开源软件名称（OpenSource Name）：

开源软件地址(OpenSource Url)：

开源编程语言(OpenSource Language)：

开源软件介绍(OpenSource Introduction)：

github action maven release

The GitHub Action for Maven releases wraps the Maven CLI to enable Maven release. For example, you can use this action for auto-incrementing your project version and release your java artifacts.

This github action is bot friendly: You can configure the credentials of a bot user, which would be used during the incremental commit. The commits by the bot can also be signed, giving you the guaranty that only the bot can release in your repo. Additionally, this give you a clean git history by highlighting nicely which commits where resulting from your CI.

Supporting this github action

Support this github action by staring this project. Surprisingly, it seems to be the only way for the github market place to highlight popular github actions.

Sample repository

We created a sample repository that will show you an example of how this github action can be used for releasing a Java application: https://github.com/qcastel/github-actions-maven-release-sample

Features

Obviously, this github actions uses maven release plugin. Although, we did add on top a few features that you may like.

Maven release uses Git behind it, therefore there were a few features related in customising the git configuration:

• Signing the commits (GPG) resulting from the maven release [GPG]
• Authenticating to private repository using an SSH key [SSH]
• Configuring the git username and email [Bot]
• Configuring the jdk version [JDK]

You may want to configure a bit maven too. We added the following features:

• Specify the maven project path. In other words, if your maven project is not at the root of your repo, you can configure a sub path. [Custom project path]
• Configure private maven server repositories [Private maven repo]
• Configure a docker registry [Docker registry]
• Setup custom maven arguments and/or options to be used when calling maven commands [Maven options]
• Configure a custom M2 folder [Custom M2]
• Print the timestamp for every maven logs. Handy for troubleshooting performance issues in your CI. [Log timestamp]

For the maven releases, we got also some dedicated functionalities:

• Skip the maven perform [Skip perform]
• Roll back the maven perform if it failed to perform the release
• Increment the major or minor version (by default, it's the patch version that is increased) [Major Minor version]
• customise the version format completly [Customize version]

Usage

Setup your pom.xml for maven release

Before you even begin setting up this github action, you would need to set up your pom.xml first to be ready for maven releases. We recommend you to refer to the maven release plugin documentation for more details: https://maven.apache.org/maven-release/maven-release-plugin/

Nevertheless, we will give you some essential setups

Configure the SCM

You got two choices here:

• Using SSH URL (Recommended)

    <scm>
        <connection>scm:git:${project.scm.url}</connection>
        <developerConnection>scm:git:${project.scm.url}</developerConnection>
        <url>[email protected]:idhub-io/idhub-api.git</url>
        <tag>HEAD</tag>
    </scm>

• Using HTTPS URL

	<scm>
        <connection>scm:git:${project.scm.url}</connection>
        <developerConnection>scm:git:${project.scm.url}</developerConnection>
		<url>https://github.com/YOUR_REPO.git</url>
		<tag>HEAD</tag>
	</scm>

In the case of SSH, it will use the ssh-private-key to authenticate with the upstream. In the case of HTTPS, maven releases will use the access-token in this github actions to authenticate with the upstream.

Note: SSH is more elegant and usually the easiest one to setup due to the large amount of documents online on this subject.

maven release plugin

Add the maven release plugin dependency to your project

    <plugin>
        <artifactId>maven-release-plugin</artifactId>
        <version>XXX</version>
        <configuration>
            <scmCommentPrefix>[ci skip]</scmCommentPrefix>
        </configuration>
    </plugin>

Personally, I usually the prefix [ci skip] which allows me to skip more easily any commits generated by the bot from the CI.

Setup the maven release github actions

Choose your version of this github action

If it's your first time using a github action, I invite you having a quick read to the github official recommendations: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions

It's important you understand how the versioning work and the risk/compromise of using master/tags/commit hash

If you are adventurous and like to be always on top of this github action, you can use the reference master :

 - name: Release
      uses: qcastel/github-actions-maven-release@master
      with:

If you are more reserve, you can use a tag instead. You can find the list of the tags for this github action here:

https://github.com/qcastel/github-actions-maven-release/tags

To use a tag:

 - name: Release
      uses: qcastel/github-actions-maven-release@TAG_NAME
      with:

If you are concerned about the security of this github action, you can also move to a commit hash:

 - name: Release
      uses: qcastel/github-actions-maven-release@COMMIT_HASH
      with:

Basic setup

For a simple repo with not much protection and private dependency, you can do:

      env:
       JAVA_HOME: /usr/lib/jvm/java-17-openjdk/
      with:
       ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

You will need to follow the Setup with SSH section to setup the SSH_PRIVATE_KEY accordingly.

