Bump org.bouncycastle:bcprov-jdk18on from 1.77 to 1.78 in /BouncyCastle #19
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: BouncyCastle version handling | |
| on: | |
| pull_request: | |
| types: | |
| - closed | |
| branches: | |
| - master | |
| paths: | |
| - BouncyCastle/** | |
| jobs: | |
| bouncycastle-version-update: | |
| # This job does not run on self-opened PRs | |
| if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login != 'github-actions[bot]'}} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| # Sets up Java version | |
| - name: Set up Java | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'adopt' | |
| java-package: jdk | |
| java-version: '11' | |
| # Sets up Maven version | |
| - name: Set up Maven | |
| uses: stCarolas/setup-maven@v4.5 | |
| with: | |
| maven-version: 3.6.3 | |
| # Semantic versioning | |
| - name: Semantic versioning | |
| id: versioning | |
| uses: paulhatch/semantic-version@v5.1.0 | |
| with: | |
| tag_prefix: "" | |
| # A string which, if present in a git commit, indicates that a change represents a | |
| # major (breaking) change | |
| major_pattern: "(MAJOR-BC)" | |
| # Same as above except indicating a minor change | |
| minor_pattern: "(MINOR-BC)" | |
| # A string to determine the format of the version output | |
| version_format: "${major}.${minor}.${patch}" | |
| # Run the version update only, if there are changes in the BouncyCastle directory | |
| change_path: "BouncyCastle" | |
| # Consider only tags/versions, which end with 'bc' | |
| namespace: "bc" | |
| # Check, whether there is an existing branch "bouncycastle_<version>" or an open PR "bouncycastle_<version>" -> "master" | |
| # and store the results as environment variables | |
| - name: Check if branch and PR exist | |
| # The second command was copied from https://stackoverflow.com/questions/73812503/github-action-stop-the-action-if-pr-already-exists | |
| run: | | |
| echo VERSION_BRANCH_EXISTS=$(git ls-remote --heads origin refs/heads/bouncycastle_${{ steps.versioning.outputs.version }} | wc -l) >> $GITHUB_ENV | |
| echo PR_EXISTS=$(gh pr list \ | |
| --repo "$GITHUB_REPOSITORY" \ | |
| --json baseRefName,headRefName \ | |
| --jq ' | |
| map(select(.baseRefName == "master" and .headRefName == "bouncycastle_${{ steps.versioning.outputs.version }}")) | |
| | length | |
| ') >> $GITHUB_ENV | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # If the branch "bouncycastle_<version>" does not exist, create the branch and update the version in all files | |
| - name: Create branch and update BouncyCastle version | |
| if: ${{ env.VERSION_BRANCH_EXISTS == '0' }} | |
| run: | | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git config --global user.name "github-actions[bot]" | |
| git checkout -b bouncycastle_${{ steps.versioning.outputs.version }} | |
| mvn -f BouncyCastle build-helper:parse-version versions:set -DnewVersion=\${{ steps.versioning.outputs.version }} versions:commit | |
| git ls-files | grep 'pom.xml$' | xargs git add | |
| git commit --allow-empty -am "Update BouncyCastle version to ${{ steps.versioning.outputs.version }}" | |
| git push origin bouncycastle_${{ steps.versioning.outputs.version }} | |
| # If a PR "bouncycastle_<version>" -> "master" does not exist, create the PR | |
| - name: Open pull request for version update | |
| if: ${{ env.PR_EXISTS == '0' }} | |
| run: | | |
| gh pr create -B master -H bouncycastle_${{ steps.versioning.outputs.version }} -t "Update BouncyCastle version to ${{ steps.versioning.outputs.version }}" -b "This PR was created by the version-update workflow. Please make sure to delete the branch after merging, otherwise future workflows might fail." | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| bouncycastle-version-release: | |
| # This job runs only on merged PRs, which were opened by the version-update job and have "BouncyCastle version" in the title | |
| if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login == 'github-actions[bot]' && contains(github.event.pull_request.title, 'BouncyCastle version') }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| # Semantic versioning | |
| - name: Semantic versioning | |
| id: versioning | |
| uses: paulhatch/semantic-version@v5.1.0 | |
| with: | |
| tag_prefix: "" | |
| # A string which, if present in a git commit, indicates that a change represents a | |
| # major (breaking) change | |
| major_pattern: "(MAJOR-BC)" | |
| # Same as above except indicating a minor change | |
| minor_pattern: "(MINOR-BC)" | |
| # A string to determine the format of the version output | |
| version_format: "${major}.${minor}.${patch}" | |
| # Run the version update only, if there are changes in the BouncyCastle directory | |
| change_path: "BouncyCastle" | |
| # Consider only tags/versions, which end with 'bc' | |
| namespace: "bc" | |
| # Create a tag with the newest version to prepare a release | |
| - name: Create tag for new BouncyCastle version | |
| run: | | |
| git config --global user.email "${{ github.actor }}@users.noreply.github.com" | |
| git config --global user.name "${{ github.actor }}" | |
| git tag -a ${{ steps.versioning.outputs.version }}-bc -m "BouncyCastle version ${{ steps.versioning.outputs.version }}" | |
| git push origin ${{ steps.versioning.outputs.version }}-bc |