-
Notifications
You must be signed in to change notification settings - Fork 0
149 lines (146 loc) · 6 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Create Release
on:
workflow_dispatch:
inputs:
version:
description: 'Version to release'
type: string
required: true
hotfix:
description: 'Is this a hotfix release?'
type: boolean
required: true
default: false
sonatypeUsername:
description: 'Sonatype username'
type: string
required: true
sonatypePassword:
description: 'Sonatype password'
type: string
required: true
jobs:
release:
name: Release to Sonatype
runs-on: ubuntu-latest
steps:
- name: Use faketty to allow for GPG signing
uses: Yuri6037/Action-FakeTTY@v1.1
- name: Hide sensitive inputs
uses: levibostian/action-hide-sensitive-inputs@v1
with:
exclude_inputs: version
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ inputs.version }}
fetch-depth: 0
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-version: '21'
cache: 'gradle'
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Update version
run: |
echo "Updating version in build.gradle to ${{ inputs.version }}"
sed -i 's/version = "\(.*\)"/version = "${{ inputs.version }}"/' build.gradle
- name: Build Gradle
run: |
chmod +x gradlew
./gradlew clean jar
- name: Configure GPG Key
run: |
echo -n "${{ secrets.PLATFORM_ROBOT_GPG_PRIVATE_KEY }}" | base64 --decode | gpg --import --pinentry-mode loopback --passphrase ${{ secrets.PLATFORM_ROBOT_GPG_PASSPHRASE }}
env:
GPG_TTY: $(tty)
- name: Configure gradle properties for key id
run: |
echo "signing.gnupg.homeDir=/home/runner/.gnupg" >> ~/.gradle/gradle.properties
echo "signing.gnupg.keyName=${{ secrets.PLATFORM_ROBOT_GPG_ID }}" >> ~/.gradle/gradle.properties
echo "signing.gnupg.passphrase=${{ secrets.PLATFORM_ROBOT_GPG_PASSPHRASE }}" >> ~/.gradle/gradle.properties
echo "no-tty" >> ~/.gnupg/gpg.conf >> ~/.gradle/gradle.properties
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- name: Publish package to Sonatype
run: |
./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository
env:
SONATYPE_USERNAME: ${{ inputs.sonatypeUsername }}
SONATYPE_PASSWORD: ${{ inputs.sonatypePassword }}
GPG_SIGNING_KEY: ${{ secrets.PLATFORM_ROBOT_GPG_PRIVATE_KEY }}
GPG_SIGNING_PASSPHRASE: ${{ secrets.PLATFORM_ROBOT_GPG_PASSPHRASE }}
- name: Confirm version ${{ inputs.version }} published to Sonatype
timeout-minutes: 120
run: |
until curl -s -f -o /dev/null "https://central.sonatype.com/artifact/org.codeforamerica.platform/form-flow/${{inputs.version}}"
do
echo "Waiting for version ${{ inputs.version }} to be published to Sonatype..."
sleep 30
done
- name: "Announce failure to release of ${{inputs.version}} to #platform-help"
uses: ravsamhq/notify-slack-action@v2
if: failure()
with:
status: ${{ job.status }}
notification_title: "form-flow version ${{inputs.version}} release failed!"
footer: "Github: <{repo_url}|{repo}> | <{workflow_url}|Workflow> | <{repo_url}/releases/tag/${{inputs.version}}|Release Notes> "
mention_groups: "S03PFJ5DFLZ,S04PD39SC64"
token: ${{ secrets.GITHUB_TOKEN }}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
post_release_success:
name: Clean up after release
needs: release
runs-on: ubuntu-latest
if: ${{ inputs.hotfix == false }}
steps:
- uses: actions/checkout@v4
with:
ref: main
fetch-depth: 0
token: ${{ secrets.PLATFORM_ROBOT_PAT }}
- name: Create new snapshot version string
run: echo NEW_SNAPSHOT_VERSION=$(echo ${{ inputs.version }} | awk -F. 'BEGIN{OFS="."} {$NF = $NF +1"-SNAPSHOT"}1') >> "$GITHUB_ENV"
- name: Update snapshot version
run: sed -i 's/version = "\(.*\)"/version = "${{ env.NEW_SNAPSHOT_VERSION }}"/' build.gradle
- name: Push snapshot update changes
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_user_name: cfa-platforms-robot
commit_message: "Bump version to ${{env.NEW_SNAPSHOT_VERSION}}"
commit_user_email: platforms-robot@codeforamerica.org
commit_author: CfA Platforms Robot <platforms-robot@codeforamerica.org>
push_options: --force
- name: Trigger starter-app snapshot upgrade on newly published version
uses: peter-evans/repository-dispatch@v3.0.0
with:
repository: codeforamerica/form-flow-starter-app
event-type: form-flow-snapshot-version-bumped
client-payload: '{"version": "${{env.NEW_SNAPSHOT_VERSION}}"}'
token: ${{ secrets.STARTER_APP_GITHUB_PAT }}
release_announcement:
name: Announce release
if: ${{ always() }}
needs: post_release_success
runs-on: ubuntu-latest
steps:
- name: "Announce successful release of ${{inputs.version}} to #platform-help"
uses: ravsamhq/notify-slack-action@v2
with:
status: ${{ job.status }}
notification_title: "form-flow version ${{inputs.version}} released! :tada::platypus_roll::tada:"
footer: "Github: <{repo_url}|{repo}> | <{workflow_url}|Workflow> | <{repo_url}/releases/tag/${{inputs.version}}|Release Notes> "
mention_groups: "S03PFJ5DFLZ,S04PD39SC64"
token: ${{ secrets.GITHUB_TOKEN }}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}