Skip to content

Commit

Permalink
Issue #217: WIP: Artifactory Release and Publish
Browse files Browse the repository at this point in the history
  • Loading branch information
@ALRubinger
ALRubinger committed Mar 13, 2024
1 parent f30f1cc commit 82426c4
Show file tree
Hide file tree
Showing 4 changed files with 153 additions and 27 deletions.
9 changes: 8 additions & 1 deletion .github/workflows/build-test-deploy.yml → ...test-publish-snapshot-tbd-artifactory.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
name: Build, Test, and Deploy SNAPSHOT
# Runs on every commit to main. This is the main CI job; it:
# * Builds
# * Runs tests
# * Uploads Test reports to BuildKite
# * Uploads Coverage reports to CodeCov
# * Uploads Web5 Test Vectors reports to the SDK Report Runner
# * Publishes (deploys) a SNAPSHOT to TBD's Artifactory instance
name: Build, Test, and Publish SNAPSHOT to TBD Artifactory

on:
workflow_dispatch:
Expand Down
32 changes: 7 additions & 25 deletions .github/workflows/publish.yml → .github/workflows/release-publish-final.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
# Final step of the release process. Handles:
# * Building from tag and publishing to Maven Central
# * Creating a new "release" in GitHub
#
# This workflow is intended to be triggered as event from Artifactory after scanning
# NOTE: ALR left off here; this is not done yet
name: Release and Publish to Maven Central
on:
workflow_dispatch:
Expand Down Expand Up @@ -29,30 +35,6 @@ jobs:
restore-keys: |
${{ runner.os }}-maven-
# Adapted from: https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c
- name: Install gpg secret key
run: |
# Install gpg secret key
cat <(echo -e "${{ secrets.GPG_SECRET_KEY }}") | gpg --batch --import
# Verify gpg secret key
gpg --list-secret-keys --keyid-format LONG
# This will set versions, git tag, and publish to TBD Artifactory. Does not release to Maven Central.
- name: Staging - Prepare and Publish Release to TBD Artifactory
run: |
mvn \
release:prepare \
release:stage \
--batch-mode \
--settings .maven_settings.xml \
-DreleaseVersion=${{ github.event.inputs.version }} \
-DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} \
-Dgpg.passphrase=${{ secrets.GPG_SECRET_PASSPHRASE }} \
-DstagingRepository=https://blockxyz.jfrog.io/artifactory/tbd-oss-releases-maven2
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}

- name: Create GitHub Release
uses: softprops/action-gh-release@v1
# skips snapshot releases
Expand All @@ -61,4 +43,4 @@ jobs:
tag_name: v${{ github.event.inputs.version }}
draft: false
prerelease: true
generate_release_notes: true
generate_release_notes: true
83 changes: 83 additions & 0 deletions .github/workflows/release-publish-tbd-artifactory.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
# Kicks off the release process:
#
# * Sets release version
# * Builds
# * Tests
# * Creates artifactrs
# * Uploads to TBD Artifactory
# * Tags git with release number
# * Pushes changes to git

name: Release and Publish to TBD Artifactory
on:
workflow_dispatch:
inputs:
version:
description: 'Version to publish. For example "1.0.0 or 1.0.0-SNAPSHOT"'
required: true
default: '0.0.0'
developmentVersion:
description: 'Next development version. For example "1.1.0". The system will append "-SNAPSHOT" to the end of this input to reflect the next development version.'
required: true
default: "0.0.0"
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true

# https://cashapp.github.io/hermit/usage/ci/
- name: Init Hermit
uses: cashapp/activate-hermit@v1

- uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Adapted from: https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c
- name: Install gpg secret key
run: |
# Install gpg secret key
cat <(echo -e "${{ secrets.GPG_SECRET_KEY }}") | gpg --batch --import
# Verify gpg secret key
gpg --list-secret-keys --keyid-format LONG
# Used in writing commits in the release process
- name: Set Git Config
run: |
git config user.name "tbd-releases"
git config user.email "[email protected]"
# This will set versions, git tag, and publish to TBD Artifactory. Does not release to Maven Central.
- name: Release and Publish to TBD Artifactory
run: |
# Resolve versions from GH Actions inputs into bash variables
resolvedVersion=${{ github.event.inputs.version }}
resolvedNextVersion=${{ github.event.inputs.version }}
# Precondition check; only allow this to proceed if we have a version ending in "-SNAPSHOT"
if [[ "$resolvedVersion" =~ -SNAPSHOT$ ]]; then
echo "Error: The version must not end with \"-SNAPSHOT\": $resolvedVersion"
exit 1
fi
if [[ ! "resolvedNextVersion" =~ -SNAPSHOT$ ]]; then
echo "Error: The next development version must end with \"-SNAPSHOT\": $resolvedNextVersion"
exit 1
fi
mvn -e \
release:prepare \
release:perform \
--batch-mode \
--settings .maven_settings.xml \
-DreleaseVersion=$resolvedVersion \
-DdevelopmentVersion=$resolvedNextVersion \
-Dgpg.passphrase=${{ secrets.GPG_SECRET_PASSPHRASE }}
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
56 changes: 55 additions & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
<connection>scm:git:git://github.com/TBD54566975/web5-kt.git</connection>
<developerConnection>scm:git:[email protected]:TBD54566975/web5-kt.git</developerConnection>
<url>https://github.com/TBD54566975/web5-kt</url>
<tag>HEAD</tag>
<tag>issue-217/maven-build</tag>
</scm>

<!-- Developers -->
Expand Down Expand Up @@ -416,6 +416,10 @@
<artifactId>maven-gpg-plugin</artifactId>
<version>3.1.0</version>
</plugin>
<plugin>
<artifactId>maven-release-plugin</artifactId>
<version>3.0.1</version>
</plugin>
<!-- site lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#site_Lifecycle -->
<plugin>
<artifactId>maven-site-plugin</artifactId>
Expand All @@ -435,6 +439,11 @@
<artifactId>kover-maven-plugin</artifactId>
<version>${version.io.github.martinvisser}</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>3.2.0</version>
</plugin>
<plugin>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-maven-plugin</artifactId>
Expand All @@ -443,6 +452,22 @@
</plugins>
</pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<configuration>
<autoVersionSubmodules>true</autoVersionSubmodules>
<pushChanges>true</pushChanges>
<tagNameFormat>v@{project.version}</tagNameFormat>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<deployAtEnd>true</deployAtEnd>
</configuration>
</plugin>
<plugin>
<groupId>io.github.martinvisser</groupId>
<artifactId>kover-maven-plugin</artifactId>
Expand Down Expand Up @@ -490,6 +515,35 @@
</dependency>
</dependencies>
</plugin>
<!--
This is needed because the maven-release-plugin does not check out
submodules, needed for Web5 Test Vectors
Idea from: https://sumit-jha.medium.com/how-to-make-maven-release-plugin-work-with-git-submodules-917825a253f2
-->
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<inherited>false</inherited>
<executions>
<execution>
<id>clone git submodule</id>
<phase>initialize</phase>
<configuration>
<executable>git</executable>
<arguments>
<argument>submodule</argument>
<argument>update</argument>
<argument>--init</argument>
<argument>--recursive</argument>
</arguments>
</configuration>
<goals>
<goal>exec</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-maven-plugin</artifactId>
Expand Down

0 comments on commit 82426c4

Please sign in to comment.