-
-
Notifications
You must be signed in to change notification settings - Fork 9
181 lines (155 loc) · 6.28 KB
/
release.yml
File metadata and controls
181 lines (155 loc) · 6.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
name: Release And Publish
on:
# Automatic trigger from build-main workflow
workflow_run:
workflows: [ "Build Main" ]
types: [ completed ]
branches: [ main ]
# Manual trigger for production releases
workflow_dispatch:
inputs:
releaseType:
description: 'Release type'
required: true
default: 'release'
type: choice
options: [ 'release', 'snapshot' ]
# Support existing tag-based releases
push:
tags:
- "v*"
permissions:
contents: write
packages: write
concurrency:
group: release-${{ github.ref }}
cancel-in-progress: false
jobs:
release:
runs-on: ubuntu-latest
timeout-minutes: 30
# Only run if build-main succeeded OR manual/tag trigger
if: |
(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') ||
(github.event_name == 'workflow_dispatch') ||
(github.event_name == 'push' && startsWith(github.ref, 'refs/tags/'))
env:
# GitHub Packages credentials required by buildSrc/Conventions.kt
GPR_USER: ${{ vars.GPR_USER }}
GPR_READ_TOKEN: ${{ secrets.GPR_READ_TOKEN }}
# Maven Central credentials for build system (mcUsername/mcPassword properties)
MC_USERNAME: ${{ secrets.MC_USERNAME }}
MC_PASSWORD: ${{ secrets.MC_PASSWORD }}
# JReleaser credentials
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
JRELEASER_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
# Required for axion-release to read git history
fetch-depth: 0
fetch-tags: true
- name: Determine Release Context
id: release-context
run: |
if [[ "${{ github.event_name }}" == "workflow_run" ]]; then
echo "📸 Automatic snapshot after successful build"
echo "release_type=snapshot" >> $GITHUB_OUTPUT
echo "trigger_source=automatic" >> $GITHUB_OUTPUT
elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo "👤 Manual release triggered"
echo "release_type=${{ github.event.inputs.releaseType }}" >> $GITHUB_OUTPUT
echo "trigger_source=manual" >> $GITHUB_OUTPUT
elif [[ "${{ github.event_name }}" == "push" ]]; then
echo "🏷️ Tag push triggered"
echo "release_type=release" >> $GITHUB_OUTPUT
echo "trigger_source=tag" >> $GITHUB_OUTPUT
fi
- name: Generate Version
id: version
shell: bash
run: |
set -euo pipefail
RELEASE_TYPE="${{ steps.release-context.outputs.release_type }}"
echo "Release type: $RELEASE_TYPE"
if [[ "$RELEASE_TYPE" == "snapshot" ]]; then
echo "🔄 Creating snapshot version"
RAW_VERSION="$(./gradlew -q currentVersion -Prelease.mode=snapshot)"
IS_SNAPSHOT=true
else
echo "🚀 Creating release version"
RAW_VERSION="$(./gradlew -q currentVersion -Prelease.mode=release)"
IS_SNAPSHOT=false
fi
# Extract the actual version if Gradle prints "Project version: X"
VERSION="$(echo "$RAW_VERSION" | sed -E 's/^[Pp]roject version:[[:space:]]*//')"
# Strip CR just in case
VERSION="${VERSION//$'\r'/}"
echo "Final version: $VERSION"
# Escape characters per GitHub docs
SAFE_VERSION="${VERSION//'%'/'%25'}"
SAFE_VERSION="${SAFE_VERSION//$'\n'/'%0A'}"
SAFE_VERSION="${SAFE_VERSION//$'\r'/'%0D'}"
{
echo "version=$SAFE_VERSION"
echo "is_snapshot=$IS_SNAPSHOT"
} >> "$GITHUB_OUTPUT"
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "17"
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v5
- name: Download built jars from Build Main
uses: actions/download-artifact@v5
with:
# We uploaded as: jars-${{ matrix.project_prefix }}-${{ github.sha }}
pattern: jars-*-${{ github.sha }}
merge-multiple: true
path: downloaded-jars/
- name: TESTS ARE STILL SKIPPED!!!
run: |
echo "WARNING: TESTS ARE STILL SKIPPED!!! remove -x allTests below"
# Build & stage all subprojects into root/build/staging-deploy
- name: Build & publish to local staging dir
run: |
./gradlew --no-daemon build -x allTests publishAllPublicationsToLocalStagingRepository -Prelease.mode=${{ steps.release-context.outputs.release_type }}
# sanity checks before the real release
- name: JReleaser dry run checks
run: |
if [[ "${{ steps.release-context.outputs.release_type }}" == "snapshot" ]]; then
echo "🧪 JReleaser dry run (snapshot, signing disabled)"
./gradlew --no-daemon jreleaserConfig jreleaserAssemble jreleaserChangelog \
-Prelease.mode=snapshot \
-Pjreleaser.signing.active=NEVER
else
echo "🧪 JReleaser dry run (release)"
./gradlew --no-daemon jreleaserConfig jreleaserAssemble jreleaserChangelog \
-Prelease.mode=release
fi
# Deploy to Maven Central (Publisher API) and create GitHub Release
- name: JReleaser Configuration
run: |
if [[ "${{ steps.version.outputs.is_snapshot }}" == "true" ]]; then
echo "📦 Publishing snapshot to Maven Central staging (signing disabled)"
./gradlew --no-daemon jreleaserDeploy \
-Prelease.mode=snapshot \
-Pjreleaser.signing.active=NEVER
else
echo "🎉 Full release to Maven Central and GitHub"
./gradlew --no-daemon jreleaserFullRelease -Prelease.mode=release
fi
# (Optional) Upload JReleaser output for debugging/audit
- name: Upload JReleaser output
if: always()
uses: actions/upload-artifact@v4
with:
name: jreleaser-output
path: |
build/jreleaser
out/jreleaser
if-no-files-found: ignore