Setup with SSH

Although you may found better to use a SSH key instead. For this, generate an SSH key with the method of your choice, or use an existing one. Personally, I like generating an SSH inside a temporary docker image and configure it as a deploy key in my repository:

docker run -it qcastel/maven-release:latest  bash

ssh-keygen -b 2048 -t rsa -f /tmp/sshkey -q -N ""
export SSH_PRIVATE_KEY=$(base64 /tmp/sshkey)
export SSH_PUBLIC_KEY=$(cat /tmp/sshkey.pub)
echo -n "Copy the following SSH private key and add it to your repo secrets under the name 'SSH_PRIVATE_KEY':"
echo $SSH_PRIVATE_KEY
echo "Copy the encoded SSH public key and add it as one of your repo deploy keys with write access:"
echo $SSH_PUBLIC_KEY

exit 

Copy SSH_PRIVATE_KEY and add it as a new secret.

Copy SSH_PUBLIC_KEY and add it as a new deployment key with write access.

Finally, setup the github action with:

        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

If you want to set up a passphrase for your key:

        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
          ssh-passphrase: ${{ secrets.SSH_PASSPHRASE }}

SSH known hosts

The current github actions support by default the following known hosts:

• github.com
• gitlab.com
• bitbucket.org

Although you may want to additional one, using the following properties:

        with:
          ssh-extra-known-host: "my-awesome-private-git-host.com"

log Timestamp

It can be quite difficult to troubleshoot any performance issue on your CI, due to the lack of timestamp from maven by default. An example of it particular handy, is when you private maven repository is having performance issue that is affecting your CI.

We added the timestamp by default, you don't need to do anything particular to enable this feature.

The logs should look like:

14:27:09,491 [INFO] Downloading from spring-snapshots: https://repo.spring.io/snapshot/io/projectreactor/reactor-bom/Dysprosium-SR13/reactor-bom-Dysprosium-SR13.pom

Maven options

Adding maven arguments

You can add some maven arguments, which is handy for skipping tests:

        with:
            maven-args: "-Dmaven.javadoc.skip=true -DskipTests -DskipITs -Ddockerfile.skip -DdockerCompose.skip"

Adding maven options

You can add some maven options. At the difference of the maven arguments, those one are explicitly for the maven release plugin. See https://maven.apache.org/maven-release/maven-release-plugin/prepare-mojo.html.

        with:
            maven-options: "-DbranchName=hotfix"

JDK version

The default JDK version is JDK 17. Although you may want to compile your project with a specific JDK version. You will need to specify the JAVA_HOME variable with the according value. If you need a specific jdk version that is not in the list, please raise an issue in this github action to request it.

JDK 8

env:
 JAVA_HOME: /usr/lib/jvm/java-1.8-openjdk/

JDK 11

env:
 JAVA_HOME: /usr/lib/jvm/java-11-openjdk/

JDK 14

env:
 JAVA_HOME: /usr/lib/jvm/java-14-openjdk/

JDK 15

env:
 JAVA_HOME: /usr/lib/jvm/java-15-openjdk/

JDK 16

env:
 JAVA_HOME: /usr/lib/jvm/java-16-openjdk/

JDK 17

env:
 JAVA_HOME: /usr/lib/jvm/java-17-openjdk/

Customise the bot name

You can simply customise the bot name as follows:

        with:
            git-release-bot-name: "release-bot"
            git-release-bot-email: "[email protected]"

Customise the default branch

You may not want to release from your master branch, which is currently the default branch setup by this github action. You can customise the branch name you want to release on, here release, as follows:

        with:
            release-branch-name: "release"

Skipping perform

If for a reason, you need to skip the maven release perfom, you can disable it as follow:

        with:
            skip-perform: true

Increase major, minor or patch version

For major version increment

1.0.0-SNAPSHOT -> 2.0.0-SNAPSHOT

        with:
            version-major: true

For minor version increment

1.0.0-SNAPSHOT -> 1.2.0-SNAPSHOT

        with:
            version-minor: true

For patch version increment

As the patch version is the default version number increased, you don't need to specify any additional properties.

Although if you prefer to be explicit, you can use the following option:

1.0.0-SNAPSHOT -> 1.0.1-SNAPSHOT

        with:
            version-patch: true

Customize version

development version

You may want to fully customize the development version number. This option will allow you to fully take control on the version number format.

For Example, you could decide to only have a 2 part version number like 0.2-SNAPSHOT.

        with:
            maven-development-version-number: ${parsedVersion.majorVersion}.\${parsedVersion.nextMinorVersion}-SNAPSHOT

Release version

You may want to fully customize the release version number. This option will allow you to fully take control on the version number format.

