From 2376a9d6b0889749feb7492b7a84e17912f68fdf Mon Sep 17 00:00:00 2001 From: Puneet Behl Date: Fri, 5 Apr 2024 20:57:10 +0530 Subject: [PATCH] chore(ci): update release workflow configurations (#13464) - Enable disabled steps - Breakdown release into mutliple jobs. - Use `actions/gradle/setup-gradle@v3` instead of `gradle/gradle-build-action` - Use gradle/wrapper-validation-action@v2` --- .github/workflows/release.yml | 42 ++++++++++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7c36a763a1d..2d9e67017be 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,6 +20,7 @@ jobs: uses: actions/checkout@v4 with: token: ${{ secrets.GH_TOKEN }} + - uses: gradle/wrapper-validation-action@v2 - name: Set up JDK uses: actions/setup-java@v4 with: @@ -42,7 +43,7 @@ jobs: - name: Run Assemble if: success() id: assemble - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v3 + uses: gradle/actions/setup-gradle@v3 with: arguments: assemble env: @@ -51,7 +52,7 @@ jobs: GRADLE_ENTERPRISE_BUILD_CACHE_NODE_KEY: ${{ secrets.GRADLE_ENTERPRISE_BUILD_CACHE_NODE_KEY }} - name: Upload Distribution if: success() - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4 + uses: actions/upload-artifact@v4 with: name: grails-${{ steps.release_version.outputs.value }}.zip path: build/distributions/grails-${{ steps.release_version.outputs.value }}.zip @@ -64,14 +65,14 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Generate secring file - if: success() && false + if: success() env: SECRING_FILE: ${{ secrets.SECRING_FILE }} run: echo $SECRING_FILE | base64 -d > ${{ github.workspace }}/secring.gpg - name: Publish to Sonatype OSSRH id: publish - if: success() && false - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v3 + if: success() + uses: gradle/actions/setup-gradle@v3 env: GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} GRADLE_ENTERPRISE_BUILD_CACHE_NODE_USER: ${{ secrets.GRADLE_ENTERPRISE_BUILD_CACHE_NODE_USER }} @@ -84,7 +85,36 @@ jobs: SIGNING_PASSPHRASE: ${{ secrets.SIGNING_PASSPHRASE }} SECRING_FILE: ${{ secrets.SECRING_FILE }} with: - arguments: -Psigning.secretKeyRingFile=${{ github.workspace }}/secring.gpg publishToSonatype closeAndReleaseSonatypeStagingRepository + arguments: | + -Psigning.secretKeyRingFile=${{ github.workspace }}/secring.gpg + publishToSonatype + closeSonatypeStagingRepository + release: + needs: publish + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + token: ${{ secrets.GH_TOKEN }} + ref: v${{ needs.publish.outputs.release_version }} + - uses: gradle/wrapper-validation-action@v2 + - name: Nexus Staging Close And Release + uses: gradle/actions/setup-gradle@v3 + env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + GRADLE_ENTERPRISE_BUILD_CACHE_NODE_USER: ${{ secrets.GRADLE_ENTERPRISE_BUILD_CACHE_NODE_USER }} + GRADLE_ENTERPRISE_BUILD_CACHE_NODE_KEY: ${{ secrets.GRADLE_ENTERPRISE_BUILD_CACHE_NODE_KEY }} + SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} + SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} + SONATYPE_NEXUS_URL: ${{ secrets.SONATYPE_NEXUS_URL }} + SONATYPE_STAGING_PROFILE_ID: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }} + with: + arguments: | + findSonatypeStagingRepository + releaseSonatypeStagingRepository - name: Run post-release if: success() uses: ./.github/actions/post-release