build: Update github workflows

Cleanup and update after the move to GPC.
gpc · Oct 17, 2024 · 62c0dc6 · 62c0dc6
1 parent c0a82ec
commit 62c0dc6
Show file tree

Hide file tree

Showing 4 changed files with 74 additions and 116 deletions.
diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -1,79 +1,70 @@
-name: Java CI
+name: "Java CI"
 on:
   push:
     branches:
       - '[4-9]+.[0-9]+.x'
   pull_request:
     branches:
       - '[4-9]+.[0-9]+.x'
-env:
-  GIT_USER_NAME: grails-build
-  GIT_USER_EMAIL: [email protected]
-
 jobs:
-
   test_project:
-    name: Test Project
+    name: "Test Project"
     if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     strategy:
       fail-fast: true
       matrix:
-        java: [17]
-
+        java: [17, 21]
     steps:
-      - uses: actions/checkout@v4
-      - uses: gradle/wrapper-validation-action@v2
-      - uses: actions/setup-java@v4
+      - name: "📥 Checkout repository"
+        uses: actions/checkout@v4
+      - name: "☕️ Setup JDK"
+        uses: actions/setup-java@v4
         with:
-          distribution: temurin
+          distribution: liberica
           java-version: ${{ matrix.java }}
-      - uses: gradle/actions/setup-gradle@v3
-      - name: Run tests
-        env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+      - name: "🐘 Setup Gradle"
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+      - name: "🏃 Run tests"
         run: ./gradlew check
-
   publish_snapshot:
-    name: Build Project and Publish Snapshot release
+    name: "Build Project and Publish Snapshot release"
     runs-on: ubuntu-latest
     if: github.event_name == 'push'
-
     steps:
-      - uses: actions/checkout@v4
-      - uses: gradle/wrapper-validation-action@v2
-      - uses: actions/setup-java@v4
-        with: { java-version: 17, distribution: temurin }
-      - uses: gradle/actions/setup-gradle@v3
-
-      - name: Build Project
-        env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCEESS_KEY }}
+      - name: "📥 Checkout repository"
+        uses: actions/checkout@v4
+      - name: "☕️ Setup JDK"
+        with: {
+          java-version: 17,
+          distribution: liberica
+        }
+      - name: "🐘 Setup Gradle"
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+      - name: "🔨 Build Project"
         run: ./gradlew build
-
-      - name: Publish Snapshot version to Artifactory (repo.grails.org)
+      - name: "📤 Publish Snapshot version to Artifactory (repo.grails.org)"
         if: success()
         env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
           ORG_GRADLE_PROJECT_artifactoryPublishUsername: ${{ secrets.ARTIFACTORY_USERNAME }}
           ORG_GRADLE_PROJECT_artifactoryPublishPassword: ${{ secrets.ARTIFACTORY_PASSWORD }}
         run: >
           ./gradlew
           -Dorg.gradle.internal.publish.checksums.insecure=true
           publish
-
-      - name: Generate Snapshot Documentation
+      - name: "📖 Generate Snapshot Documentation"
         if: success()
-        env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
         run: ./gradlew docs
-
-      - name: Publish Snapshot Documentation to Github Pages
+      - name: "📤 Publish Snapshot Documentation to Github Pages"
         if: success()
         uses: micronaut-projects/github-pages-deploy-action@grails
         env:
           BRANCH: gh-pages
-          COMMIT_EMAIL: ${{ env.GIT_USER_EMAIL }}
-          COMMIT_NAME: ${{ env.GIT_USER_NAME }}
+          COMMIT_EMAIL: ${{ vars.GIT_USER_EMAIL }}
+          COMMIT_NAME: ${{ vars.GIT_USER_NAME }}
           FOLDER: build/docs/manual
           GH_TOKEN: ${{ secrets.GH_TOKEN }}
diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml
@@ -1,51 +1,22 @@
-name: Changelog
+name: "Release Drafter"
 on:
   issues:
     types: [closed,reopened]
   push:
     branches:
       - '[4-9]+.[0-9]+.x'
   pull_request:
-    types: [opened, reopened, synchronize, labeled]
+    types: [opened, reopened, synchronize]
   pull_request_target:
-    types: [opened, reopened, synchronize, labeled]       
+    types: [opened, reopened, synchronize]
   workflow_dispatch:
 jobs:
-  release_notes:
+  update_release_draft:
+    permissions:
+      contents: read # limit to read access
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Check if it has release drafter config file
-        id: check_release_drafter
-        run: |
-          has_release_drafter=$([ -f .github/release-drafter.yml ] && echo "true" || echo "false")
-          echo "has_release_drafter=${has_release_drafter}" >> $GITHUB_OUTPUT
-      - name: Extract branch name
-        id: extract_branch
-        run: echo "value=${GITHUB_REF:11}" >> $GITHUB_OUTPUT
-      # If it has release drafter:
-      - uses: release-drafter/release-drafter@v5
-        if: steps.check_release_drafter.outputs.has_release_drafter == 'true'
+      - name: "📝 Update Release Draft"
+        uses: release-drafter/release-drafter@v6
         env:
-          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
-        with:
-          commitish: ${{ steps.extract_branch.outputs.value }}
-      # Otherwise:
-      - name: Export Gradle Properties
-        if: steps.check_release_drafter.outputs.has_release_drafter == 'false'
-        uses: micronaut-projects/github-actions/export-gradle-properties@master
-      - uses: micronaut-projects/github-actions/release-notes@master
-        if: steps.check_release_drafter.outputs.has_release_drafter == 'false'
-        id: release_notes
-        with:
-          token: ${{ secrets.GH_TOKEN }}
-      - uses: ncipollo/release-action@v1
-        if: steps.check_release_drafter.outputs.has_release_drafter == 'false' && steps.release_notes.outputs.generated_changelog == 'true'
-        with:
-          allowUpdates: true
-          commit: ${{ steps.release_notes.outputs.current_branch }}
-          draft: true
-          name: "${{ env.title }} ${{ steps.release_notes.outputs.next_version }}"
-          tag: v${{ steps.release_notes.outputs.next_version }}
-          bodyFile: CHANGELOG.md
-          token: ${{ secrets.GH_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,66 +1,60 @@
-name: Release
+name: "Release"
 on:
   release:
     types: [published]
-env:
-  GIT_USER_NAME: puneetbehl
-  GIT_USER_EMAIL: [email protected]
-
 jobs:
   release:
     runs-on: ubuntu-latest
-
     steps:
-      - uses: actions/checkout@v4
-      - uses: gradle/wrapper-validation-action@v2
-      - uses: actions/setup-java@v4
-        with: { java-version: 11, distribution: temurin }
-      - uses: gradle/actions/setup-gradle@v3
-
-      - name: Get the current release version
+      - name: "📥 Checkout repository"
+        uses: actions/checkout@v4
+      - name: "☕️ Setup JDK"
+        uses: actions/setup-java@v4
+        with:
+          distribution: liberica
+          java-version: 17
+      - name: "🐘 Setup Gradle"
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
+      - name: "📝 Store the current release version"
         id: release_version
         run: echo "release_version=${GITHUB_REF:11}" >> $GITHUB_OUTPUT
-
-      - name: Run pre-release
+      - name: "⚙ Run pre-release"
         uses: micronaut-projects/github-actions/pre-release@master
-
-      - name: Generate secring file
+      - name: "🔐 Generate key file for artifact signing"
         env:
           SECRING_FILE: ${{ secrets.SECRING_FILE }}
         run: echo $SECRING_FILE | base64 -d > ${{ github.workspace }}/secring.gpg
 
