add GH actions for build and release automation

Author: frantuma

.github/topissuebot.yml

@@ -0,0 +1,3 @@
+labelName: ":thumbsup: Top Issue!"
+labelColor: "f442c2"
+numberOfIssuesToLabel: 5

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,54 @@
+name: "Code scanning - action"
+
+on:
+  push:
+    branches: [master, v1]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master, v1]
+  schedule:
+    - cron: '0 19 * * 1'
+
+jobs:
+  CodeQL-Build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      # Override language selection by uncommenting this and choosing your languages
+      with:
+        languages: java
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/maven-pulls.yml

@@ -0,0 +1,30 @@
+name: Build Test PR
+
+on:
+  pull_request:
+    branches: [ "master" ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [ 8, 11, 14 ]
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Java
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+    - name: Cache local Maven repository
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+    - name: Build with Maven
+      run: |
+        mvn --no-transfer-progress -B install --file pom.xml

.github/workflows/maven-v1-pulls.yml

@@ -0,0 +1,29 @@
+name: Build Test PR v1
+
+on:
+  pull_request:
+    branches: [ "v1" ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [ 8 ]
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Java
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+    - name: Cache local Maven repository
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+    - name: Build with Maven
+      run: mvn -B -Dhttps.protocols=TLSv1.2 verify --file pom.xml

.github/workflows/maven-v1.yml

@@ -0,0 +1,46 @@
+name: Build Test Deploy v1
+
+on:
+  push:
+    branches: [ "v1" ]
+  pull_request:
+    branches: [ "v1" ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [ 8 ]
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Java
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.java }}
+          server-id: sonatype-nexus-snapshots
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+      - name: Cache local Maven repository
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Build with Maven
+        run: |
+          mvn -B -Dhttps.protocols=TLSv1.2 verify --file pom.xml
+          export MY_POM_VERSION=`mvn -q -Dexec.executable="echo" -Dexec.args='${projects.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:1.3.1:exec`
+          echo "POM VERSION" ${MY_POM_VERSION}
+          if [[ $MY_POM_VERSION =~ ^.*SNAPSHOT$ ]];
+          then
+              mvn -B -Dhttps.protocols=TLSv1.2 clean deploy
+          else
+              echo "not deploying release: " ${MY_POM_VERSION}
+          fi
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}

.github/workflows/maven.yml

@@ -0,0 +1,53 @@
+name: Build Test Deploy master
+
+on:
+  push:
+    branches: [ "master" ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [ 8, 11, 14 ]
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Java
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+        server-id: ossrh
+        server-username: MAVEN_USERNAME
+        server-password: MAVEN_PASSWORD
+    - name: Cache local Maven repository
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+    - name: Build with Maven, Deploy snapshot to maven central
+      run: |
+        export MY_POM_VERSION=`mvn -q -Dexec.executable="echo" -Dexec.args='${projects.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:1.3.1:exec`
+        echo "POM VERSION" ${MY_POM_VERSION}
+        if [[ $MY_POM_VERSION =~ ^.*SNAPSHOT$ ]];
+        then
+          mvn --no-transfer-progress -B install --file pom.xml
+          export MY_JAVA_VERSION=`java -version 2>&1 | head -1 | cut -d'"' -f2 | sed '/^1\./s///' | cut -d'.' -f1`
+          echo "JAVA VERSION" ${MY_JAVA_VERSION}
+          if [[ ${MY_JAVA_VERSION} == "8" ]];
+          then
+            export MY_POM_VERSION=`mvn -q -Dexec.executable="echo" -Dexec.args='${projects.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:1.3.1:exec`
+            echo "POM VERSION" ${MY_POM_VERSION}
+            mvn --no-transfer-progress -B clean deploy
+          else
+            echo "not deploying on java version: " ${MY_JAVA_VERSION}
+          fi
+        else
+          echo "not building and maven publishing project as it is a release version: " ${MY_JAVA_VERSION}
+        fi
+      env:
+        MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+        MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}

