Merge branch 'develop' into release/2.0.0

# Conflicts:
#	.github/workflows/build.yml

.github/workflows/build.yml

@@ -1,56 +1,44 @@
 name: Build
-
 on:
   [push]
-
 jobs:
   build:
     name: Build and Test
     runs-on: ubuntu-latest
     if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
-    env:
-      BUILD_VERSION: SNAPSHOT
-    outputs:
-      artifact-version: ${{ steps.setversion.outputs.version }}
     steps:
       - uses: actions/checkout@v2
       - uses: actions/setup-java@v1
         with:
           java-version: 11
-          server-id: bintray-jcenter
-          server-username: BINTRAY_USERNAME
-          server-password: BINTRAY_API_KEY
-      - uses: actions/cache@v1
+      - uses: actions/cache@v2
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-
       - name: Ensure to use tagged version
-        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
         if: startsWith(github.ref, 'refs/tags/')
-      - name: Export the project version to the job environment and fix it as an ouput of this job
-        id: setversion
-        run: |
-          v=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
-          echo "BUILD_VERSION=${v}" >> $GITHUB_ENV
-          echo "::set-output name=version::${v}"
+        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
       - name: Build and Test
+        id: buildAndTest
         run: mvn -B clean install jacoco:report -Pcoverage,dependency-check
       - name: Upload code coverage report
         id: codacyCoverageReporter
         run: bash <(curl -Ls https://coverage.codacy.com/get.sh)
         env:
           CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
         continue-on-error: true
-      - name: Upload snapshot artifact cryptolib-${{ env.BUILD_VERSION }}.jar
-        uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v2
         with:
-          name: cryptolib-${{ env.BUILD_VERSION }}
-          path: target/cryptolib-${{ env.BUILD_VERSION }}.jar
-      - name: Build and deploy to jcenter
+          name: artifacts
+          path: target/*.jar
+      - name: Create Release
+        uses: actions/create-release@v1
         if: startsWith(github.ref, 'refs/tags/')
-        run: mvn -B deploy -DskipTests -Prelease
         env:
-          BINTRAY_USERNAME: cryptobot
-          BINTRAY_API_KEY: ${{ secrets.BINTRAY_API_KEY }}
+          GITHUB_TOKEN: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }} # release as "cryptobot"
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          prerelease: true

.github/workflows/codeql-analysis.yml

@@ -1,44 +1,37 @@
+
 name: "CodeQL"
 
 on:
   push:
-    branches: [develop, master]
+    branches: [develop, main]
   pull_request:
-    # The branches below must be a subset of the branches above
     branches: [develop]
   schedule:
-    - cron: '0 0 * * 4'
+    - cron: '0 6 * * 0'
 
 jobs:
   analyse:
     name: Analyse
     runs-on: ubuntu-latest
     if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
+    - uses: actions/checkout@v2
       with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
         fetch-depth: 2
     - uses: actions/setup-java@v1
       with:
         java-version: 11
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-
-    # Initializes the CodeQL tools for scanning.
+    - uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository
+        key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os }}-maven-
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1
       with:
         languages: java
-
-    # Build project
     - name: Build and Test
-      run: mvn -B install
-
+      run: mvn -B install -DskipTests
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v1

.github/workflows/publish-central.yml

@@ -0,0 +1,37 @@
+name: Publish to Maven Central
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Tag'
+        required: true
+        default: '0.0.0'
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          ref: "refs/tags/${{ github.event.inputs.tag }}"
+      - uses: actions/setup-java@v1
+        with:
+          java-version: 11
+          server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
+          server-username: MAVEN_USERNAME # env variable for username in deploy
+          server-password: MAVEN_PASSWORD # env variable for token in deploy
+          gpg-private-key: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
+      - uses: actions/cache@v2
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Enforce project version ${{ github.event.inputs.tag }}
+        run: mvn versions:set -B -DnewVersion=${{ github.event.inputs.tag }}
+      - name: Deploy
+        run: mvn deploy -B -DskipTests -Psign,deploy-central --no-transfer-progress
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}

.github/workflows/publish-github.yml

@@ -0,0 +1,40 @@
+name: Publish to GitHub Packages
+on:
+  release:
+    types: [published]
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/') # only allow publishing tagged versions
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-java@v1
+        with:
+          java-version: 11
+          gpg-private-key: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
+      - uses: actions/cache@v2
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Enforce project version ${{ github.event.release.tag_name }}
+        run: mvn versions:set -B -DnewVersion=${{ github.event.release.tag_name }}
+      - name: Deploy
+        run: mvn deploy -B -DskipTests -Psign,deploy-github --no-transfer-progress
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+      - name: Slack Notification
+        uses: rtCamp/action-slack-notify@v2
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_USERNAME: 'Cryptobot'
+          SLACK_ICON:
+          SLACK_ICON_EMOJI: ':bot:'
+          SLACK_CHANNEL: 'cryptomator-desktop'
+          SLACK_TITLE: "Published ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}"
+          SLACK_MESSAGE: "Ready to <https://github.com/${{ github.repository }}/actions?query=workflow%3A%22Publish+to+Maven+Central%22|deploy to Maven Central>."
+          SLACK_FOOTER:
+          MSG_MINIMAL: true