GitHub Actions provide a seamless way to integrate CI/CD into your repository, automating various tasks like running tests, building artifacts, and deploying your project.
Workflow for SNAPSHOT
This workflow is triggered on non-main branches or manually through the workflow dispatch event. It includes the following steps:
- Run tests: Ensures that your code passes all tests.
- Build the JAR file: Compiles your Spring Boot application.
- Build Docker image and push it to GitHub Docker Registry: Creates a Docker image from the generated artifact and pushes it to the GitHub Container Registry.
<span>name</span><span>:</span> <span>Test and Build Snapshot</span><span>on</span><span>:</span><span>push</span><span>:</span><span>branches-ignore</span><span>:</span><span>-</span> <span>main</span><span>workflow_dispatch</span><span>:</span><span>permissions</span><span>:</span><span>contents</span><span>:</span> <span>read</span><span>packages</span><span>:</span> <span>write</span><span>jobs</span><span>:</span><span>maven-verify</span><span>:</span><span>if</span><span>:</span> <span>"</span><span>!contains(github.event.head_commit.message,</span><span> </span><span>'[skip</span><span> </span><span>ci]')"</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span><span>uses</span><span>:</span> <span>actions/setup-java@v4</span><span>with</span><span>:</span><span>java-version</span><span>:</span> <span>'</span><span>21'</span><span>distribution</span><span>:</span> <span>'</span><span>temurin'</span><span>cache</span><span>:</span> <span>maven</span><span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span><span>-</span> <span>name</span><span>:</span> <span>Verify</span><span>run</span><span>:</span> <span>mvn -B clean verify --file pom.xml</span><span>maven-build</span><span>:</span><span>needs</span><span>:</span> <span>maven-verify</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span><span>uses</span><span>:</span> <span>actions/setup-java@v4</span><span>with</span><span>:</span><span>java-version</span><span>:</span> <span>'</span><span>21'</span><span>distribution</span><span>:</span> <span>'</span><span>temurin'</span><span>cache</span><span>:</span> <span>maven</span><span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span><span>-</span> <span>name</span><span>:</span> <span>Build</span><span>run</span><span>:</span> <span>mvn -B package --file pom.xml</span><span>-</span> <span>name</span><span>:</span> <span>Upload artifact</span><span>uses</span><span>:</span> <span>actions/upload-artifact@v4</span><span>with</span><span>:</span><span>name</span><span>:</span> <span>app.jar</span><span>path</span><span>:</span> <span>target/*.jar</span><span>docker-build-push</span><span>:</span><span>needs</span><span>:</span> <span>maven-build</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>env</span><span>:</span><span>CURRENT_VERSION</span><span>:</span> <span>'</span><span>'</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Download artifact</span><span>uses</span><span>:</span> <span>actions/download-artifact@v4</span><span>with</span><span>:</span><span>name</span><span>:</span> <span>app.jar</span><span>path</span><span>:</span> <span>target</span><span>-</span> <span>name</span><span>:</span> <span>Set up Docker Buildx</span><span>uses</span><span>:</span> <span>docker/setup-buildx-action@v3</span><span>-</span> <span>name</span><span>:</span> <span>Log in to GitHub Container Registry</span><span>uses</span><span>:</span> <span>docker/login-action@v3</span><span>with</span><span>:</span><span>registry</span><span>:</span> <span>ghcr.io</span><span>username</span><span>:</span> <span>${{ github.repository_owner }}</span><span>password</span><span>:</span> <span>${{ secrets.GHCR_PAT }}</span><span>-</span> <span>name</span><span>:</span> <span>Get Version</span><span>run</span><span>:</span> <span>echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV</span><span>-</span> <span>name</span><span>:</span> <span>Build Docker image</span><span>uses</span><span>:</span> <span>docker/build-push-action@v6</span><span>with</span><span>:</span><span>context</span><span>:</span> <span>.