For Example, you could decide to only have a trailing 0 for releases like 0.2.0.

        with:
            maven-release-version-number: ${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.0

Customise the M2 folder path

It's quite common for setting up a caching of your dependencies, that you will be interested to customise the .m2 localisation folder.

        with:
            m2-home-folder: '/your-custom-path/.m2'

Setup a GPG key

If you want to set up a GPG key, you can do it by injecting your key via the secrets:

Note: GITHUB_GPG_KEY needs to be base64 encoded. if you haven't setup a GPG key yet, see next section.

      with:
        gpg-enabled: "true"
        gpg-key-id: ${{ secrets.GITHUB_GPG_KEY_ID }}
        gpg-key: ${{ secrets.GITHUB_GPG_KEY }}

In case you want to skip the GPG step, you can set gpg-enabled: "false" or if you prefer to have the same behaviour in your IDE, add this maven plugin in your pom.xml to skip GPG step in the release phase:

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-gpg-plugin</artifactId>
    <version>1.6</version>
    <configuration>
        <skip>true</skip>
    </configuration>
</plugin>

Setup private maven server repositories

If you got a private maven repo to set up in the settings.xml, you can do: Note: we recommend putting those values in your repo secrets.

      with:
        maven-servers: ${{ secrets.MVN_REPO_SERVERS }}

Github actions currently don't support arrays input format. This is why we choose to request the secret MVN_REPO_SERVERS to be a JSON containing the servers definition. Example:

[
  {
    "id": "serverId1",
    "username": "username",
    "password": "password1",
    "privateKey": "privatekey1",
    "passphrase": "passphrase1"
  },
  {
    "id": "serverId2",
    "username": "username2",
    "password": "password2"
  }
]

You will need to put the JSON in one line:

MVN_REPO_SERVERS='[{"id": "serverId1", "username": "username", "password": "password1", "privateKey": "privatekey1", "passphrase": "passphrase1"}, {"id": "serverId2", "username": "username2", "password": "password2"}]'

Setup a docker registry

If you got a private maven repo to set up in the settings.xml, you can do: Note: we recommend putting those values in your repo secrets.

      with:
        docker-registry-id: your-docker-registry-id
        docker-registry-username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
        docker-registry-password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}

Note: For docker hub, this would look like:

      with:
        docker-registry-id: registry.hub.docker.com
        docker-registry-username: ${{ secrets.DOCKER_HUB_USERNAME }}
        docker-registry-password: ${{ secrets.DOCKER_HUB_PASSWORD }}

Configure your maven project

You may also be in the case where you got more than one maven projects inside the repo. We added an option that will make the release job move to the according directly before running the release:

    with:
        maven-project-folder: "sub-folder/"

Setup the bot gpg key

Setting up a gpg key for your bot is a good security feature. This way, you can enforce sign commits in your repo, even for your release bot.

• Create dedicate github account for your bot and add him into your team for your git repo.
• Create a new GPG key: https://help.github.com/en/github/authenticating-to-github/generating-a-new-gpg-key

This github action needs the key ID and the key base64 encoded.

        with:
            gpg-enabled: true
            gpg-key-id: ${{ secrets.GPG_KEY_ID }}
            gpg-key: ${{ secrets.GPG_KEY }}

If you want to set up a passphrase:

        with:
            gpg-enabled: true
            gpg-key-id: ${{ secrets.GPG_KEY_ID }}
            gpg-key: ${{ secrets.GPG_KEY }}
            gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} 

Generate the key

f you like how we created a SSH key pair, here is the same idea using a docker image to generate a GPG key:

docker run -it qcastel/maven-release:latest  bash

cat >genkey-batch <<EOF
 %no-protection
 Key-Type: default
 Subkey-Type: default
 Name-Real: bot
 Name-Email: [email protected]
 Expire-Date: 0
EOF
gpg --batch --gen-key genkey-batch

Note: Don't exit the docker container as we are not done yet.

Get the KID

You can get the key ID doing the following:

