Extract generic release workflow #11
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Workflow | ||
|
Check failure on line 1 in .github/workflows/release.yml
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| bump: | ||
| description: 'Version bump type (major, minor, patch)' | ||
| required: true | ||
| type: string | ||
| version-properties-file: | ||
| description: 'Path to properties file containing version' | ||
| required: false | ||
| type: string | ||
| default: 'gradle.properties' | ||
| snapshot: | ||
| description: 'Whether this is a snapshot release' | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| secrets: | ||
| github-token: | ||
| description: 'GitHub token with repo write permissions' | ||
| required: true | ||
| maven-central-username: | ||
| description: 'Maven Central username' | ||
| required: true | ||
| maven-central-password: | ||
| description: 'Maven Central password' | ||
| required: true | ||
| signing-key: | ||
| description: 'GPG signing key' | ||
| required: true | ||
| signing-key-id: | ||
| description: 'GPG signing key ID' | ||
| required: true | ||
| signing-key-password: | ||
| description: 'GPG signing key password' | ||
| required: true | ||
| jobs: | ||
| publish: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| token: ${{ secrets.github-token }} | ||
| ref: develop | ||
| fetch-depth: 0 | ||
| - name: Verify main is merged into develop | ||
| run: | | ||
| git fetch origin main | ||
| # Check if main is fully merged into develop (i.e., main is an ancestor of develop) | ||
| if ! git merge-base --is-ancestor origin/main HEAD; then | ||
| echo "❌ Error: main branch has commits not in develop!" | ||
| echo "" | ||
| echo "This usually means someone pushed directly into main or a previous release pushed" | ||
| echo "main but failed to push develop. You need to merge main into develop:" | ||
| echo "" | ||
| echo " git checkout develop" | ||
| echo " git merge origin/main" | ||
| echo " git push origin develop" | ||
| echo "" | ||
| echo "After fixing this, you can retry the release." | ||
| exit 1 | ||
| fi | ||
| echo "✅ main is fully merged into develop" | ||
| - name: Bump version | ||
| id: bump | ||
| uses: GetStream/stream-build-conventions-android/.github/actions/bump-version@${{ github.action_ref }} | ||
| with: | ||
| bump: ${{ inputs.bump }} | ||
| file: ${{ inputs.version-properties-file }} | ||
| - name: Commit version file | ||
| uses: EndBug/[email protected] | ||
| with: | ||
| add: ${{ inputs.version-properties-file }} | ||
| message: "AUTOMATION: Version Bump" | ||
| default_author: github_actions | ||
| push: false | ||
| - name: Push changes to ci-release branch | ||
| if: ${{ !inputs.snapshot }} | ||
| run: git push origin HEAD:ci-release --force-with-lease | ||
| - name: Setup Gradle | ||
| uses: GetStream/stream-build-conventions-android/.github/actions/setup-gradle@${{ github.action_ref }} | ||
| with: | ||
| cache-read-only: false | ||
| - name: Build and publish | ||
| run: ./gradlew publish --no-configuration-cache | ||
| env: | ||
| ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.maven-central-username }} | ||
| ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.maven-central-password }} | ||
| ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.signing-key }} | ||
| ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.signing-key-id }} | ||
| ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.signing-key-password }} | ||
| ORG_GRADLE_PROJECT_RELEASE_SIGNING_ENABLED: true | ||
| SNAPSHOT: ${{ inputs.snapshot }} | ||
| - name: Create Github Release | ||
| if: ${{ !inputs.snapshot }} | ||
| uses: ncipollo/[email protected] | ||
| with: | ||
| generateReleaseNotes: true | ||
| token: ${{ secrets.github-token }} | ||
| tag: v${{ steps.bump.outputs.new-version }} | ||
| commit: ci-release | ||
| makeLatest: true | ||
| sync_branches: | ||
| if: ${{ !inputs.snapshot }} | ||
| needs: publish | ||
| name: Sync main and develop with release | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check out code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| ref: main | ||
| fetch-depth: 0 | ||
| token: ${{ secrets.github-token }} | ||
| - name: Configure git | ||
| run: | | ||
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | ||
| git config user.name "github-actions[bot]" | ||
| - name: Sync main with ci-release | ||
| run: | | ||
| git fetch origin ci-release | ||
| git merge --ff-only origin/ci-release | ||
| - name: Sync develop with main | ||
| run: | | ||
| git fetch origin develop | ||
| git checkout develop | ||
| git merge --no-edit main | ||
| - name: Push both branches | ||
| run: | | ||
| git push origin main | ||
| git push origin develop | ||
