BFD-2818: maven release plugin #27
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: 'CI - Release' | |
| on: | |
| pull_request: #FIXME: remove anything but workflow_dispatch | |
| workflow_dispatch: | |
| inputs: | |
| releaseBranch: | |
| description: 'The branch on which a release is based.' | |
| required: false | |
| default: master | |
| releaseVersion: | |
| description: 'Version to be used as tag and release' | |
| required: true | |
| default: X.Y.Z | |
| developmentVersion: | |
| description: 'Post-release Development version' | |
| required: true | |
| default: X.Y.Z-SNAPSHOT | |
| permissions: | |
| id-token: write # This is required for requesting the AWS IAM OIDC JWT | |
| contents: read # This is required for actions/checkout | |
| env: | |
| # AWS Code Artifact Repository | |
| CA_REPOSITORY: bfd-release-hackathon #FIXME | |
| CA_DOMAIN: bfd-mgmt | |
| BRANCH_REF: ${{ format('refs/heads/{0}', github.event.pull_request.head.ref) }} | |
| jobs: | |
| mvn-release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ secrets.GHA_AWS_IAM_ROLE_ARN }} | |
| role-session-name: ci-release | |
| aws-region: us-east-1 | |
| - name: Login to ECR | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| with: | |
| mask-password: 'true' | |
| - name: Dispatched Checkout | |
| if: github.event_name == 'workflow_dispatch' | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ inputs.releaseBranch }} | |
| - name: Pull Checkout | |
| if: github.event_name == 'pull_request' | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ env.BRANCH_REF}} | |
| - name: Setup JDK | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: corretto | |
| - name: Configure the git user | |
| run: | | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "GitHub Actions" | |
| - name: Generate maven toolchain config | |
| run: | | |
| cat << EOF > ~/.m2/toolchains.xml | |
| <toolchains> | |
| <toolchain> | |
| <type>jdk</type> | |
| <provides> | |
| <version>17</version> | |
| <vendor>OpenJDK</vendor> | |
| </provides> | |
| <configuration> | |
| <jdkHome>$JAVA_HOME</jdkHome> | |
| </configuration> | |
| </toolchain> | |
| </toolchains> | |
| EOF | |
| - name: Set Authorization Token | |
| #FIXME: Use non-hackathon domain/repository | |
| run: >- | |
| echo CODEARTIFACT_AUTH_TOKEN="$(aws codeartifact get-authorization-token | |
| --domain "$CA_DOMAIN" --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} | |
| --query authorizationToken | |
| --output text | |
| --region us-east-1)" >> $GITHUB_ENV | |
| - name: Get Repository Endpoint | |
| run: >- | |
| echo CA_REPOSITORY_ENDPOINT="$(aws codeartifact get-repository-endpoint | |
| --domain "$CA_DOMAIN" --repository "$CA_REPOSITORY" --format maven | |
| --query repositoryEndpoint --output text)" >> $GITHUB_ENV | |
| - name: Configure additional maven settings.xml | |
| run: |- | |
| cat <<"EOF" > ~/.m2/settings.xml | |
| <settings xmlns="http://maven.apache.org/settings/1.0.0" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" | |
| xsi:schemalocation="http://maven.apache.org/settings/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <username>aws</username> | |
| <password>${env.CODEARTIFACT_AUTH_TOKEN}</password> | |
| <id>${env.CA_DOMAIN}-${env.CA_REPOSITORY}</id> | |
| </server> | |
| <server> | |
| <id>github</id> | |
| <username>${env.GITHUB_ACTOR}</username> | |
| <password>${env.GITHUB_TOKEN}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| - name: Diagnostics | |
| run: cat ~/.m2/settings.xml | |
| #FIXME: Remove this PULL_REQUEST release | |
| - name: 'Prepare and Perform PULL_REQUEST Release' | |
| if: github.event_name == 'pull_request' | |
| run: |- | |
| mvn --batch-mode --activate-profiles test-release release:prepare release:perform | |
| working-directory: ./apps | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 'Prepare and Perform DISPATCHED Release' | |
| if: github.event_name == 'workflow_dispatch' | |
| run: |- | |
| mvn --batch-mode --activate-profiles test-release \ | |
| -Dtag="$BFD_RELEASE" \ | |
| -DreleaseVersion="$BFD_RELEASE" \ | |
| -DdevelopmentVersion="$BFD_DEV_VERSION" \ | |
| release:prepare release:perform | |
| working-directory: ./apps | |
| env: | |
| BFD_RELEASE: ${{ inputs.releaseVersion }} | |
| BFD_DEV_VERSION: ${{ inputs.developmentVersion }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 'Perform Exceptional Rollback' | |
| if: failure() | |
| run: mvn release:rollback | |
| working-directory: ./apps |