: Show Maven version + run: mvn --version + + - name: Get Artifact Publish Token + id: publish-token + uses: atlassian-labs/artifact-publish-token@v1.0.1 + with: + output-modes: environment + + - name: Import GPG key + run: echo "${{ secrets.SIGNING_KEY }}" | base64 -d > /tmp/private.key + + - name: Prepare release + run: | + mvn -B release:prepare \ + -DreleaseVersion=${{ github.event.inputs.releaseVersion }} \ + -DdevelopmentVersion=${{ github.event.inputs.nextDevVersion }} \ + -DscmCommentPrefix="[skip ci] " \ + -Dusername=${{ secrets.GH_USERNAME }} \ + -Dpassword=${{ secrets.GH_ACCESS_TOKEN }} + + - name: Perform release + run: | + mvn -B release:perform \ + -DscmCommentPrefix="[skip ci] " \ + -Darguments="-Dgpg.signer=bc -Dgpg.useagent=false -Dgpg.keyFilePath=/tmp/private.key" + + - name: Clean up GPG key + if: always() + run: rm -f /tmp/private.key diff --git a/pom.xml b/pom.xml index c071f381..481987ae 100644 --- a/pom.xml +++ b/pom.xml @@ -18,7 +18,7 @@ Validation of request/responses against an OpenAPI / Swagger specification. Includes a standalone validator, as well as adapters for Pact and other mocking/http libraries. - https://bitbucket.org/atlassian/swagger-request-validator + https://github.com/atlassian/openapi-request-validator 2016 @@ -29,15 +29,14 @@ - Bitbucket - https://bitbucket.org/atlassian/swagger-request-validator/issues + GitHub + https://github.com/atlassian/openapi-request-validator/issues - scm:git:ssh://git@bitbucket.org/atlassian/swagger-request-validator.git - scm:git:ssh://git@bitbucket.org/atlassian/swagger-request-validator.git - + scm:git:https://github.com/atlassian/openapi-request-validator.git + scm:git:https://github.com/atlassian/openapi-request-validator.git openapi-request-validator-3.0.0 - https://bitbucket.org/atlassian/swagger-request-validator + https://github.com/atlassian/openapi-request-validator From 87e7758590f78bb8465ab7058244e6d5cbb64c23 Mon Sep 17 00:00:00 2001 From: James Navin Date: Thu, 14 May 2026 18:25:37 +1000 Subject: [PATCH 2/3] Add test reporting action --- .github/workflows/ci.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3eba1e78..1f6ff996 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,4 +27,8 @@ jobs: run: mvn --version - name: Build and verify - run: mvn clean verify javadoc:jar --settings ./bin/settings.xml + run: mvn clean verify javadoc:jar --settings ./bin/settings.xml --fail-at-end + + - name: Publish Test Report + if: success() || failure() + uses: ScalableCapital/action-surefire-report@v2 From 1c6a5edfb06612e26a25eb8abf221635a95636fe Mon Sep 17 00:00:00 2001 From: James Navin Date: Fri, 15 May 2026 09:18:51 +1000 Subject: [PATCH 3/3] Add a workflow to test the GPG signing config --- .github/workflows/gpg-sign.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/gpg-sign.yml diff --git a/.github/workflows/gpg-sign.yml b/.github/workflows/gpg-sign.yml new file mode 100644 index 00000000..2ed8d074 --- /dev/null +++ b/.github/workflows/gpg-sign.yml @@ -0,0 +1,32 @@ +# Workflow to test/validate the GPG signing config used during release +# Mostly a way to validate the config without trying to run a full release +# (which burns version numbers) +name: GPG Sign + +on: + workflow_dispatch: + +jobs: + sign-artifact: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'corretto' + cache: 'maven' + + - name: Import GPG key + run: echo "${{ secrets.SIGNING_KEY }}" | base64 -d > /tmp/private.key + + - name: Package and sign + run: mvn -B package gpg:sign -Dgpg.signer=bc -Dgpg.useagent=false -Dgpg.keyFilePath=/tmp/private.key -DskipTests + + - name: Clean up GPG key + if: always() + run: rm -f /tmp/private.key