feat: 187 create mobilitydata maven packages (#190)

Author: jcpitre

.github/workflows/build.yml

@@ -3,20 +3,26 @@ on:
   pull_request:
     branches:
       - master
-  push:
-    branches:
-      - master
+  workflow_dispatch:
+
+env:
+  java_version: '17'
+  java_distribution: 'zulu'
+
 jobs:
   maven-package:
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v5
         with:
           fetch-depth: 0
-      - uses: actions/setup-java@v5
+      - name: Set up JDK ${{ env.java_version }}-${{ env.java_distribution }}
+        uses: actions/setup-java@v5
         with:
-          java-version: 17.0.13
-          distribution: liberica
+          java-version: ${{ env.java_version }}
+          distribution: ${{ env.java_distribution }}
+      - name: Print Java and Maven versions
+        run: mvn --version
       - name: Cache Maven dependencies
         uses: actions/cache@v4
         with:
@@ -27,7 +33,7 @@ jobs:
             ${{ runner.os }}-maven-
             ${{ runner.os }}-
       - name: Run maven build
-        run: mvn verify -PprettierCheck -Dprettier.nodePath=node -Dprettier.npmPath=npm
+        run: mvn verify -PprettierCheck -Dprettier.nodePath=node -Dprettier.npmPath=npm -ntp
       - name: codecov
         uses: codecov/codecov-action@v5
         with:

.github/workflows/deploy-snapshot.yml

@@ -0,0 +1,100 @@
+name: Publish Snapshot
+# Required secrets / variables:
+#
+#   Secrets are loaded from 1Password when both of the following are set:
+#     - secrets.OP_SERVICE_ACCOUNT_TOKEN   — 1Password service account token
+#     - vars.ONE_PASSWORD_SECRET_REFERENCES — 1Password secret references for the variables below
+#
+#   Without 1Password, set these GitHub repository secrets directly as a fallback:
+#     - MAVEN_GPG_PRIVATE_KEY              — armored GPG private key (used to sign artifacts)
+#     - MAVEN_GPG_PASSPHRASE               — passphrase for the GPG key
+#     - MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME — Maven Central portal token username
+#     - MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD — Maven Central portal token password
+
+concurrency:
+  group: deploy-master
+  cancel-in-progress: false
+
+on:
+  push:
+    branches:
+      - master
+  workflow_dispatch:  # Manual trigger
+
+env:
+  java_version: '17'
+  java_distribution: 'zulu'
+
+jobs:
+  publish-snapshot:
+    if: "github.event_name == 'workflow_dispatch' || !contains(github.event.head_commit.message, 'ci skip')"
+    runs-on: ubuntu-24.04
+    env:
+      HAS_1PASSWORD: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN != '' && vars.ONE_PASSWORD_SECRET_REFERENCES != '' }}
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+      - name: Set up JDK ${{ env.java_version }}-${{ env.java_distribution }}
+        uses: actions/setup-java@v5
+        with:
+          java-version: ${{ env.java_version }}
+          distribution: ${{ env.java_distribution }}
+      - name: Print Java and Maven versions
+        run: mvn --version
+      - name: Cache Maven dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+            ${{ runner.os }}-maven-
+            ${{ runner.os }}-
+      - name: Load secrets from 1Password
+        if: env.HAS_1PASSWORD == 'true'
+        # Pinned to a specific tag for supply-chain safety. Update the tag in gtfs-validator if the action changes.
+        uses: MobilityData/gtfs-validator/.github/actions/extract-1password-secret@USED_BY_GBFS_VALIDATOR_JAVA # 7bf2832
+        with:
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME, MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD'
+          ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
+      - name: Load secrets from GitHub secrets (fallback for forks without 1Password)
+        if: env.HAS_1PASSWORD != 'true'
+        env:
+          GPG_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
+          GPG_PASS: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
+          MVN_USER: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME }}
+          MVN_PASS: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD }}
+        run: |
+          {
+            echo "MAVEN_GPG_PASSPHRASE=$GPG_PASS"
+            echo "MAVEN_GPG_PRIVATE_KEY<<GPG_EOF"
+            echo "$GPG_KEY"
+            echo "GPG_EOF"
+            echo "MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME=$MVN_USER"
+            echo "MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD=$MVN_PASS"
+          } >> "$GITHUB_ENV"
+      - name: Verify version is not placeholder
+        run: |
+          VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+          if [[ "$VERSION" == *"placeholder"* || "$VERSION" == "0.0.0"* ]]; then
+            echo "ERROR: Version is still '$VERSION' — git-versioning extension failed to resolve. Aborting."
+            exit 1
+          fi
+          echo "Version OK: $VERSION"
+      - name: Stage artifacts
+        run: mvn deploy -Ppublication -Dprettier.skip=true -ntp
+      - name: Publish snapshot to Maven Central
+        env:
+          JRELEASER_GPG_PASSPHRASE: ${{ env.MAVEN_GPG_PASSPHRASE }}
+          JRELEASER_GPG_SECRET_KEY: ${{ env.MAVEN_GPG_PRIVATE_KEY }}
+        # -N (non-recursive): run JReleaser only at the root so it uploads a single bundle.
+        # Without it, JReleaser runs once per module and the second run fails with "already deployed".
+        run: mvn jreleaser:deploy -Djreleaser.output.directory=out -ntp -N
+      - name: Upload JReleaser output
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: jreleaser-snapshot-logs
+          path: out/

