Feat: Added github actions and workflows and publish scripts#2
Open
Feat: Added github actions and workflows and publish scripts#2
Conversation
pmathew92
reviewed
Feb 20, 2026
| @@ -0,0 +1,10 @@ | |||
| name: "Validate Gradle Wrapper" | |||
| on: [push, pull_request] | |||
There was a problem hiding this comment.
Do you need the push action here ? Shouldn't this be run only after the PR is raised and subsequent builds ?
pmathew92
approved these changes
Feb 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds a complete CI/CD pipeline, including build/test automation, security scanning, and Maven Central publishing for
auth0-springboot-api.Changes
GitHub Actions (
.github/actions/)Seven composite actions for release orchestration:
get-version— reads version from.versionfileget-prerelease— detects beta/alpha pre-release versionsget-release-notes— extracts release notes from PR bodytag-exists— checks if git tag already existsmaven-publish— installs Java (SDKMAN), validates Gradle wrapper, publishes to Sonatype Maven Centralrelease-create— creates GitHub release viasoftprops/action-gh-releaserl-scanner— Reversing Labs security scanning on build artifactsWorkflows (
.github/workflows/)build-and-test.yml— runs on PR/push/merge_group; builds all modules, runs tests, uploads Codecov and test reportsgradle-wrapper-validation.yml— validates Gradle wrapper integrity on PR/pushsnyk.yml— Snyk vulnerability scanning on PR/push + bi-monthly schedulerl-scanner.yml— reusable workflow for Reversing Labs artifact scanningjava-release.yml— reusable release workflow (version → prerelease check → tag check → Maven publish → GitHub release)release.yml— top-level release trigger: runs RL scanner then Java release; triggered on mergedrelease/*PRs or manual dispatchPublishing Infrastructure
gradle/versioning.gradle— version management from.versionfile with snapshot support (-PisSnapshot=false)gradle/maven-publish.gradle— shared Maven publishing config with PGP signing (in-memory keys), sources JAR, javadoc JAR, full POM metadatagradle.properties— POM metadata properties (group:com.auth0, artifactId:auth0-springboot-api)build.gradle— addedio.github.gradle-nexus.publish-pluginwith Sonatype Central repository configauth0-springboot-api/build.gradle— replaced inline publishing block with shared gradle scriptsDependency Management
.github/dependabot.yml— daily Dependabot updates for GitHub Actions and Gradle dependencies (semver-major ignored)Publishing Scope
Only
auth0-springboot-apiis published to Maven Central ascom.auth0:auth0-springboot-api. Theauth0-api-javamodule is compiled as an internal dependency but is not published. The playground module is excluded entirely.