This repository contains reusable GitHub Actions workflows for OCTRI repositories.
Reference these workflows from a caller workflow using workflow_call:
jobs:
build:
uses: OHSU-OCTRI/shared-workflows/.github/workflows/java-build.yaml@main
with:
java_version: "21"
secrets: inheritBuilds a container image and pushes to GitHub Container Registry. Optionally downloads a named artifact for use in the build, such as that created by java-build.yaml.
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
platforms |
string | no | Comma-separated string of platforms to include in the image (default: linux/amd64,linux/arm64). |
artifact_name |
string | no | Optional artifact to download and use in the build, as created by actions/upload-artifact. |
artifact_path |
string | no | Optional destination path for the downloaded artifact. |
Trigger: workflow_call
Required secrets/vars: GITHUB_TOKEN, IMAGE_NAME (repository variable)
An IMAGE_NAME repository variable is required to push the image to the registry. This should be set to the full ghcr.io/OHSU-OCTRI/... image name.
Automatically appends Dependabot dependency updates to CHANGELOG.md when a PR is labeled dependencies.
Trigger: workflow_call
Builds, tests, and publishes a Maven project to GitHub Packages.
See java-test-build.yaml for a similar workflow that does not publish the build artifacts.
Trigger: workflow_call
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
java_version |
string | yes | Java version for setup-java |
publish_to_github_packages |
boolean | no | Whether to publish build to GitHub packages. Defaults to false. |
publish_to_maven_central |
boolean | no | Whether to publish to Maven Central. Defaults to false. |
Required secrets: MAVEN_GPG_PRIVATE_KEY, MAVEN_GPG_PASSPHRASE, MAVEN_USERNAME, MAVEN_PASSWORD
If the optional APP_JAR_NAME repository variable is defined, the specified JAR file in the target directory is uploaded for use by the java-image-build.yaml workflow.
Builds a container image and pushes to GitHub Container Registry. Use the java-build.yaml workflow to build and upload the application JAR file required by this workflow.
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
platforms |
string | no | Comma-separated string of platforms to include in the image (default: linux/amd64,linux/arm64). |
Trigger: workflow_call
Required secrets/vars: GITHUB_TOKEN, APP_JAR_NAME (repository variable), IMAGE_NAME (repository variable)
The APP_JAR_NAME repository variable must be set to the name of the application JAR file in the target directory to ensure that the JAR file is available for the container build, and the IMAGE_NAME repository is required to push the image to the registry.
Performs a full Maven release: updates the changelog, cuts a Git tag, publishes a GitHub Release, updates Kubernetes manifests, and triggers artifact builds.
Trigger: workflow_call
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
version |
string | yes | Version to release (e.g. 1.2.3) |
development_version |
string | yes | Next development version (e.g. 1.3.0; -SNAPSHOT is appended automatically) |
java_version |
string | yes | Java version for setup-java |
update_manifests |
boolean | no | Whether to update image versions in Kubernetes manifests. Defaults to false. Requires the IMAGE_NAME repository variable to be defined. |
Required secrets/vars: GITHUB_TOKEN, IMAGE_NAME (repository variable)
Builds and tests a Maven project for pull requests (without requiring access to any secrets).
See java-build.yaml for a similar workflow that publishes the build artifacts to GitHub Packages and Maven Central.
Trigger: workflow_call
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
java_version |
string | yes | Java version for setup-java |
Runs Node.js tests. Your package.json file must have a script named test:ci that runs your test suite.
Trigger: workflow_call
Inputs:
| Input | Type | Required | Description |
|---|---|---|---|
node_version |
string | yes | Node.js version for setup-node |
run_type_checks |
boolean | no | Whether to run type checks. Defaults to false. Requires a script named test:types. |
Required secrets: None