.github/workflows/deploy.yml

@@ -0,0 +1,114 @@
+name: Release
+# Required secrets / variables:
+#
+#   Secrets are loaded from 1Password when both of the following are set:
+#     - secrets.OP_SERVICE_ACCOUNT_TOKEN   — 1Password service account token
+#     - vars.ONE_PASSWORD_SECRET_REFERENCES — 1Password secret references for the variables below
+#
+#   Without 1Password, set these GitHub repository secrets directly as a fallback:
+#     - MAVEN_GPG_PRIVATE_KEY              — armored GPG private key (used to sign artifacts)
+#     - MAVEN_GPG_PASSPHRASE               — passphrase for the GPG key
+#     - MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME — Maven Central portal token username
+#     - MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD — Maven Central portal token password
+
+# Triggered when a GitHub release is published (released).
+# Builds, signs, and publishes all artifacts to Maven Central automatically.
+# The CLI fat jar is also uploaded to the GitHub release assets.
+#
+# The project version is derived from the git tag (e.g. v3.0.0 → 3.0.0) and applied to all
+# modules in-place via versions:set before building. No pom.xml version commits are needed.
+on:
+  release:
+    types: [released]
+
+env:
+  java_version: '17'
+  java_distribution: 'zulu'
+
+jobs:
+  release:
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: write
+    env:
+      HAS_1PASSWORD: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN != '' && vars.ONE_PASSWORD_SECRET_REFERENCES != '' }}
+    steps:
+      - uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          # Check out the exact tagged commit so the version is correctly resolved from the tag.
+          ref: ${{ github.event.release.tag_name }}
+      - name: Set up JDK ${{ env.java_version }}-${{ env.java_distribution }}
+        uses: actions/setup-java@v5
+        with:
+          java-version: ${{ env.java_version }}
+          distribution: ${{ env.java_distribution }}
+      - name: Print Java and Maven versions
+        run: mvn --version
+      - name: Cache Maven dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+            ${{ runner.os }}-maven-
+            ${{ runner.os }}-
+      - name: Load secrets from 1Password
+        if: env.HAS_1PASSWORD == 'true'
+        # Pinned to a specific tag for supply-chain safety. Update the tag in gtfs-validator if the action changes.
+        uses: MobilityData/gtfs-validator/.github/actions/extract-1password-secret@USED_BY_GBFS_VALIDATOR_JAVA # 7bf2832
+        with:
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME, MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD'
+          ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
+      - name: Load secrets from GitHub secrets (fallback for forks without 1Password)
+        if: env.HAS_1PASSWORD != 'true'
+        env:
+          GPG_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
+          GPG_PASS: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
+          MVN_USER: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME }}
+          MVN_PASS: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD }}
+        run: |
+          {
+            echo "MAVEN_GPG_PASSPHRASE=$GPG_PASS"
+            echo "MAVEN_GPG_PRIVATE_KEY<<GPG_EOF"
+            echo "$GPG_KEY"
+            echo "GPG_EOF"
+            echo "MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME=$MVN_USER"
+            echo "MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD=$MVN_PASS"
+          } >> "$GITHUB_ENV"
+      - name: Set release version from tag
+        run: |
+          TAG="${{ github.event.release.tag_name }}"
+          VERSION="${TAG#v}"
+          echo "Setting version: $VERSION"
+          mvn --batch-mode -ntp versions:set -DnewVersion="$VERSION" -DprocessAllModules=true -DgenerateBackupPoms=false
+      - name: Verify version is not placeholder
+        run: |
+          VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+          if [[ "$VERSION" == *"placeholder"* || "$VERSION" == "0.0.0"* ]]; then
+            echo "ERROR: Version is still '$VERSION' — aborting release."
+            exit 1
+          fi
+          echo "Version OK: $VERSION"
+      - name: Stage artifacts
+        run: mvn deploy -Ppublication -Dprettier.skip=true -ntp
+      - name: Upload CLI fat jar to GitHub release
+        run: |
+          gh release upload "${{ github.event.release.tag_name }}" \
+            gbfs-validator-java-cli/target/gbfs-validator-cli.jar \
+            --clobber
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Deploy to Maven Central
+        env:
+          JRELEASER_GPG_PASSPHRASE: ${{ env.MAVEN_GPG_PASSPHRASE }}
+          JRELEASER_GPG_SECRET_KEY: ${{ env.MAVEN_GPG_PRIVATE_KEY }}
+        run: mvn jreleaser:deploy -Djreleaser.output.directory=out -ntp -N
+      - name: Upload JReleaser output
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: jreleaser-release-logs
+          path: out/