鲜花

握手

雷人

路过

鸡蛋

专题导读

More+

10-27 六六分期app的软件客服如何联系？(六六分期
11-06 可心卡盟:win10系统火狐flash插件崩溃怎么
11-06 亲亲特价:怎么删除回收站图标
11-06 济南大学虚拟社区:鲁大师节能降温的具体办
11-06 xlueops.exe:无线网络安装向导
11-06 女斗合众国:win7系统cf与主机连接不稳定怎
11-06 0xc000022-[cf烟雾头]cf怎么调烟雾头
11-06 qizideyouhuo:应用程序无法正常启动0xc0000
11-06 ipz-185:win7系统vcf文件怎么打开
11-06 傻哥蹦迪:win10系统s4怎么打开usb调试
11-06 八神浩树gtaste:回收站清空了怎么恢复
11-06 妖尾之黑色守护:win10系统电脑没有1440x900
11-06 校园至尊魔王小说:win7系统浏览网页时字体
11-06 女斗合众国:win10系统访问共享文件夹提示请
11-06 tokyo hot n0654:恢复win7系统默认字体一招
11-06 雨酷仙境:设置win7系统转移临时文件夹腾出
11-06 阿穆纳伊之杖:win7系统开始菜单在右边还原
11-06 tunespotting:win10系统火狐flash插件总是
11-06 甘尔葛分析师：计谋网站seo关键词暴涨有什
11-06 蔡贵霖: 计谋网站seo关键词暴涨有什么秘密
11-06 博益网首页:ao3网页版进入不了解决方法
11-06 漏斗子专栏: 网站数据分析小白易懂精华篇
11-06 见证双虹怎么做:win7系统开启telnet命令的
11-06 颾狐蝶蜋:系统资源不足无法完成请求的服务
11-06 国光中学校歌:提交网站到alexa查询详细步骤
11-06 西安有情天:静态网页和动态网页的区别
11-06 红木雅尚斋:外部链接构造对网站的好处
11-06 前官礼遇：防止域名劫持–增强域安全性的10
11-06 密传二转答案: 中文分词算法有哪些
11-06 金泉家园邮编:百度快照劫持的表现及应对方

上一篇：

joinfaces/joinfaces-maven-war-example: JoinFaces Maven War Example发布时间：2022-08-17

下一篇：

bazaarvoice/s3-upload-maven-plugin: Allows you to upload a file to S3 from maven发布时间：2022-08-17

热门推荐

More+

• 

  MATLAB中的FOR循环问题

• 

  solegalli/feature-selection-for-machine-

• 

  【转】delphi程序只允许运行一个实例的三种

• 

  tianli/matlab_offscreen: Matlab offscree

• 

  win7系统重装系统初始设置的操作方法

热门话题

More+

2022-11-06
剪的笔顺,诠释剪的笔画,认识剪的部首

六六分期app的软件客服如何联系？(六六分期
2023-10-27

florent37/ViewAnimator: A fluent Android
2022-08-15

florent37/Shrine-MaterialDesign2: implem
2022-08-17

CVE-2020-36276
2022-09-23

SimpleSoftwareIO/simple-sms: Send and re
2022-08-13

阅读排行榜

1 六六分期app的软件客服如何联系？(六六分期

六六分期app的软件客服如何联系？不知道吗？加qq群【895510560】即可！标题：六六分期
阅读：19154|2023-10-27
2 可心卡盟:win10系统火狐flash插件崩溃怎么

今天小编告诉大家如何处理win10系统火狐flash插件总是崩溃的问题，可能很多用户都不知
阅读：9979|2022-11-06
3 亲亲特价:怎么删除回收站图标

今天小编告诉大家如何对win10系统删除桌面回收站图标进行设置，可能很多用户都不知道
阅读：8320|2022-11-06
4 济南大学虚拟社区:鲁大师节能降温的具体办

今天小编告诉大家如何对win10系统电脑设置节能降温的设置方法，想必大家都遇到过需要
阅读：8690|2022-11-06
5 xlueops.exe:无线网络安装向导

我们在使用xp系统的过程中,经常需要对xp系统无线网络安装向导设置进行设置，可能很多
阅读：8631|2022-11-06
6 女斗合众国:win7系统cf与主机连接不稳定怎

今天小编告诉大家如何处理win7系统玩cf老是与主机连接不稳定的问题，可能很多用户都不
阅读：9647|2022-11-06
7 0xc000022-[cf烟雾头]cf怎么调烟雾头

电脑对日常生活的重要性小编就不多说了，可是一旦碰到win7系统设置cf烟雾头的问题，很
阅读：8615|2022-11-06
8 qizideyouhuo:应用程序无法正常启动0xc0000

我们在日常使用电脑的时候，有的小伙伴们可能在打开应用的时候会遇见提示应用程序无法
阅读：7994|2022-11-06
9 ipz-185:win7系统vcf文件怎么打开

今天小编告诉大家如何对win7系统打开vcf文件进行设置，可能很多用户都不知道怎么对win
阅读：8645|2022-11-06
10 傻哥蹦迪:win10系统s4怎么打开usb调试

今天小编告诉大家如何对win10系统s4开启USB调试模式进行设置，可能很多用户都不知道怎
阅读：7530|2022-11-06

• 关于我们

  创业团队 加入我们 媒体报道 合作伙伴 公益事业

• 产品与服务

  寻求合作 项目投资 干货视频 经理人培训 招聘代理

• 解决方案

  一站式 制造业 教育科研 行业案例

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服（服务时间 9:00～18:00）

在线QQ客服

地址：深圳市南山区西丽大学城创智工业园

电邮：jeky_zhao#qq.com

移动电话：139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap