build(deps): bump org.sonarqube from 5.0.0.4638 to 5.1.0.4882 #441
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish | |
on: | |
push: | |
branches: [main] | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
publishImageToGhcr: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Get new version | |
id: getVersion | |
run: | | |
set -euo pipefail | |
version="$(./gradlew properties -q | grep -w "version:" | awk '{print $2}')" | |
echo ::set-output name=releaseVersion::"${version}" | |
if [[ $version == *SNAPSHOT ]]; then | |
echo ::set-output name=dockerTag::"{{branch}}" | |
else | |
echo ::set-output name=dockerTag::"${version}" | |
fi | |
echo "New release version: ${version}" | |
- name: Log in to the Container registry | |
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GH_PACKAGES_TOKEN }} | |
- name: Extract metadata (tags, labels) | |
env: | |
LATEST_TAG: ${{ startsWith(github.event.head_commit.message, 'release:') && (endsWith(needs.publishToMavenCentral.outputs.releaseVersion, '-SNAPSHOT') == false) }} | |
id: meta | |
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=raw,value=${{ steps.getVersion.outputs.dockerTag }} | |
flavor: | | |
latest=${{ env.LATEST_TAG }} | |
- name: Build and push Docker image | |
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc | |
with: | |
context: . | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: linux/amd64 | |
build-args: | | |
BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} | |
VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} | |
REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} | |
publishToMavenCentral: | |
runs-on: ubuntu-latest | |
outputs: | |
releaseVersion: ${{ steps.getVersion.outputs.releaseVersion }} | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v2 | |
with: | |
distribution: 'temurin' | |
java-version: '17.0' | |
cache: 'gradle' | |
- name: Get new version | |
id: getVersion | |
run: | | |
set -euo pipefail | |
version="$(./gradlew properties -q | grep -w "version:" | awk '{print $2}')" | |
echo ::set-output name=releaseVersion::"${version}" | |
echo "New release version: ${version}" | |
- name: Publish to maven central | |
env: | |
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SIGNING_PASSWORD }} | |
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SIGNING_KEY_ARMOR }} | |
ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USER }} | |
ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
run: | | |
./gradlew clean publishAllPublicationsToMavenCentralRepository | |
publishRelease: | |
runs-on: ubuntu-latest | |
needs: [publishImageToGhcr, publishToMavenCentral] | |
if: startsWith(github.event.head_commit.message, 'release:') && (endsWith(needs.publishToMavenCentral.outputs.releaseVersion, '-SNAPSHOT') == false) | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v2 | |
with: | |
distribution: 'temurin' | |
java-version: '17.0' | |
cache: 'gradle' | |
- name: Tag release commit | |
run: | | |
git tag "${{ needs.publishToMavenCentral.outputs.releaseVersion }}" | |
- name: Set snapshot version | |
id: snapshot | |
run: | | |
tagVersion="${{ needs.publishToMavenCentral.outputs.releaseVersion }}" | |
rv="${tagVersion%-*}" | |
snapshotVersion="${rv:0:-1}$(bc <<< "${rv: -1}+1")-SNAPSHOT" | |
echo ::set-output name=snapshotVersion::"${snapshotVersion}" | |
./gradlew setNewVersion -P newVersion=${snapshotVersion} | |
if git diff --no-ext-diff --quiet --exit-code; then | |
>&2 echo "No diff detected in git." ; exit 1 | |
fi | |
git config --local user.email "github-actions[bot]@users.noreply.github.com" | |
git config --local user.name "github-actions[bot]" | |
git add -A build.gradle | |
git commit -m "release(snapshot): ${snapshotVersion}" | |
- name: Install chevron | |
run: | | |
pip install chevron | |
- name: Get changelog | |
shell: python | |
run: | | |
import os | |
import json | |
import chevron | |
file = "CHANGELOG.json" | |
if not os.path.isfile(file): | |
raise "file {} not found".format(file) | |
with open(file, "r") as stream: | |
changelog_json = json.load(stream) | |
version = "${{ needs.publishToMavenCentral.outputs.releaseVersion }}" | |
target_version = version.split("-")[0].split(".") | |
current_tag = None | |
for tag in changelog_json["tags"]: | |
if ( | |
tag["version"]["major"] == int(target_version[0]) | |
and tag["version"]["minor"] == int(target_version[1]) | |
and tag["version"]["patch"] == int(target_version[2]) | |
): | |
current_tag = tag | |
break | |
tmpl = """ | |
## Changelog | |
{{#sections}} | |
### {{title}} | |
{{#commits}} | |
- {{#commitScope}}**{{commitPackage}}{{commitScope}}**: {{/commitScope}}{{& commitSubject}}{{#subjectIssues}} ([#{{id}}]({{url}})){{/subjectIssues}} ([{{hash8}}]({{commitUrl}})){{#hasCloseIssues}}, closes{{#closeIssues}} [#{{id}}]({{url}}){{/closeIssues}}{{/hasCloseIssues}} | |
{{/commits}} | |
{{/sections}} | |
""" | |
args = { | |
"template": tmpl, | |
"data": current_tag, | |
} | |
rendered=chevron.render(**args) | |
print(rendered) | |
with open('release_changelog.md', 'w') as f: | |
f.write(rendered) | |
- name: Set Changelog | |
id: setChangelog | |
run: | | |
releaseVersion="${{ needs.publishToMavenCentral.outputs.releaseVersion }}" | |
cat <<EOF > body.md | |
## Artifacts | |
Maven Central: [neonbee-core-${releaseVersion}](https://mvnrepository.com/artifact/io.neonbee/neonbee-core/${releaseVersion}) | |
### Maven | |
\`\`\`xml | |
<!-- https://mvnrepository.com/artifact/io.neonbee/neonbee-core --> | |
<dependency> | |
<groupId>io.neonbee</groupId> | |
<artifactId>neonbee-core</artifactId> | |
<version>${releaseVersion}</version> | |
</dependency> | |
\`\`\` | |
### Gradle | |
\`\`\`groovy | |
// https://mvnrepository.com/artifact/io.neonbee/neonbee-core | |
implementation group: 'io.neonbee', name: 'neonbee-core', version: '${releaseVersion}' | |
\`\`\` | |
EOF | |
echo "" >> body.md | |
cat release_changelog.md >> body.md | |
echo ::set-output name=releaseBody::"$( jq -rRs 'gsub("\r";"%0D")|gsub("\n";"%0A")' < ./body.md )" | |
- name: Push changes | |
uses: ad-m/github-push-action@master | |
with: | |
github_token: ${{ secrets.GH_PUSH_TOKEN }} | |
branch: ${{ github.ref }} | |
tags: true | |
- name: Publish snapshot to maven central | |
env: | |
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SIGNING_PASSWORD }} | |
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SIGNING_KEY_ARMOR }} | |
ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USER }} | |
ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
run: | | |
./gradlew clean publishAllPublicationsToMavenCentralRepository | |
- name: Create GitHub Release | |
id: create_release | |
uses: actions/create-release@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: ${{ needs.publishToMavenCentral.outputs.releaseVersion }} | |
release_name: Release ${{ needs.publishToMavenCentral.outputs.releaseVersion }} | |
body: ${{ steps.setChangelog.outputs.releaseBody }} | |
draft: true | |
prerelease: false |