Reusable GitHub Actions workflows
The Logging Parent project provides the following reusable GitHub Actions workflows:
build-reusable.yaml
This workflow:
-
Compiles using the specified Java compiler version
-
Submits build scans to the Develocity server
Examples
Snippet from an example
build.yaml using this workflowbuild:
uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/${site-project.version}
secrets:
DV_ACCESS_TOKEN: ${{ startsWith(github.ref_name, 'release/') && '' || secrets.DEVELOCITY_ACCESS_KEY }}
with:
site-enabled: true
reproducibility-check-enabled: false
develocity-enabled: ${{ ! startsWith(github.ref_name, 'release/') }}deploy-snapshot-reusable.yaml
This workflow deploys SNAPSHOT artifacts.
Examples
Snippet from an example
build.yaml using this workflowdeploy-snapshot:
needs: build
if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/${site-project.version}
# Secrets for deployments
secrets:
NEXUS_USERNAME: ${{ secrets.NEXUS_USER }}
NEXUS_PASSWORD: ${{ secrets.NEXUS_PW }}deploy-release-reusable.yaml
This workflow:
-
Deploys release artifacts
-
Updates
revisionandproject.build.outputTimestampMaven properties -
Generates the distribution ZIP containing Git-tracked sources, binary attachments,
NOTICE.txt, etc. -
Generates the release vote & announcement emails
-
Uploads the distribution ZIP and emails to SVN
Examples
Snippet from an example
build.yaml using this workflowdeploy-release:
needs: build
if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/')
uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/${site-project.version}
# Secrets for deployments
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
NEXUS_USERNAME: ${{ secrets.LOGGING_STAGE_DEPLOYER_USER }}
NEXUS_PASSWORD: ${{ secrets.LOGGING_STAGE_DEPLOYER_PW }}
SVN_USERNAME: ${{ secrets.LOGGING_SVN_DEV_USERNAME }}
SVN_PASSWORD: ${{ secrets.LOGGING_SVN_DEV_PASSWORD }}
# Write permissions to allow the Maven `revision` property update, changelog release, etc.
permissions:
contents: write
with:
project-id: log4jverify-reproducibility-reusable.yaml
This workflow verifies the reproducibility of a previous deploy-snapshot-reusable.yaml or deploy-release-reusable.yaml workflow.
Examples
To verify the reproducibility of a snapshot, you can use:
Snippet from an example
build.yaml using this workflowverify-reproducibility-snapshot:
needs: deploy-snapshot
name: "verify-reproducibility (${{ needs.deploy-snapshot.outputs.project-version }})"
uses: apache/logging-parent/.github/workflows/verify-reproducibility-reusable.yaml@rel/${site-project.version}
with:
# Reference repository
nexus-url: https://repository.apache.org/content/groups/snapshots
# Encode the `runs-on` input as JSON array
runs-on: '["ubuntu-latest", "macos-latest"]'To verify the reproducibility of a release, you can use:
Snippet from an example
build.yaml using this workflowverify-reproducibility-release:
needs: deploy-release
name: "verify-reproducibility (${{ needs.deploy-release.outputs.project-version }})"
uses: apache/logging-parent/.github/workflows/verify-reproducibility-reusable.yaml@rel/${site-project.version}
with:
# Reference repository
nexus-url: ${{ needs.deploy-release.outputs.nexus-url }}
# Encode the `runs-on` input as JSON array
runs-on: '["ubuntu-latest", "macos-latest"]'merge-dependabot-reusable.yaml
Merges Dependabot PRs along with changelog entries.
deploy-site-reusable.yaml
This workflow builds and deploys the website.
Examples
To update the staging website, you can use:
Snippet from an example
deploy-site.yaml using this workflowdeploy-site-stg:
if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/${site-project.version}
# Secrets for committing the generated site
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
# Write permissions for committing the generated site
permissions:
contents: write
with:
asf-yaml-content: |
staging:
profile: ~
whoami: ${{ github.ref_name }}-site-stg-out
subdir: content/log4j/2.x
install-required: true
target-branch: ${{ github.ref_name }}-site-stg-outTo stage a separate website for a release candidate, you can use:
Snippet from an example
deploy-site.yaml using this workflowexport-version:
if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/')
runs-on: ubuntu-latest
outputs:
version: ${{ steps.export-version.outputs.version }}
steps:
- name: Export version
id: export-version
run: |
version=$(echo "${{ github.ref_name }}" | sed 's/^release\///')
echo "version=$version" >> "$GITHUB_OUTPUT"
deploy-site-rel:
needs: export-version
uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/${site-project.version}
# Secrets for committing the generated site
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
# Write permissions for committing the generated site
permissions:
contents: write
with:
asf-yaml-content: |
staging:
profile: ~
whoami: ${{ github.ref_name }}-site-stg-out
subdir: content/log4j/${{ needs.export-version.outputs.version }}
install-required: true
target-branch: ${{ github.ref_name }}-site-stg-outTo update the production website after a release, you can use:
Snippet from an example
deploy-site.yaml using this workflowdeploy-site-pro:
if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x-site-pro'
uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/12.1.0
# Secrets for committing the generated site
secrets:
GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
# Write permissions for committing the generated site
permissions:
contents: write
with:
asf-yaml-content: |
publish:
profile: ~
whoami: ${{ github.ref_name }}-out
subdir: content/log4j/2.x
install-required: true
target-branch: ${{ github.ref_name }}-out