Skip to content

Release

Release #11

Workflow file for this run

name: Release
on:
workflow_dispatch:
inputs:
releaseVersion:
description: "Default version to use when preparing a release."
required: true
default: "X.Y.Z"
developmentVersion:
description: "Default version to use for new local working copy."
required: true
default: "X.Y.Z-SNAPSHOT"
jobs:
release-maven:
runs-on: 'ubuntu-latest'
steps:
- name: Print github context
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: echo "$GITHUB_CONTEXT"
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: recursive
- name: Set up Java for publishing to Maven Central Repository OSS
uses: actions/setup-java@v4
with:
java-version: '8'
distribution: 'temurin'
server-id: ossrh
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Cache Maven packages
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2-repository
- name: Install gpg secret key
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
if: ${{ env.GPG_PRIVATE_KEY!=''}}
run: |
cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
git config --global user.signingkey B02611B009E5302EB58D102D6C2EDF3C90D33841
- name: Configure Git User
run: |
git config --global user.name "Open Identity Platform Community"
git config --global user.email "[email protected]"
- name: Release and publish to the Maven Central Repository
env:
GITHUB_ACTOR: ${{ github.actor }}
GITHUB_TOKEN: ${{ github.token }}
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10
if: ${{ env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='' }}
run: mvn --batch-mode -Darguments="-Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}" -DsignTag=true -DtagNameFormat="${{ github.event.inputs.releaseVersion }}" -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform --file pom.xml
- name: Release on GitHub
uses: softprops/action-gh-release@v2
with:
name: ${{ github.event.inputs.releaseVersion }}
tag_name: ${{ github.event.inputs.releaseVersion }}
draft: false
prerelease: false
fail_on_unmatched_files: false
generate_release_notes: true
files: |
openig-war/target/*.war
openig-docker/target/Dockerfile*
- uses: actions/checkout@v4
continue-on-error: true
with:
repository: ${{ github.repository }}.wiki
path: ${{ github.event.repository.name }}.wiki
fetch-depth: 0
- name: Publish docs to wiki
continue-on-error: true
shell: bash
env:
GITHUB_ACTOR: ${{ github.actor }}
GITHUB_TOKEN: ${{ github.token }}
run: |
cd ${{ github.event.repository.name }}.wiki
rm -rf docbkx
mv ../openig-doc/target/docbkx ../${{ github.event.repository.name }}.wiki
git add -A
git commit -a -m "upload docs after release ${{ github.event.inputs.releaseVersion }}"
git tag -f ${{ github.event.inputs.releaseVersion }}
git push --quiet --force
git push --quiet --force origin ${{ github.event.inputs.releaseVersion }}
- uses: actions/checkout@v4
continue-on-error: true
with:
repository: OpenIdentityPlatform/doc.openidentityplatform.org
path: doc.openidentityplatform.org
token: ${{ secrets.OIP_PAT_GH_TOKEN }}
- name: Publish docs to site
continue-on-error: true
shell: bash
run: |
export REPO_NAME_LC=$(echo '${{github.event.repository.name}}' | tr '[:upper:]' '[:lower:]')
export TAG_NAME='${{github.event.repository.name}}-${{ github.event.inputs.releaseVersion }}'
cd doc.openidentityplatform.org
git tag -f '${TAG_NAME}'
git push --quiet --force origin '${TAG_NAME}'
release-docker:
runs-on: 'ubuntu-latest'
needs:
- release-maven
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.releaseVersion }}
fetch-depth: 1
submodules: recursive
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}/${{ github.event.repository.name }}
tags: |
type=raw,value=latest
type=raw,value=${{ github.event.inputs.releaseVersion }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push image
uses: docker/build-push-action@v5
continue-on-error: true
with:
context: ./openig-docker
file: ./openig-docker/Dockerfile
build-args: |
VERSION=${{ github.event.inputs.releaseVersion }}
platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le, linux/s390x
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
release-docker-alpine:
runs-on: 'ubuntu-latest'
needs:
- release-maven
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.releaseVersion }}
fetch-depth: 1
submodules: recursive
- name: Docker meta (alpine)
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ github.repository }}
ghcr.io/${{ github.repository }}/${{ github.event.repository.name }}
tags: |
type=raw,value=alpine
type=raw,value=${{ github.event.inputs.releaseVersion }}-alpine
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push image
continue-on-error: true
uses: docker/build-push-action@v5
with:
context: ./openig-docker
file: ./openig-docker/Dockerfile-alpine
build-args: |
VERSION=${{ github.event.inputs.releaseVersion }}
platforms: linux/amd64,linux/arm64/8, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}