</span><span>push</span><span>:</span> <span>true</span><span>tags</span><span>:</span> <span>ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }}</span><span>name</span><span>:</span> <span>Test and Build Snapshot</span> <span>on</span><span>:</span> <span>push</span><span>:</span> <span>branches-ignore</span><span>:</span> <span>-</span> <span>main</span> <span>workflow_dispatch</span><span>:</span> <span>permissions</span><span>:</span> <span>contents</span><span>:</span> <span>read</span> <span>packages</span><span>:</span> <span>write</span> <span>jobs</span><span>:</span> <span>maven-verify</span><span>:</span> <span>if</span><span>:</span> <span>"</span><span>!contains(github.event.head_commit.message,</span><span> </span><span>'[skip</span><span> </span><span>ci]')"</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span> <span>uses</span><span>:</span> <span>actions/setup-java@v4</span> <span>with</span><span>:</span> <span>java-version</span><span>:</span> <span>'</span><span>21'</span> <span>distribution</span><span>:</span> <span>'</span><span>temurin'</span> <span>cache</span><span>:</span> <span>maven</span> <span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span> <span>-</span> <span>name</span><span>:</span> <span>Verify</span> <span>run</span><span>:</span> <span>mvn -B clean verify --file pom.xml</span> <span>maven-build</span><span>:</span> <span>needs</span><span>:</span> <span>maven-verify</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span> <span>uses</span><span>:</span> <span>actions/setup-java@v4</span> <span>with</span><span>:</span> <span>java-version</span><span>:</span> <span>'</span><span>21'</span> <span>distribution</span><span>:</span> <span>'</span><span>temurin'</span> <span>cache</span><span>:</span> <span>maven</span> <span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span> <span>-</span> <span>name</span><span>:</span> <span>Build</span> <span>run</span><span>:</span> <span>mvn -B package --file pom.xml</span> <span>-</span> <span>name</span><span>:</span> <span>Upload artifact</span> <span>uses</span><span>:</span> <span>actions/upload-artifact@v4</span> <span>with</span><span>:</span> <span>name</span><span>:</span> <span>app.jar</span> <span>path</span><span>:</span> <span>target/*.jar</span> <span>docker-build-push</span><span>:</span> <span>needs</span><span>:</span> <span>maven-build</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>env</span><span>:</span> <span>CURRENT_VERSION</span><span>:</span> <span>'</span><span>'</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Download artifact</span> <span>uses</span><span>:</span> <span>actions/download-artifact@v4</span> <span>with</span><span>:</span> <span>name</span><span>:</span> <span>app.jar</span> <span>path</span><span>:</span> <span>target</span> <span>-</span> <span>name</span><span>:</span> <span>Set up Docker Buildx</span> <span>uses</span><span>:</span> <span>docker/setup-buildx-action@v3</span> <span>-</span> <span>name</span><span>:</span> <span>Log in to GitHub Container Registry</span> <span>uses</span><span>:</span> <span>docker/login-action@v3</span> <span>with</span><span>:</span> <span>registry</span><span>:</span> <span>ghcr.io</span> <span>username</span><span>:</span> <span>${{ github.repository_owner }}</span> <span>password</span><span>:</span> <span>${{ secrets.GHCR_PAT }}</span> <span>-</span> <span>name</span><span>:</span> <span>Get Version</span> <span>run</span><span>:</span> <span>echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV</span> <span>-</span> <span>name</span><span>:</span> <span>Build Docker image</span> <span>uses</span><span>:</span> <span>docker/build-push-action@v6</span> <span>with</span><span>:</span> <span>context</span><span>:</span> <span>.</span> <span>push</span><span>:</span> <span>true</span> <span>tags</span><span>:</span> <span>ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }}</span>name: Test and Build Snapshot on: push: branches-ignore: - main workflow_dispatch: permissions: contents: read packages: write jobs: maven-verify: if: "!contains(github.event.head_commit.message, '[skip ci]')" runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up JDK 21 uses: actions/setup-java@v4 with: java-version: '21' distribution: 'temurin' cache: maven cache-dependency-path: '**/pom.xml' - name: Verify run: mvn -B clean verify --file pom.xml maven-build: needs: maven-verify runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up JDK 21 uses: actions/setup-java@v4 with: java-version: '21' distribution: 'temurin' cache: maven cache-dependency-path: '**/pom.xml' - name: Build run: mvn -B package --file pom.xml - name: Upload artifact uses: actions/upload-artifact@v4 with: name: app.jar path: target/*.jar docker-build-push: needs: maven-build runs-on: ubuntu-latest env: CURRENT_VERSION: '' steps: - uses: actions/checkout@v4 - name: Download artifact uses: actions/download-artifact@v4 with: name: app.jar path: target - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GHCR_PAT }} - name: Get Version run: echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV - name: Build Docker image uses: docker/build-push-action@v6 with: context: . push: true tags: ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }}
Enter fullscreen mode Exit fullscreen mode
Workflow for RELEASE
This workflow runs when changes are pushed to the main branch and includes the following steps:
- Build the release version: Compiles the release version of your project.