.github/workflows/release.yml

@@ -11,4 +11,7 @@ buildNumber.properties
 # https://github.com/takari/maven-wrapper#usage-without-binary-jar
 .mvn/wrapper/maven-wrapper.jar
 
+# Generated by maven-git-versioning-extension at build time — not to be committed
+.git-versioned-pom.xml
+
 .vscode

.gitignore

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0"
+            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+            xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 https://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
+  <extension>
+    <groupId>me.qoomon</groupId>
+    <artifactId>maven-git-versioning-extension</artifactId>
+    <version>9.11.0</version>
+  </extension>
+</extensions>

.mvn/extensions.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration xmlns="https://github.com/qoomon/maven-git-versioning-extension"
+               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+               xsi:schemaLocation="https://github.com/qoomon/maven-git-versioning-extension
+                                   https://github.com/qoomon/maven-git-versioning-extension/raw/master/src/main/resources/configuration-schema.xsd">
+
+  <refs>
+    <!-- Tagged commit: use the tag version directly (e.g. v2.0.67 → 2.0.67) -->
+    <ref type="tag" pattern="v(?&lt;version&gt;.*)">
+      <version>${version}</version>
+    </ref>
+
+    <!-- master branch: increment patch and add SNAPSHOT (e.g. after v2.0.66 → 2.0.67-SNAPSHOT) -->
+    <ref type="branch" pattern="master">
+      <version>${describe.tag.version.major}.${describe.tag.version.minor}.${describe.tag.version.patch.next}-SNAPSHOT</version>
+    </ref>
+
+    <!-- Any other branch: use branch name + SNAPSHOT for local development -->
+    <ref type="branch" pattern=".*">
+      <version>${describe.tag.version.major}.${describe.tag.version.minor}.${describe.tag.version.patch.next}-SNAPSHOT</version>
+    </ref>
+  </refs>
+</configuration>

.mvn/maven-git-versioning-extension.xml

@@ -8,6 +8,10 @@ Validate GBFS feeds. Intended as Java native alternative to https://github.com/M
 
 Uses the official json schema to validate files.
 
+## Example
+
+See the [`example/`](example/) directory for a working Maven project that depends on this library as a published artifact.
+
 ## Usage
 
 Create an instance of `GbfsValidator`:

README.md

@@ -0,0 +1,3 @@
+target/
+.idea/
+*.iml