.github/workflows/release.yml #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Kicks off the release process: | |
# | |
# * Sets release version | |
# * Builds | |
# * Tests | |
# * Creates artifacts for binaries and sources | |
# * Signs artifacts | |
# * Uploads artifacts to TBD Artifactory | |
# * Tags git with release number "v$version" | |
# * Keeps development version in the pom.xml to 0.0.0-main-SNAPSHOT | |
# * Pushes changes to git | |
# * Triggers job to: | |
# * Build from tag and upload to Maven Central | |
# * Create GitHub Release "v$version" | |
# * Publish API Docs | |
name: Release and Publish | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: '(Required) The version to release. Must be a real version, not a SNAPSHOT (ie. ending in "-SNAPSHOT"). For example "1.0.0", "1.0.0-alpha-1".' | |
required: true | |
jobs: | |
release-publish-tbd-artifactory: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
token: ${{ secrets.TBD_RELEASE_GITHUB_PERSONAL_ACCESS_TOKEN }} | |
# https://cashapp.github.io/hermit/usage/ci/ | |
- name: Init Hermit | |
uses: cashapp/activate-hermit@v1 | |
- uses: actions/cache@v3 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
# Used in writing commits in the release process | |
- name: Set Git Config | |
run: | | |
git config user.name "tbd-releases" | |
git config user.email "[email protected]" | |
# This will set versions, git tag, sign, and publish to TBD Artifactory. Does not release to Maven Central. | |
- name: Release and Publish to TBD Artifactory | |
run: | | |
# Get the required provided version | |
version=${{ github.event.inputs.version }} | |
# Precondition check; do not allow this to proceed if a version ending in "-SNAPSHOT" was specified | |
if [[ $version =~ -SNAPSHOT$ ]]; then | |
echo "Error: The version for release must not end with \"-SNAPSHOT\": $version" | |
exit 1 | |
fi | |
# Get the existing version from the POM and set it to the nextVersion, keeping the POM effectively versionless | |
nextVersion=$(grep -oPm1 "(?<=<version>)[^<]+" pom.xml) | |
if [[ -z $nextVersion ]]; then | |
echo "Error: Could not find a version in the pom.xml" | |
exit 1 | |
fi | |
echo "Version to be released: $version" | |
echo "Setting next development version back to original in pom.xml: $nextVersion" | |
mvn -e \ | |
release:prepare \ | |
release:perform \ | |
--batch-mode \ | |
--settings .maven_settings.xml \ | |
-DreleaseVersion=$version \ | |
-DdevelopmentVersion=$nextVersion \ | |
-P sign-artifacts | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
TBD_RELEASE_GITHUB_PERSONAL_ACCESS_TOKEN: ${{ secrets.TBD_RELEASE_GITHUB_PERSONAL_ACCESS_TOKEN }} | |
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }} | |
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }} | |
publish-publicly: | |
needs: release-publish-tbd-artifactory | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: v${{ github.event.inputs.version }} | |
submodules: true | |
# https://cashapp.github.io/hermit/usage/ci/ | |
- name: Init Hermit | |
uses: cashapp/activate-hermit@v1 | |
- uses: actions/cache@v3 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Build, Test, and Deploy to Maven Central | |
run: | | |
echo $(git describe --tags) | |
# Maven deploy lifecycle will build, run tests, verify, sign, and deploy | |
mvn \ | |
deploy \ | |
-P ossrh,sign-artifacts \ | |
--batch-mode \ | |
--settings .maven_settings.xml | |
env: | |
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }} | |
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }} | |
- name: Download Dokka CLI and Build HTML APIDocs | |
working-directory: . | |
run: ./scripts/dokka.sh | |
- name: Upload artifact | |
uses: actions/upload-artifact@v2 | |
with: | |
name: docs | |
path: target/apidocs | |
- name: Create GitHub Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
tag_name: v${{ github.event.inputs.version }} | |
draft: false | |
prerelease: false | |
generate_release_notes: true | |
deploy-api-docs: | |
runs-on: ubuntu-latest | |
needs: [publish-publicly] | |
steps: | |
- uses: actions/download-artifact@v2 | |
with: | |
path: public | |
- name: Deploy | |
uses: peaceiris/actions-gh-pages@v3 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
keep_files: true | |
publish_dir: ./public | |
full_commit_message: Publish documentation to GitHub pages |