- Build Docker image and push it to GitHub Docker Registry: Creates and pushes the Docker image to the GitHub Container Registry.
- Increment SNAPSHOT version: Updates the version in
pom.xmlfor future snapshot versions.
<span>name</span><span>:</span> <span>Build Release</span><span>on</span><span>:</span><span>push</span><span>:</span><span>branches</span><span>:</span><span>-</span> <span>main</span><span>workflow_dispatch</span><span>:</span><span>permissions</span><span>:</span><span>contents</span><span>:</span> <span>read</span><span>packages</span><span>:</span> <span>write</span><span>jobs</span><span>:</span><span>maven-build-release</span><span>:</span><span>if</span><span>:</span> <span>"</span><span>!contains(github.event.head_commit.message,</span><span> </span><span>'[skip</span><span> </span><span>ci]')"</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span><span>uses</span><span>:</span> <span>actions/setup-java@v4</span><span>with</span><span>:</span><span>java-version</span><span>:</span> <span>'</span><span>21'</span><span>distribution</span><span>:</span> <span>'</span><span>temurin'</span><span>cache</span><span>:</span> <span>maven</span><span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span><span>-</span> <span>name</span><span>:</span> <span>Prepare Release Version</span><span>run</span><span>:</span> <span>mvn versions:set -DremoveSnapshot</span><span>-</span> <span>name</span><span>:</span> <span>Build</span><span>run</span><span>:</span> <span>mvn -B clean package --file pom.xml -DskipTests</span><span>-</span> <span>name</span><span>:</span> <span>Upload artifact</span><span>uses</span><span>:</span> <span>actions/upload-artifact@v4</span><span>with</span><span>:</span><span>name</span><span>:</span> <span>app.jar</span><span>path</span><span>:</span> <span>target/*.jar</span><span>docker-build-push</span><span>:</span><span>needs</span><span>:</span> <span>maven-build-release</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>env</span><span>:</span><span>CURRENT_VERSION</span><span>:</span> <span>'</span><span>'</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Download artifact</span><span>uses</span><span>:</span> <span>actions/download-artifact@v4</span><span>with</span><span>:</span><span>name</span><span>:</span> <span>app.jar</span><span>path</span><span>:</span> <span>target</span><span>-</span> <span>name</span><span>:</span> <span>Set up Docker Buildx</span><span>uses</span><span>:</span> <span>docker/setup-buildx-action@v3</span><span>-</span> <span>name</span><span>:</span> <span>Log in to GitHub Container Registry</span><span>uses</span><span>:</span> <span>docker/login-action@v3</span><span>with</span><span>:</span><span>registry</span><span>:</span> <span>ghcr.io</span><span>username</span><span>:</span> <span>${{ github.repository_owner }}</span><span>password</span><span>:</span> <span>${{ secrets.GHCR_PAT }}</span><span>-</span> <span>name</span><span>:</span> <span>Get Version</span><span>run</span><span>:</span> <span>|</span><span>mvn versions:set -DremoveSnapshot</span><span>echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV</span><span>-</span> <span>name</span><span>:</span> <span>Build Docker image</span><span>uses</span><span>:</span> <span>docker/build-push-action@v6</span><span>with</span><span>:</span><span>context</span><span>:</span> <span>.</span><span>push</span><span>:</span> <span>true</span><span>tags</span><span>:</span> <span>ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }}</span><span>increment-version</span><span>:</span><span>needs</span><span>:</span> <span>docker-build-push</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>permissions</span><span>:</span><span>contents</span><span>:</span> <span>write</span><span>steps</span><span>:</span><span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>with</span><span>:</span><span>token</span><span>:</span> <span>${{ secrets.GIT_PAT }}</span><span>-</span> <span>name</span><span>:</span> <span>Configure Git</span><span>run</span><span>:</span> <span>|</span><span>git config --global user.name "github-actions[bot]"</span><span>git config --global user.email "github-actions[bot]@users.noreply.github.com"</span><span>-</span> <span>name</span><span>:</span> <span>Increment Snapshot Version</span><span>run</span><span>:</span> <span>|</span><span># Extract current version and increment patch version</span><span>CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)</span><span>MAJOR=$(echo $CURRENT_VERSION | cut -d. -f1)</span><span>MINOR=$(echo $CURRENT_VERSION | cut -d. -f2)</span><span>PATCH=$(echo $CURRENT_VERSION | cut -d. -f3 | cut -d- -f1)</span><span>NEW_PATCH=$((PATCH + 1))</span><span>NEW_VERSION="$MAJOR.