From 2e3d34c8ed8a2359881a385b854187fe78ede08a Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Wed, 23 Oct 2024 10:21:10 +0400 Subject: [PATCH 1/6] Keep the old release job, by renaming it to Publish Release - Old COAND-1013 --- .github/workflows/publish_release_old.yml | 81 +++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 .github/workflows/publish_release_old.yml diff --git a/.github/workflows/publish_release_old.yml b/.github/workflows/publish_release_old.yml new file mode 100644 index 0000000000..bdb30353bc --- /dev/null +++ b/.github/workflows/publish_release_old.yml @@ -0,0 +1,81 @@ +name: Publish Release - Old + +# Every time we merge to main branch we publish a release. +on: + push: + branches: [ main ] + workflow_dispatch: + +jobs: + + publish-release: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + ref: main + + - name: Set up JDK + uses: actions/setup-java@v4 + with: + distribution: 'zulu' + java-version: 17 + + - name: Gradle cache + uses: gradle/actions/setup-gradle@v3 + with: + cache-read-only: true + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + - name: Gradle check + run: ./gradlew check + + # TODO: add more tests or rely on check_release workflow? + + # Base64 decodes and pipes the GPG key content into the secret file + - name: Prepare environment + env: + GPG_KEY_CONTENTS: ${{ secrets.GPG_KEY_CONTENTS }} + SIGNING_SECRET_KEY_RING_FILE: ${{ secrets.SIGNING_SECRET_KEY_RING_FILE }} + run: | + git fetch --unshallow + sudo bash -c "echo '$GPG_KEY_CONTENTS' | base64 -d > '$SIGNING_SECRET_KEY_RING_FILE'" + + # Packages and publishes to Maven Central + - name: Publish to Maven Central + run: ./gradlew publishReleasePublicationToSonatypeRepository --max-workers 1 --stacktrace + env: + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} + OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} + SIGNING_SECRET_KEY_RING_FILE: ${{ secrets.SIGNING_SECRET_KEY_RING_FILE }} + SONATYPE_STAGING_PROFILE_ID: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }} + + # Get the version name from a script and save to environment variable. + - name: Set PROJECT_VERSION + run: | + echo "▸ Set run permission." + chmod +x scripts/version_name.sh + echo "▸ Getting version name" + PROJECT_VERSION=$(./scripts/version_name.sh) + echo "▸ Variable PROJECT_VERSION set to: ${PROJECT_VERSION}" + echo "▸ Adding PROJECT_VERSION variable with: $PROJECT_VERSION" + echo "PROJECT_VERSION=$PROJECT_VERSION" >> $GITHUB_ENV + echo "▸ DONE" + + # Create the Release TAG and notes. + - name: Create GitHub Release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + commitish: main + tag_name: ${{ env.PROJECT_VERSION }} + release_name: ${{ env.PROJECT_VERSION }} + body_path: ${{ github.workspace }}/RELEASE_NOTES.md + draft: false + prerelease: false From cdc5636ab67815d9fd04af2e53b7448dc73811f4 Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Tue, 22 Oct 2024 15:44:39 +0400 Subject: [PATCH 2/6] Allow the workflow to be run on chosen branch COAND-1013 --- .github/workflows/publish_release.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index 2eae1e7f7e..d741e10ee2 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -1,13 +1,11 @@ name: Publish Release -# Every time we merge to main branch we publish a release. +# Every time we trigger the workflow on a branch. on: - push: - branches: [ main ] workflow_dispatch: jobs: - + publish-release: runs-on: ubuntu-latest @@ -33,8 +31,6 @@ jobs: - name: Gradle check run: ./gradlew check - # TODO: add more tests or rely on check_release workflow? - # Base64 decodes and pipes the GPG key content into the secret file - name: Prepare environment env: From 4cfb630087cddbfcca4dccfacb15f07a67c67702 Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Tue, 22 Oct 2024 15:45:13 +0400 Subject: [PATCH 3/6] Make the Github release draft COAND-1013 --- .github/workflows/publish_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index d741e10ee2..f16f5f3118 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -73,5 +73,5 @@ jobs: tag_name: ${{ env.PROJECT_VERSION }} release_name: ${{ env.PROJECT_VERSION }} body_path: ${{ github.workspace }}/RELEASE_NOTES.md - draft: false + draft: true prerelease: false From d0810e78fd885caf2edab6496835e38a8075c264 Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Tue, 22 Oct 2024 15:45:37 +0400 Subject: [PATCH 4/6] Use new credentials when publishing to maven central COAND-1013 --- .github/workflows/publish_release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index f16f5f3118..2a35ecedc0 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -44,8 +44,8 @@ jobs: - name: Publish to Maven Central run: ./gradlew publishReleasePublicationToSonatypeRepository --max-workers 1 --stacktrace env: - OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} - OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + OSSRH_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }} + OSSRH_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }} SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }} SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} SIGNING_SECRET_KEY_RING_FILE: ${{ secrets.SIGNING_SECRET_KEY_RING_FILE }} From ccd95fe70d21c658e5464be4bbb8dc21b1e88087 Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Tue, 22 Oct 2024 15:46:02 +0400 Subject: [PATCH 5/6] Remove ref for checkout action to checkout to the selected branch COAND-1013 --- .github/workflows/publish_release.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index 2a35ecedc0..5881bb5e77 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -11,8 +11,6 @@ jobs: steps: - uses: actions/checkout@v4 - with: - ref: main - name: Set up JDK uses: actions/setup-java@v4 From 35e0439edf6bb3f4c9e282674380690a94d92160 Mon Sep 17 00:00:00 2001 From: Ararat Mnatsakanyan Date: Tue, 22 Oct 2024 15:46:48 +0400 Subject: [PATCH 6/6] Remove commitish for the tag to be created on the latest commit COAND-1013 --- .github/workflows/publish_release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index 5881bb5e77..132ed9aa9c 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -67,7 +67,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - commitish: main tag_name: ${{ env.PROJECT_VERSION }} release_name: ${{ env.PROJECT_VERSION }} body_path: ${{ github.workspace }}/RELEASE_NOTES.md