-      - name: Publish artifacts to Sonatype
+      - name: "📤 Publish artifacts to Sonatype"
         id: publish_to_sonatype
         env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
           ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
           ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
           ORG_GRADLE_PROJECT_sonatypeStagingProfileId: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }}
-          SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
+          SIGNING_KEY: ${{ secrets.SIGNING_KEY_ID }}
           SIGNING_PASSPHRASE: ${{ secrets.SIGNING_PASSPHRASE }}
         run: >
           ./gradlew
           -Psigning.secretKeyRingFile=${{ github.workspace }}/secring.gpg
           publishToSonatype
           closeAndReleaseSonatypeStagingRepository
-
-      - name: Generate Documentation
+      - name: "📖 Generate Documentation"
         if: success()
-        env:
-          DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
         run: ./gradlew docs
-
-      - name: Publish Documentation to Github Pages
+      - name: "📤 Publish Documentation to Github Pages"
         if: success()
         uses: micronaut-projects/github-pages-deploy-action@grails
         env:
           BRANCH: gh-pages
-          COMMIT_EMAIL: ${{ env.GIT_USER_EMAIL }}
-          COMMIT_NAME: ${{ env.GIT_USER_NAME }}
+          COMMIT_EMAIL: ${{ vars.GIT_USER_EMAIL }}
+          COMMIT_NAME: ${{ vars.GIT_USER_NAME }}
           FOLDER: build/docs/manual
           GH_TOKEN: ${{ secrets.GH_TOKEN }}
           VERSION: ${{ steps.release_version.outputs.release_version }}
-
-      - name: Run post-release
+      - name: "⚙️ Run post-release"
         if: steps.publish_to_sonatype.outcome == 'success'
-        uses: micronaut-projects/github-actions/post-release@master
+        uses: micronaut-projects/github-actions/post-release@master
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/settings.gradle b/settings.gradle
@@ -1,23 +1,25 @@
 plugins {
-    id 'com.gradle.develocity' version '3.17.1'
-    id 'com.gradle.common-custom-user-data-gradle-plugin' version '2.0'
+    id 'com.gradle.develocity' version '3.18.1'
+    id 'com.gradle.common-custom-user-data-gradle-plugin' version '2.0.2'
 }
 
-def isCI = System.getenv('CI') == 'true'
+def isCI = System.getenv('CI') != null
+def isLocal = !isCI
+def isAuthenticated = System.getenv('DEVELOCITY_ACCESS_KEY') != null
 
 develocity {
     server = 'https://ge.grails.org'
     buildScan {
-        publishing.onlyIf { isCI }
-        uploadInBackground = !isCI
+        publishing.onlyIf { isAuthenticated }
+        uploadInBackground = isLocal
     }
 }
 
 buildCache {
-    local { enabled = !isCI }
+    local { enabled = isLocal }
     remote(develocity.buildCache) {
+        push = isCI && isAuthenticated
         enabled = true
-        push = isCI && System.getenv('DEVELOCITY_ACCESS_KEY')
     }
 }