Add GitHub Actions workflows and update SCM URLs

.github/workflows/ci.yml

@@ -0,0 +1,34 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - '**'
+  pull_request:
+    branches:
+      - '**'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: 'corretto'
+          cache: 'maven'
+
+      - name: Show Maven version
+        run: mvn --version
+
+      - name: Build and verify
+        run: mvn clean verify javadoc:jar --settings ./bin/settings.xml --fail-at-end
+
+      - name: Publish Test Report
+        if: success() || failure()
+        uses: ScalableCapital/action-surefire-report@v2

.github/workflows/gpg-sign.yml

@@ -0,0 +1,32 @@
+# Workflow to test/validate the GPG signing config used during release
+# Mostly a way to validate the config without trying to run a full release
+# (which burns version numbers)
+name: GPG Sign
+
+on:
+  workflow_dispatch:
+
+jobs:
+  sign-artifact:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: 'corretto'
+          cache: 'maven'
+
+      - name: Import GPG key
+        run: echo "${{ secrets.SIGNING_KEY }}" | base64 -d > /tmp/private.key
+
+      - name: Package and sign
+        run: mvn -B package gpg:sign -Dgpg.signer=bc -Dgpg.useagent=false -Dgpg.keyFilePath=/tmp/private.key -DskipTests
+
+      - name: Clean up GPG key
+        if: always()
+        run: rm -f /tmp/private.key

.github/workflows/release.yml

@@ -0,0 +1,68 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      releaseVersion:
+        description: 'Release version (e.g. 3.0.1)'
+        required: true
+      nextDevVersion:
+        description: 'Next development version (e.g. 3.0.2-SNAPSHOT)'
+        required: true
+
+jobs:
+  perform-release:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: write
+      id-token: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: 'corretto'
+          cache: 'maven'
+
+      - name: Configure Git user
+        run: |
+          git config user.email "${{ secrets.GH_EMAIL }}"
+          git config user.name "${{ secrets.GH_USERNAME }}"
+
+      - name: Show Maven version
+        run: mvn --version
+
+      - name: Get Artifact Publish Token
+        id: publish-token
+        uses: atlassian-labs/artifact-publish-token@v1.0.1
+        with:
+          output-modes: environment
+
+      - name: Import GPG key
+        run: echo "${{ secrets.SIGNING_KEY }}" | base64 -d > /tmp/private.key
+
+      - name: Prepare release
+        run: |
+          mvn -B release:prepare \
+            -DreleaseVersion=${{ github.event.inputs.releaseVersion }} \
+            -DdevelopmentVersion=${{ github.event.inputs.nextDevVersion }} \
+            -DscmCommentPrefix="[skip ci] " \
+            -Dusername=${{ secrets.GH_USERNAME }} \
+            -Dpassword=${{ secrets.GH_ACCESS_TOKEN }}
+
+      - name: Perform release
+        run: |
+          mvn -B release:perform \
+            -DscmCommentPrefix="[skip ci] " \
+            -Darguments="-Dgpg.signer=bc -Dgpg.useagent=false -Dgpg.keyFilePath=/tmp/private.key"
+
+      - name: Clean up GPG key
+        if: always()
+        run: rm -f /tmp/private.key

pom.xml

@@ -18,7 +18,7 @@
         Validation of request/responses against an OpenAPI / Swagger specification.
         Includes a standalone validator, as well as adapters for Pact and other mocking/http libraries.
     </description>
-    <url>https://bitbucket.org/atlassian/swagger-request-validator</url>
+    <url>https://github.com/atlassian/openapi-request-validator</url>
     <inceptionYear>2016</inceptionYear>
     <licenses>
         <license>
@@ -29,15 +29,14 @@
         </license>
     </licenses>
     <issueManagement>
-        <system>Bitbucket</system>
-        <url>https://bitbucket.org/atlassian/swagger-request-validator/issues</url>
+        <system>GitHub</system>
+        <url>https://github.com/atlassian/openapi-request-validator/issues</url>
     </issueManagement>
     <scm>
-        <connection>scm:git:ssh://git@bitbucket.org/atlassian/swagger-request-validator.git</connection>
-        <developerConnection>scm:git:ssh://git@bitbucket.org/atlassian/swagger-request-validator.git
-        </developerConnection>
+        <connection>scm:git:https://github.com/atlassian/openapi-request-validator.git</connection>
+        <developerConnection>scm:git:https://github.com/atlassian/openapi-request-validator.git</developerConnection>
         <tag>openapi-request-validator-3.0.0</tag>
-        <url>https://bitbucket.org/atlassian/swagger-request-validator</url>
+        <url>https://github.com/atlassian/openapi-request-validator</url>
     </scm>
 
     <developers>