$MINOR.$NEW_PATCH-SNAPSHOT"</span><span># Update version in pom.xml</span><span>mvn versions:set -DnewVersion=$NEW_VERSION</span><span>mvn versions:commit</span><span># Commit and push the new snapshot version</span><span>git add pom.xml</span><span>git commit -m "Increment version to $NEW_VERSION [skip ci]"</span><span>git push origin $(git rev-parse --abbrev-ref HEAD)</span><span>name</span><span>:</span> <span>Build Release</span> <span>on</span><span>:</span> <span>push</span><span>:</span> <span>branches</span><span>:</span> <span>-</span> <span>main</span> <span>workflow_dispatch</span><span>:</span> <span>permissions</span><span>:</span> <span>contents</span><span>:</span> <span>read</span> <span>packages</span><span>:</span> <span>write</span> <span>jobs</span><span>:</span> <span>maven-build-release</span><span>:</span> <span>if</span><span>:</span> <span>"</span><span>!contains(github.event.head_commit.message,</span><span> </span><span>'[skip</span><span> </span><span>ci]')"</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Set up JDK </span><span>21</span> <span>uses</span><span>:</span> <span>actions/setup-java@v4</span> <span>with</span><span>:</span> <span>java-version</span><span>:</span> <span>'</span><span>21'</span> <span>distribution</span><span>:</span> <span>'</span><span>temurin'</span> <span>cache</span><span>:</span> <span>maven</span> <span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span> <span>-</span> <span>name</span><span>:</span> <span>Prepare Release Version</span> <span>run</span><span>:</span> <span>mvn versions:set -DremoveSnapshot</span> <span>-</span> <span>name</span><span>:</span> <span>Build</span> <span>run</span><span>:</span> <span>mvn -B clean package --file pom.xml -DskipTests</span> <span>-</span> <span>name</span><span>:</span> <span>Upload artifact</span> <span>uses</span><span>:</span> <span>actions/upload-artifact@v4</span> <span>with</span><span>:</span> <span>name</span><span>:</span> <span>app.jar</span> <span>path</span><span>:</span> <span>target/*.jar</span> <span>docker-build-push</span><span>:</span> <span>needs</span><span>:</span> <span>maven-build-release</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>env</span><span>:</span> <span>CURRENT_VERSION</span><span>:</span> <span>'</span><span>'</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Download artifact</span> <span>uses</span><span>:</span> <span>actions/download-artifact@v4</span> <span>with</span><span>:</span> <span>name</span><span>:</span> <span>app.jar</span> <span>path</span><span>:</span> <span>target</span> <span>-</span> <span>name</span><span>:</span> <span>Set up Docker Buildx</span> <span>uses</span><span>:</span> <span>docker/setup-buildx-action@v3</span> <span>-</span> <span>name</span><span>:</span> <span>Log in to GitHub Container Registry</span> <span>uses</span><span>:</span> <span>docker/login-action@v3</span> <span>with</span><span>:</span> <span>registry</span><span>:</span> <span>ghcr.io</span> <span>username</span><span>:</span> <span>${{ github.repository_owner }}</span> <span>password</span><span>:</span> <span>${{ secrets.GHCR_PAT }}</span> <span>-</span> <span>name</span><span>:</span> <span>Get Version</span> <span>run</span><span>:</span> <span>|</span> <span>mvn versions:set -DremoveSnapshot</span> <span>echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV</span> <span>-</span> <span>name</span><span>:</span> <span>Build Docker image</span> <span>uses</span><span>:</span> <span>docker/build-push-action@v6</span> <span>with</span><span>:</span> <span>context</span><span>:</span> <span>.</span> <span>push</span><span>:</span> <span>true</span> <span>tags</span><span>:</span> <span>ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }}</span> <span>increment-version</span><span>:</span> <span>needs</span><span>:</span> <span>docker-build-push</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>permissions</span><span>:</span> <span>contents</span><span>:</span> <span>write</span> <span>steps</span><span>:</span> <span>-</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>with</span><span>:</span> <span>token</span><span>:</span> <span>${{ secrets.GIT_PAT }}</span> <span>-</span> <span>name</span><span>:</span> <span>Configure Git</span> <span>run</span><span>:</span> <span>|</span> <span>git config --global user.name "github-actions[bot]"</span> <span>git config --global user.email "github-actions[bot]@users.noreply.github.com"</span> <span>-</span> <span>name</span><span>:</span> <span>Increment Snapshot Version</span> <span>run</span><span>:</span> <span>|</span> <span># Extract current version and increment patch version</span> <span>CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)</span> <span>MAJOR=$(echo $CURRENT_VERSION | cut -d. -f1)</span> <span>MINOR=$(echo $CURRENT_VERSION | cut -d. -f2)</span> <span>PATCH=$(echo $CURRENT_VERSION | cut -d. -f3 | cut -d- -f1)</span> <span>NEW_PATCH=$((PATCH + 1))</span> <span>NEW_VERSION="$MAJOR.$MINOR.$NEW_PATCH-SNAPSHOT"</span> <span># Update version in pom.xml</span> <span>mvn versions:set -DnewVersion=$NEW_VERSION</span> <span>mvn versions:commit</span> <span># Commit and push the new snapshot version</span> <span>git add pom.xml</span> <span>git commit -m "Increment version to $NEW_VERSION [skip ci]"</span> <span>git push origin $(git rev-parse --abbrev-ref HEAD)</span>name: Build Release on: push: branches: - main workflow_dispatch: permissions: contents: read packages: write jobs: maven-build-release: if: "!contains(github.event.head_commit.message, '[skip ci]')" runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up JDK 21 uses: actions/setup-java@v4 with: java-version: '21' distribution: 'temurin' cache: maven cache-dependency-path: '**/pom.xml' - name: Prepare Release Version run: mvn versions:set -DremoveSnapshot - name: Build run: mvn -B clean package --file pom.xml -DskipTests - name: Upload artifact uses: actions/upload-artifact@v4 with: name: app.jar path: target/*.jar docker-build-push: needs: maven-build-release runs-on: ubuntu-latest env: CURRENT_VERSION: '' steps: - uses: actions/checkout@v4 - name: Download artifact uses: actions/download-artifact@v4 with: name: app.jar path: target - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GHCR_PAT }} - name: Get Version run: | mvn versions:set -DremoveSnapshot echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV - name: Build Docker image uses: docker/build-push-action@v6 with: context: . push: true tags: ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ env.CURRENT_VERSION }}-${{ github.run_id }} increment-version: needs: docker-build-push runs-on: ubuntu-latest permissions: contents: write steps: - uses: actions/checkout@v4 with: token: ${{ secrets.GIT_PAT }} - name: Configure Git run: | git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" - name: Increment Snapshot Version run: | # Extract current version and increment patch version CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) MAJOR=$(echo $CURRENT_VERSION | cut -d. -f1) MINOR=$(echo $CURRENT_VERSION | cut -d. -f2) PATCH=$(echo $CURRENT_VERSION | cut -d. -f3 | cut -d- -f1) NEW_PATCH=$((PATCH + 1)) NEW_VERSION="$MAJOR.$MINOR.$NEW_PATCH-SNAPSHOT" # Update version in pom.xml mvn versions:set -DnewVersion=$NEW_VERSION mvn versions:commit # Commit and push the new snapshot version git add pom.xml git commit -m "Increment version to $NEW_VERSION [skip ci]" git push origin $(git rev-parse --abbrev-ref HEAD)
Enter fullscreen mode Exit fullscreen mode
Bonus workflow
The CodeQL workflow analyzes your Java code to identify potential vulnerabilities and issues.
<span>name</span><span>:</span> <span>CodeQL</span><span>on</span><span>:</span><span>pull_request</span><span>:</span><span>branches</span><span>:</span> <span>[</span> <span>"</span><span>main"</span> <span>]</span><span>workflow_dispatch</span><span>:</span><span>jobs</span><span>:</span><span>analyze</span><span>:</span><span>name</span><span>:</span> <span>Analyze</span><span>runs-on</span><span>:</span> <span>ubuntu-latest</span><span>permissions</span><span>:</span><span>actions</span><span>:</span> <span>read</span><span>contents</span><span>:</span> <span>read</span><span>security-events</span><span>:</span> <span>write</span><span>strategy</span><span>:</span><span>fail-fast</span><span>:</span> <span>false</span><span>matrix</span><span>:</span><span>language</span><span>:</span> <span>[</span> <span>'</span><span>java'</span> <span>]</span><span>steps</span><span>:</span><span>-</span> <span>name</span><span>:</span> <span>Checkout repository</span><span>uses</span><span>:</span> <span>actions/checkout@v4</span><span>-</span> <span>name</span><span>:</span> <span>Setup Java</span><span>uses</span><span>:</span> <span>actions/setup-java@v4</span><span>with</span><span>:</span><span>java-version</span><span>:</span> <span>'</span><span>21'</span><span>distribution</span><span>:</span> <span>'</span><span>temurin'</span><span>cache</span><span>:</span> <span>maven</span><span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span><span>-</span> <span>name</span><span>:</span> <span>Initialize CodeQL</span><span>uses</span><span>:</span> <span>github/codeql-action/init@v3</span><span>with</span><span>:</span><span>languages</span><span>:</span> <span>${{ matrix.language }}</span><span>-</span> <span>name</span><span>:</span> <span>Autobuild</span><span>uses</span><span>:</span> <span>github/codeql-action/autobuild@v3</span><span>-</span> <span>name</span><span>:</span> <span>Perform CodeQL Analysis</span><span>uses</span><span>:</span> <span>github/codeql-action/analyze@v3</span><span>with</span><span>:</span><span>category</span><span>:</span> <span>"</span><span>/language:${{matrix.language}}"</span><span>name</span><span>:</span> <span>CodeQL</span> <span>on</span><span>:</span> <span>pull_request</span><span>:</span> <span>branches</span><span>:</span> <span>[</span> <span>"</span><span>main"</span> <span>]</span> <span>workflow_dispatch</span><span>:</span> <span>jobs</span><span>:</span> <span>analyze</span><span>:</span> <span>name</span><span>:</span> <span>Analyze</span> <span>runs-on</span><span>:</span> <span>ubuntu-latest</span> <span>permissions</span><span>:</span> <span>actions</span><span>:</span> <span>read</span> <span>contents</span><span>:</span> <span>read</span> <span>security-events</span><span>:</span> <span>write</span> <span>strategy</span><span>:</span> <span>fail-fast</span><span>:</span> <span>false</span> <span>matrix</span><span>:</span> <span>language</span><span>:</span> <span>[</span> <span>'</span><span>java'</span> <span>]</span> <span>steps</span><span>:</span> <span>-</span> <span>name</span><span>:</span> <span>Checkout repository</span> <span>uses</span><span>:</span> <span>actions/checkout@v4</span> <span>-</span> <span>name</span><span>:</span> <span>Setup Java</span> <span>uses</span><span>:</span> <span>actions/setup-java@v4</span> <span>with</span><span>:</span> <span>java-version</span><span>:</span> <span>'</span><span>21'</span> <span>distribution</span><span>:</span> <span>'</span><span>temurin'</span> <span>cache</span><span>:</span> <span>maven</span> <span>cache-dependency-path</span><span>:</span> <span>'</span><span>**/pom.xml'</span> <span>-</span> <span>name</span><span>:</span> <span>Initialize CodeQL</span> <span>uses</span><span>:</span> <span>github/codeql-action/init@v3</span> <span>with</span><span>:</span> <span>languages</span><span>:</span> <span>${{ matrix.language }}</span> <span>-</span> <span>name</span><span>:</span> <span>Autobuild</span> <span>uses</span><span>:</span> <span>github/codeql-action/autobuild@v3</span> <span>-</span> <span>name</span><span>:</span> <span>Perform CodeQL Analysis</span> <span>uses</span><span>:</span> <span>github/codeql-action/analyze@v3</span> <span>with</span><span>:</span> <span>category</span><span>:</span> <span>"</span><span>/language:${{matrix.language}}"</span>name: CodeQL on: pull_request: branches: [ "main" ] workflow_dispatch: jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: [ 'java' ] steps: - name: Checkout repository uses: actions/checkout@v4 - name: Setup Java uses: actions/setup-java@v4 with: java-version: '21' distribution: 'temurin' cache: maven cache-dependency-path: '**/pom.xml' - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - name: Autobuild uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}"
Enter fullscreen mode Exit fullscreen mode
Updated Dockerfile
<span>### Build stage</span><span>FROM</span><span> </span><span>eclipse-temurin:21-jre-alpine</span><span> </span><span>AS</span><span> </span><span>builder</span><span># Set the working directory inside the container</span><span>WORKDIR</span><span> /tmp</span><span># Copy the source code into the container</span><span>COPY</span><span> target/*.jar app.jar</span><span># Extract the layers</span><span>RUN </span>java <span>-Djarmode</span><span>=</span>layertools <span>-jar</span> app.jar extract<span>### Run stage</span><span># Create a minimal production image</span><span>FROM</span><span> eclipse-temurin:21-jre-alpine</span><span># Set the working directory inside the container</span><span>WORKDIR</span><span> /app</span><span># Set the working directory inside the container</span><span>COPY</span><span> --from=builder /tmp/dependencies/ ./</span><span>COPY</span><span> --from=builder /tmp/snapshot-dependencies/ ./</span><span>COPY</span><span> --from=builder /tmp/spring-boot-loader/ ./</span><span>COPY</span><span> --from=builder /tmp/application/ ./</span><span># Run the binary when the container starts</span><span>ENTRYPOINT</span><span> ["java", "org.springframework.boot.loader.launch.JarLauncher"]</span><span>### Build stage</span> <span>FROM</span><span> </span><span>eclipse-temurin:21-jre-alpine</span><span> </span><span>AS</span><span> </span><span>builder</span> <span># Set the working directory inside the container</span> <span>WORKDIR</span><span> /tmp</span> <span># Copy the source code into the container</span> <span>COPY</span><span> target/*.jar app.jar</span> <span># Extract the layers</span> <span>RUN </span>java <span>-Djarmode</span><span>=</span>layertools <span>-jar</span> app.jar extract <span>### Run stage</span> <span># Create a minimal production image</span> <span>FROM</span><span> eclipse-temurin:21-jre-alpine</span> <span># Set the working directory inside the container</span> <span>WORKDIR</span><span> /app</span> <span># Set the working directory inside the container</span> <span>COPY</span><span> --from=builder /tmp/dependencies/ ./</span> <span>COPY</span><span> --from=builder /tmp/snapshot-dependencies/ ./</span> <span>COPY</span><span> --from=builder /tmp/spring-boot-loader/ ./</span> <span>COPY</span><span> --from=builder /tmp/application/ ./</span> <span># Run the binary when the container starts</span> <span>ENTRYPOINT</span><span> ["java", "org.springframework.boot.loader.launch.JarLauncher"]</span>### Build stage FROM eclipse-temurin:21-jre-alpine AS builder # Set the working directory inside the container WORKDIR /tmp # Copy the source code into the container COPY target/*.jar app.jar # Extract the layers RUN java -Djarmode=layertools -jar app.jar extract ### Run stage # Create a minimal production image FROM eclipse-temurin:21-jre-alpine # Set the working directory inside the container WORKDIR /app # Set the working directory inside the container COPY --from=builder /tmp/dependencies/ ./ COPY --from=builder /tmp/snapshot-dependencies/ ./ COPY --from=builder /tmp/spring-boot-loader/ ./ COPY --from=builder /tmp/application/ ./ # Run the binary when the container starts ENTRYPOINT ["java", "org.springframework.boot.loader.launch.JarLauncher"]
Enter fullscreen mode Exit fullscreen mode
© 版权声明
THE END
暂无评论内容