Perform Release #105
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Perform Release" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| release_pr_number: | |
| description: "The PR number of the release PR" | |
| required: true | |
| skip-pr-merge: | |
| description: "Whether to skip merging the PRs" | |
| required: false | |
| default: false | |
| type: boolean | |
| env: | |
| MVN_CLI_ARGS: "--batch-mode --no-transfer-progress --fail-at-end --show-version" | |
| DOCS_REPO: SAP/cloud-sdk | |
| jobs: | |
| prerequisites: | |
| name: "Prerequisites" | |
| outputs: | |
| code-branch: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }} | |
| docs-branch: ${{ steps.determine-branch-names.outputs.DOCS_BRANCH_NAME }} | |
| release-notes-branch: ${{ steps.determine-branch-names.outputs.RELEASE_NOTES_BRANCH_NAME }} | |
| release-tag: ${{ steps.determine-branch-names.outputs.RELEASE_TAG }} | |
| release-commit: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }} | |
| permissions: write-all # contents and push are needed to see the draft release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Determine Branch Names" | |
| id: determine-branch-names | |
| run: | | |
| CODE_BRANCH_NAME=$(gh pr view ${{github.event.inputs.release_pr_number}} --repo ${{github.repository}} --json headRefName --jq '.headRefName') | |
| RELEASE_VERSION=$(echo $CODE_BRANCH_NAME | cut -d '-' -f2) | |
| RELEASE_TAG=rel/$RELEASE_VERSION | |
| RELEASE_COMMIT=$(gh release view $RELEASE_TAG --repo ${{github.repository}} --json targetCommitish --jq '.targetCommitish') | |
| DOCS_BRANCH_NAME=java/release-docs-$RELEASE_VERSION | |
| RELEASE_NOTES_BRANCH_NAME=java/release-notes-$RELEASE_VERSION | |
| echo "CODE_BRANCH_NAME=$CODE_BRANCH_NAME" >> $GITHUB_OUTPUT | |
| echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT | |
| echo "RELEASE_TAG=$RELEASE_TAG" >> $GITHUB_OUTPUT | |
| echo "RELEASE_COMMIT=$RELEASE_COMMIT" >> $GITHUB_OUTPUT | |
| echo "DOCS_BRANCH_NAME=$DOCS_BRANCH_NAME" >> $GITHUB_OUTPUT | |
| echo "RELEASE_NOTES_BRANCH_NAME=$RELEASE_NOTES_BRANCH_NAME" >> $GITHUB_OUTPUT | |
| echo -e "[DEBUG] Current GITHUB_OUTPUT:\n$(cat $GITHUB_OUTPUT)" | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: "Checkout Repository" | |
| uses: actions/checkout@v4 | |
| - name: "Check Whether Code PR Can Be Merged" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| uses: ./.github/actions/pr-is-mergeable | |
| with: | |
| pr-ref: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }} | |
| excluded-check-runs: | | |
| { | |
| \"Continuous Integration\": [\"Run BlackDuck Scan\", \"Run Security Rating\"], | |
| \"dependabot merger\": [] | |
| } | |
| - name: "Check Code Release Commit Continuous Integration" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| uses: ./.github/actions/workflow-succeeded | |
| with: | |
| workflow: "Continuous Integration" | |
| sha: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }} | |
| - name: "Check Whether Docs PR Can Be Merged" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| uses: ./.github/actions/pr-is-mergeable | |
| with: | |
| pr-ref: ${{ steps.determine-branch-names.outputs.DOCS_BRANCH_NAME }} | |
| repo: ${{ env.DOCS_REPO }} | |
| token: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| excluded-check-runs: | | |
| { | |
| \"Build Cloud SDK Documentation\": [\"dependabot\"] | |
| } | |
| - name: "Check Whether Release Notes PR Can Be Merged" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| uses: ./.github/actions/pr-is-mergeable | |
| with: | |
| pr-ref: ${{ steps.determine-branch-names.outputs.RELEASE_NOTES_BRANCH_NAME }} | |
| repo: ${{ env.DOCS_REPO }} | |
| token: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| excluded-check-runs: | | |
| { | |
| \"Build Cloud SDK Documentation\": [\"dependabot\"] | |
| } | |
| release: | |
| name: "Release" | |
| needs: [ prerequisites ] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write # needed to modify the release draft | |
| pull-requests: write # needed to merge the release PR | |
| steps: | |
| - name: "Setup java" | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "sapmachine" | |
| java-version: "17" | |
| server-id: ossrh | |
| server-username: MAVEN_CENTRAL_USER # env variable for username in deploy | |
| server-password: MAVEN_CENTRAL_PASSWORD # env variable for token in deploy | |
| - name: "Download Release Asset" | |
| id: download-asset | |
| run: | | |
| gh release download ${{ needs.prerequisites.outputs.release-tag }} --dir ./ --repo "${{ github.repository }}" | |
| # x=extract v=verbose z=decompress f=file C=destination directory | |
| tar -xvzf apidocs-*.tar.gz -C . | |
| tar -xvzf release-*.tar.gz -C . | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Import GPG Key" | |
| run: | | |
| echo "${{ secrets.PGP_PRIVATE_KEY }}" | gpg --batch --passphrase "$PASSPHRASE" --import | |
| env: | |
| PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }} | |
| - name: "Deploy Locally" | |
| run: > | |
| mvn | |
| $MVN_CLI_ARGS | |
| -DrepositoryId=local | |
| -Durl=file:./temp_local_repo | |
| -Dmaven.install.skip=true | |
| -Dgpg.passphrase="$GPG_PASSPHRASE" | |
| -Dgpg.keyname="$MAVEN_CENTRAL_USER" | |
| deploy | |
| env: | |
| MAVEN_CENTRAL_USER: ${{ secrets.MAVEN_CENTRAL_USER }} | |
| MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
| GPG_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }} | |
| - name: "Deploy Staging" | |
| run: > | |
| mvn | |
| $MVN_CLI_ARGS | |
| org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13:deploy-staged-repository | |
| -DserverId=ossrh | |
| -DnexusUrl=https://oss.sonatype.org | |
| -DrepositoryDirectory=./temp_local_repo | |
| -DstagingProfileId=$MAVEN_CENTRAL_PROFILE_ID | |
| env: | |
| MAVEN_CENTRAL_USER: ${{ secrets.SONATYPE_TOKEN_NAME }} | |
| MAVEN_CENTRAL_PASSWORD: ${{ secrets.SONATYPE_TOKEN_PASS }} | |
| MAVEN_CENTRAL_PROFILE_ID: ${{ secrets.MAVEN_CENTRAL_PROFILE_ID }} | |
| - name: "Merge Code PR" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| run: gh pr merge --squash "${{ needs.prerequisites.outputs.code-branch }}" --delete-branch --repo "${{ github.repository }}" | |
| env: | |
| GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| - name: "Publish the Draft Release" | |
| run: gh release edit ${{ needs.prerequisites.outputs.release-tag }} --draft=false --repo "${{ github.repository }}" | |
| env: | |
| GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| - name: "Merge Docs PR" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| run: gh pr merge --squash "${{ needs.prerequisites.outputs.docs-branch }}" --delete-branch --repo "${{ env.DOCS_REPO }}" | |
| env: | |
| GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| - name: "Merge Release Notes PR" | |
| if: ${{ inputs.skip-pr-merge != 'true' }} | |
| run: | | |
| # https://github.com/cli/cli/issues/8092#issuecomment-1814439651 | |
| # The Release Notes mergeability computation hasn't completed yet | |
| # Because the base branch just changed from merging the Javadoc. | |
| # Sleep and retry to work around "Base branch was modified." error. | |
| for i in {1..3}; do | |
| sleep 5 | |
| if gh pr merge --squash "${{ needs.prerequisites.outputs.release-notes-branch }}" --delete-branch --repo "${{ env.DOCS_REPO }}"; then | |
| exit 0 | |
| fi | |
| done | |
| exit 1 | |
| env: | |
| GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} | |
| notify-job: | |
| runs-on: ubuntu-latest | |
| needs: [ prerequisites, release ] | |
| if: ${{ failure() }} | |
| steps: | |
| - name: "Checkout" | |
| uses: actions/checkout@v4 | |
| - name: "Notify" | |
| run: python .pipeline/scripts/notify.py | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
| WORKFLOW: ${{ github.workflow }} | |
| WORKFLOW_RUN_URL: https://github.com/SAP/cloud-sdk-java/actions/runs/${{ github.run_id }} | |
| BRANCH_NAME: ${{ needs.prerequisites.outputs.code-branch }} |