-
Notifications
You must be signed in to change notification settings - Fork 6
112 lines (99 loc) · 4.6 KB
/
continuous-delivery.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: Continuous Delivery
on:
push:
branches:
- master
paths-ignore:
- '**/README.md'
env:
# This will suppress any download for dependencies and plugins or upload messages which would clutter the console log.
# `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
# As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used
# when running from the command line.
# `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins.
MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"
jobs:
mainJob:
runs-on: ubuntu-22.04
timeout-minutes: 10
outputs:
releaseVersion: ${{ steps.semanticversion.outputs.new_version }}
steps:
- uses: actions/checkout@v4
- name: Bump version and create tag
id: semanticversion
uses: mathieudutour/[email protected]
with:
release_branches: master
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Verify and print new build number
run: |
if echo '${{ steps.semanticversion.outputs.new_tag }}' |grep -Eq '^v[0-9]+[.][0-9]+[.][0-9]+$'; then
echo Tag '${{ steps.semanticversion.outputs.new_tag }}', New version '${{ steps.semanticversion.outputs.new_version }}', Changelog '${{ steps.semanticversion.outputs.changelog }}'
else
echo 'unexpected tag format - aborting'
exit -1
fi
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: Set version
id: version
run: |
echo Releasing as ${{ steps.semanticversion.outputs.new_version }}
mvn $MAVEN_CLI_OPTS versions:set -DnewVersion=${{ steps.semanticversion.outputs.new_version }}
- name: Perform build
env:
REPOSITORY_URL: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_URL }}
REPOSITORY_USERID: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_USER }}
REPOSITORY_CREDENTIALS: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_PASSWORD }}
run: mvn $MAVEN_CLI_OPTS package --settings .github/settings.xml
- name: Deploy package
env:
GPG_EXECUTABLE: gpg
GPG_SECRET_KEYS: ${{ secrets.LEVIGO_GPG_KEYS }}
GPG_OWNERTRUST: ${{ secrets.LEVIGO_GPG_OWNERTRUST }}
GPG_PASSPHRASE: ${{ secrets.LEVIGO_GPG_PASSPHRASE }}
SONATYPE_USERNAME: ${{ secrets.LEVIGO_SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.LEVIGO_SONATYPE_PASSWORD }}
REPOSITORY_URL: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_URL }}
REPOSITORY_USERID: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_USER }}
REPOSITORY_CREDENTIALS: ${{ secrets.LEVIGO_OSS_MAVEN_REPO_PASSWORD }}
run: |
echo "$GPG_SECRET_KEYS" | base64 --decode | $GPG_EXECUTABLE --import --no-tty --batch --yes
echo "$GPG_OWNERTRUST" | base64 --decode | $GPG_EXECUTABLE --import-ownertrust --no-tty --batch --yes
mvn $MAVEN_CLI_OPTS deploy --settings .github/settings.xml -Dmaven.test.skip.exec=true -U -Prelease
- name: create release and upload release asset
uses: ncipollo/[email protected]
with:
tag: ${{ steps.semanticversion.outputs.new_tag }}
name: Release ${{ steps.semanticversion.outputs.new_tag }}
# the step above will NOT trigger a second workflow.
- name: dispatch release event
run: |
curl \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
https://api.github.com/repos/${{ github.repository }}/dispatches \
-d '{"event_type":"release_created","client_payload":{"version":"${{ steps.semanticversion.outputs.new_version }}"}}'
## Notify developers
notifyMattermost:
if: failure()
needs: mainJob
uses: levigo/reusable-workflows/.github/workflows/notify-mattermost.yml@latest
secrets: inherit
with:
mattermostChannel: ci_jwt
text: Failed to release new version `${{ needs.main_build.outputs.releaseVersion }}` of *${{ github.repository }}*
continueOnErrorGlobal: true
updateReadme:
needs: mainJob
uses: levigo/reusable-workflows-pub/.github/workflows/update-readme-md.yml@v1
secrets: inherit
with:
releaseVersion: ${{ needs.mainJob.outputs.releaseVersion }}