.github/workflows/prepare-release.yml

@@ -0,0 +1,65 @@
+name: Prepare Release
+
+on:
+  workflow_dispatch:
+    branches: ["master"]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: tibdex/github-app-token@v1
+      id: generate-token
+      with:
+        app_id: ${{ secrets.APP_ID }}
+        private_key: ${{ secrets.APP_PRIVATE_KEY }}
+    - name: Set up Python 2.7
+      uses: actions/setup-python@v2
+      with:
+        python-version: 2.7
+    - name: Set up Java 8
+      uses: actions/setup-java@v1
+      with:
+        java-version: 8
+        server-id: ossrh
+        server-username: MAVEN_USERNAME
+        server-password: MAVEN_PASSWORD
+    - name: Cache local Maven repository
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+    - name: Run prepare release script
+      id: prepare-release
+      run: |
+        export MY_POM_VERSION=`mvn -q -Dexec.executable="echo" -Dexec.args='${projects.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:1.3.1:exec`
+        if [[ $MY_POM_VERSION =~ ^.*SNAPSHOT$ ]];
+        then
+          . ./CI/prepare-release.sh
+          echo "::set-env name=PREPARE_RELEASE_OK::yes"
+        else
+          echo "not preparing release for release version: " ${MY_POM_VERSION}
+          echo "::set-env name=PREPARE_RELEASE_OK::no"
+        fi
+        echo "::set-env name=SC_VERSION::$SC_VERSION"
+        echo "::set-env name=SC_NEXT_VERSION::$SC_NEXT_VERSION"
+    - name: Create Prepare Release Pull Request
+      uses: peter-evans/create-pull-request@v2
+      if: env.PREPARE_RELEASE_OK == 'yes'
+      with:
+        token: ${{ steps.generate-token.outputs.token }}
+        commit-message: prepare release ${{ env.SC_VERSION }}
+        title: 'prepare release ${{ env.SC_VERSION }}'
+        branch: prepare-release-${{ env.SC_VERSION }}
+    env:
+      MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      SC_VERSION:
+      SC_NEXT_VERSION:
+

.github/workflows/release.yml

@@ -0,0 +1,89 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    branches: ["master"]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: tibdex/github-app-token@v1
+      id: generate-token
+      with:
+        app_id: ${{ secrets.APP_ID }}
+        private_key: ${{ secrets.APP_PRIVATE_KEY }}
+    - name: Set up Python 2.7
+      uses: actions/setup-python@v2
+      with:
+        python-version: 2.7
+    - name: Set up Java 8
+      uses: actions/setup-java@v1
+      with:
+        java-version: 8
+        server-id: ossrh
+        server-username: MAVEN_USERNAME
+        server-password: MAVEN_PASSWORD
+    - name: Cache local Maven repository
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
+    - name: Run pre release script
+      id: preRelease
+      run: |
+        # export GPG_TTY=$(tty)
+        export MY_POM_VERSION=`mvn -q -Dexec.executable="echo" -Dexec.args='${projects.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:1.3.1:exec`
+        if [[ $MY_POM_VERSION =~ ^.*SNAPSHOT$ ]];
+        then
+          echo "not releasing snapshot version: " ${MY_POM_VERSION}
+          echo "::set-env name=RELEASE_OK::no"
+        else
+          . ./CI/pre-release.sh
+          echo "::set-env name=RELEASE_OK::yes"
+        fi
+        echo "::set-env name=SC_VERSION::$SC_VERSION"
+        echo "::set-env name=SC_NEXT_VERSION::$SC_NEXT_VERSION"
+        echo "::set-env name=SC_LAST_RELEASE::$SC_LAST_RELEASE"
+    - name: configure git user email
+      run: |
+        git config --global user.email "action@github.com"
+        git config --global user.name "GitHub Action"
+        git config --global hub.protocol https
+        git remote set-url origin https://\${{ secrets.GITHUB_TOKEN }}:x-oauth-basic@github.com/''' + 'swagger-api/swagger-parser' + '''.git
+    - name: Run maven deploy/release (action-maven-publish)
+      uses: samuelmeuli/action-maven-publish@v1
+      if: env.RELEASE_OK == 'yes'
+      with:
+        gpg_private_key: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }}
+        gpg_passphrase: ${{ secrets.OSSRH_GPG_PRIVATE_PASSPHRASE }}
+        nexus_username: ${{ secrets.OSSRH_USERNAME }}
+        nexus_password: ${{ secrets.OSSRH_TOKEN }}
+        maven_profiles: "release"
+    - name: Run post release script
+      id: postRelease
+      if: env.RELEASE_OK == 'yes'
+      run: |
+        . ./CI/post-release.sh
+    - name: Create Next Snapshot Pull Request
+      uses: peter-evans/create-pull-request@v2
+      if: env.RELEASE_OK == 'yes'
+      with:
+        token: ${{ steps.generate-token.outputs.token }}
+        commit-message: bump snapshot ${{ env.SC_NEXT_VERSION }}-SNAPSHOT
+        title: 'bump snapshot ${{ env.SC_NEXT_VERSION }}-SNAPSHOT'
+        branch: bump-snap-${{ env.SC_NEXT_VERSION }}-SNAPSHOT
+
+    env:
+      MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      SC_VERSION:
+      SC_NEXT_VERSION:
+      GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }}
+      GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_PRIVATE_PASSPHRASE }}