Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add automatic release and provenance generation #373

Closed
wants to merge 3 commits into from
Closed

ci: add automatic release and provenance generation #373

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
55491e5
ci: add automatic release and provenance generation
behnazh-w Jun 19, 2024
e440102
ci: use Oracle JDK as the distribution in actions/setup-java
behnazh-w Jun 20, 2024
0d20fcb
build: use Oracle Java SE for compiling the artifact
behnazh-w Jun 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions .github/workflows/release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Release
on:
workflow_dispatch:
release:
types: [published]

permissions:
contents: read

jobs:
release:
permissions:
id-token: write
contents: read
attestations: write
runs-on: ubuntu-latest
strategy:
fail-fast: false

steps:

- name: Check out repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0

- name: Set up Apache Maven Central
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with: # Running setup-java again overwrites the settings.xml
distribution: temurin
java-version: '17'
server-id: maven-central # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_USERNAME # env variable for username in deploy
server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase

- name: Publish to Apache Maven Central
run: mvn javadoc:jar source:jar deploy
env:
MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}

# Build provenance
- name: Attest Build Provenance
uses: actions/attest-build-provenance@bdd51370e0416ac948727f861e03c2f05d32d78e # v1.3.2
with:
subject-path: ./*/target/*.jar
8 changes: 8 additions & 0 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,14 @@
<artifactId>tribuo</artifactId>
<version>5.0.0-SNAPSHOT</version>
<packaging>pom</packaging>

<distributionManagement>
<repository>
<id>maven-central</id>
<url>https://s01.oss.sonatype.org/content/repositories/releases/</url>
</repository>
</distributionManagement>

<modules>
<module>Core</module>
<module>Data</module>
Expand Down