generated from SAP/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 4
130 lines (114 loc) · 5 KB
/
perform-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: "Perform Release"
on:
workflow_dispatch:
inputs:
release_pr_number:
description: "The PR number of the release PR"
required: true
skip-pr-merge:
description: "Whether to skip merging the PRs"
required: false
default: false
type: boolean
env:
MVN_CLI_ARGS: --batch-mode --no-transfer-progress --fail-at-end --show-version -DskipTests
JAVA_VERSION: 17
jobs:
prerequisites:
name: "Prerequisites"
outputs:
release-version: ${{ steps.determine-branch-names.outputs.RELEASE_VERSION }}
release-tag: ${{ steps.determine-branch-names.outputs.RELEASE_TAG }}
code-branch: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }}
release-commit: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }}
permissions:
pull-requests: read
contents: read
runs-on: ubuntu-latest
steps:
- name: "Determine Branch Names"
id: determine-branch-names
run: |
if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
echo "[DEBUG] Taking branch name from pull request event"
BRANCH_NAME=${{ github.event.pull_request.head.ref }}
elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo "[DEBUG] Taking branch name from workflow dispatch event"
BRANCH_NAME=$(gh pr view ${{ github.event.inputs.release_pr_number }} --repo "${{ github.repository }}" --json headRefName | jq -r '.headRefName')
else
echo "Cannot determine branch name from event '${{ github.event_name }}'"
exit 1
fi
RELEASE_VERSION=$(echo "$BRANCH_NAME" | cut -d '-' -f2)
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT
echo "RELEASE_TAG=rel/$RELEASE_VERSION" >> $GITHUB_OUTPUT
echo "CODE_BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_OUTPUT
echo "RELEASE_COMMIT=$(gh release view "$RELEASE_TAG" --repo "${{ github.repository }}" --json targetCommitish | jq -r '.targetCommitish')" >> $GITHUB_OUTPUT
echo "[DEBUG] Current GITHUB_OUTPUT: '$(cat $GITHUB_OUTPUT)'"
env:
GH_TOKEN: ${{ github.token }}
- name: "Checkout Repository"
uses: actions/checkout@v4
- name: "Check Whether Code PR Can Be Merged"
if: ${{ inputs.skip-pr-merge != 'true' }}
uses: ./.github/actions/pr-is-mergeable
with:
pr-ref: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }}
excluded-check-runs: |
{
\"Continuous Integration\": [\"Run BlackDuck Scan\", \"Run Security Rating\"],
\"dependabot merger\": []
}
- name: "Check Code Release Commit Continuous Integration"
if: ${{ inputs.skip-pr-merge != 'true' }}
uses: ./.github/actions/workflow-succeeded
with:
workflow: "Continuous Integration"
sha: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }}
release:
name: "Release"
needs: [ prerequisites ]
runs-on: ubuntu-latest
permissions:
contents: write # needed to modify the release draft
pull-requests: write # needed to merge the release PR
steps:
- name: "Setup java"
uses: actions/setup-java@v4
with:
distribution: "sapmachine"
java-version: ${{ env.JAVA_VERSION }}
server-id: ossrh
server-username: MAVEN_CENTRAL_USER # env variable for username in deploy
server-password: MAVEN_CENTRAL_PASSWORD # env variable for token in deploy
- name: "Download Release Asset"
id: download-asset
run: |
gh release download ${{ needs.prerequisites.outputs.release-tag }} --dir ./ --repo "${{ github.repository }}"
# x=extract v=verbose z=decompress f=file C=destination directory
tar -xvzf release-artifacts.tar.gz -C .
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: "Import GPG Key"
run: |
echo "${{ secrets.PGP_PRIVATE_KEY }}" | gpg --batch --passphrase "$PASSPHRASE" --import
env:
PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
- name: "Create settings.xml"
run: |
echo '${{ secrets.CENTRAL_SONATYPE_SETTINGS_XML }}' > settings.xml
- name: "Deploy"
run: |
MVN_ARGS="${{ env.MVN_CLI_ARGS }} deploy -Drelease -s settings.xml"
mvn $MVN_ARGS
env:
MAVEN_GPG_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
- name: "Merge Code PR"
if: ${{ inputs.skip-pr-merge != 'true' }}
run: gh pr merge --squash "${{ needs.prerequisites.outputs.code-branch }}" --delete-branch --repo "${{ github.repository }}"
env:
GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}
- name: "Publish the Draft Release"
run: gh release edit ${{ needs.prerequisites.outputs.release-tag }} --draft=false --repo "${{ github.repository }}"
env:
GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}