diff --git a/.ci/build.sh b/.ci/build.sh index f7ced21cec..e4b8169a07 100755 --- a/.ci/build.sh +++ b/.ci/build.sh @@ -12,7 +12,7 @@ set -e #set -x function pmd_ci_build_main() { - pmd_ci_setup_env + pmd_ci_setup_private_env pmd_ci_setup_gpg_key pmd_ci_setup_ssh diff --git a/.ci/files/maven-settings.xml b/.ci/files/maven-settings.xml index 7e5fc8f539..a8d61b8f1a 100644 --- a/.ci/files/maven-settings.xml +++ b/.ci/files/maven-settings.xml @@ -12,7 +12,7 @@ ossrh - ${env.CI_DEPLY_USER} + ${env.CI_DEPLOY_USER} ${env.CI_DEPLOY_PASSWORD} diff --git a/.ci/files/env.gpg b/.ci/files/private-env.gpg similarity index 100% rename from .ci/files/env.gpg rename to .ci/files/private-env.gpg diff --git a/.ci/files/public-env.gpg b/.ci/files/public-env.gpg new file mode 100644 index 0000000000..8cae0c6b6a Binary files /dev/null and b/.ci/files/public-env.gpg differ diff --git a/.ci/inc/regression-tester.inc b/.ci/inc/regression-tester.inc index 1cd532716a..cb854ab421 100644 --- a/.ci/inc/regression-tester.inc +++ b/.ci/inc/regression-tester.inc @@ -5,11 +5,19 @@ # The functions here require the following environment variables: # PMD_SF_USER # PMD_CI_BRANCH +# +# DANGER_GITHUB_API_TOKEN +# PMD_CI_CHUNK_TOKEN function regression_tester_setup_ci() { # install openjdk8 for pmd-regression-tests .ci/install-openjdk.sh 8 + gpg --batch --yes --decrypt --passphrase="GnxdjywUEPveyCD1RLiTd7t8CImnefYr" \ + --output .ci/files/public-env .ci/files/public-env.gpg + source .ci/files/public-env >/dev/null 2>&1 + rm .ci/files/public-env + if hash "bundler" 2>/dev/null; then log_debug "Bundler is already installed" else @@ -17,11 +25,6 @@ function regression_tester_setup_ci() { gem install bundler fi - # Token for danger to add comments to PRs - export DANGER_GITHUB_API_TOKEN=f2f658fd5e72410e465104b65805dd7245479666 - # Token for uploading reports to chunk.io - export PMD_CI_CHUNK_TOKEN="pmd:dMvJ1TH3oOl76QHf04EJ" - rm -f .bundle/config bundle config set --local path vendor/bundle bundle config set --local with release_notes_preprocessing @@ -38,9 +41,6 @@ function regression_tester_uploadBaseline() { log_debug "$FUNCNAME branch=${PMD_CI_BRANCH}" local targetUrl="https://sourceforge.net/projects/pmd/files/pmd-regression-tester/" - PMD_CI_BRANCH=${PMD_CI_BRANCH##refs/heads/} - log_debug "Using modified branch name: ${PMD_CI_BRANCH}" - local errexitstate="$(shopt -po errexit)" set +e # disable errexit ( @@ -94,10 +94,6 @@ function regression_tester_executeDanger() { set -e trap danger_failed ERR - PMD_CI_BRANCH=${PMD_CI_BRANCH##refs/heads/} - export PMD_CI_BRANCH - log_debug "Using modified branch name: ${PMD_CI_BRANCH}" - # Create a corresponding remote branch locally if ! git show-ref --verify --quiet refs/heads/${PMD_CI_BRANCH}; then git fetch --no-tags origin +refs/heads/${PMD_CI_BRANCH}:refs/remotes/origin/${PMD_CI_BRANCH} diff --git a/.ci/inc/setup-secrets.inc b/.ci/inc/setup-secrets.inc index 849e0f9acd..6cd3ba953b 100644 --- a/.ci/inc/setup-secrets.inc +++ b/.ci/inc/setup-secrets.inc @@ -1,6 +1,6 @@ -function pmd_ci_setup_env() { +function pmd_ci_setup_private_env() { log_info "Setting up secrets as environment variables..." - local -r ENV_FILE=.ci/files/env + local -r ENV_FILE=.ci/files/private-env printenv PMD_CI_SECRET_PASSPHRASE | gpg --batch --yes --decrypt \ --passphrase-fd 0 \ diff --git a/.github/workflows/pull-requests.yml b/.github/workflows/pull-requests.yml index 80fbad8ea6..2b73e3e647 100644 --- a/.github/workflows/pull-requests.yml +++ b/.github/workflows/pull-requests.yml @@ -34,5 +34,5 @@ jobs: shell: bash env: MAVEN_OPTS: -Dmaven.wagon.httpconnectionManager.ttlSeconds=180 -Dmaven.wagon.http.retryHandler.count=3 - PMD_CI_BRANCH: ${{ github.ref }} + PMD_CI_BRANCH: ${{ github.event.base.ref }} PMD_CI_PULL_REQUEST_NUMBER: ${{ github.event.number }}