-
Notifications
You must be signed in to change notification settings - Fork 1
94 lines (90 loc) · 4.83 KB
/
maven-central-publish.yaml
File metadata and controls
94 lines (90 loc) · 4.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: Publish to Maven Central
on:
push: {tags: ['v*']}
release: {types: [published]}
workflow_dispatch:
inputs:
version: {description: 'Release version (e.g., 1.0.0)', required: true, type: string}
dry_run: {description: Execute dry run, type: boolean, default: false}
force_publish: {description: Force publish, type: boolean, default: false}
concurrency: {group: 'maven-publish-${{ github.ref }}', cancel-in-progress: false}
jobs:
validate:
name: Validate
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
version: ${{ steps.version-check.outputs.version || steps.versions.outputs.project-version }}
is-snapshot: ${{ steps.version-check.outputs.is-snapshot }}
should-publish: ${{ steps.version-check.outputs.should-publish }}
version-exists: ${{ steps.version-check.outputs.version-exists }}
java-version: ${{ steps.versions.outputs.java-version }}
gradle-version: ${{ steps.versions.outputs.gradle-version }}
steps:
- uses: actions/checkout@v5.0.1
with: {fetch-depth: 0}
- id: versions
uses: ./.github/actions/extract-versions
- id: resolve-version
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then echo "version=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event_name }}" == "release" ]]; then echo "version=${{ github.event.release.tag_name }}" | sed 's/v//' >> $GITHUB_OUTPUT
elif [[ "${{ github.ref_type }}" == "tag" ]]; then echo "version=${{ github.ref_name }}" | sed 's/v//' >> $GITHUB_OUTPUT
else echo "version=${{ steps.versions.outputs.project-version }}" >> $GITHUB_OUTPUT; fi
- id: version-check
uses: ./.github/actions/maven-version-check
with: {version: '${{ steps.resolve-version.outputs.version }}', force-publish: '${{ github.event.inputs.force_publish || false }}'}
- uses: ./.github/actions/publish-report
with: {report-type: pre-publish, version: '${{ steps.resolve-version.outputs.version }}'}
publish:
name: Publish
needs: validate
if: needs.validate.outputs.should-publish == 'true'
runs-on: ubuntu-latest
timeout-minutes: 60
environment: maven-central
steps:
- uses: actions/checkout@v5.0.1
with: {fetch-depth: 0}
- uses: actions/setup-java@v5.0.0
with: {java-version: '${{ needs.validate.outputs.java-version }}', distribution: temurin}
- uses: gradle/actions/setup-gradle@v5.0.0
with: {gradle-version: '${{ needs.validate.outputs.gradle-version }}', cache-encryption-key: '${{ secrets.GRADLE_CACHE_ENCRYPTION_KEY }}'}
- name: Publish
if: github.event.inputs.dry_run != 'true'
run: |
./gradlew clean publishToMavenCentral --no-daemon --no-parallel --build-cache --configuration-cache --max-workers=1 \
-PsigningInMemoryKeyId="${{ secrets.GPG_KEY_ID }}" -PsigningInMemoryKey="${{ secrets.GPG_PRIVATE_KEY }}" \
-PmavenCentralUsername="${{ secrets.MAVENCENTRAL_USERNAME }}" -PmavenCentralPassword="${{ secrets.MAVENCENTRAL_PASSWORD }}" \
-PsigningInMemoryKeyPassword="${{ secrets.GPG_PASSPHRASE }}"
- name: Dry Run
if: github.event.inputs.dry_run == 'true'
run: |
./gradlew clean publishToMavenLocal --no-daemon --no-parallel --build-cache --configuration-cache --max-workers=1 \
-PsigningInMemoryKeyId="${{ secrets.GPG_KEY_ID }}" -PsigningInMemoryKey="${{ secrets.GPG_PRIVATE_KEY }}" \
-PsigningInMemoryKeyPassword="${{ secrets.GPG_PASSPHRASE }}"
- if: always()
uses: ./.github/actions/publish-report
with: {report-type: summary, version: '${{ needs.validate.outputs.version }}', publish-success: '${{ job.status == ''success'' }}'}
release:
name: Release
needs: [validate, publish]
if: always() && github.event.inputs.dry_run != 'true' && needs.validate.outputs.is-snapshot == 'false' && (needs.publish.result == 'success' || needs.validate.outputs.version-exists == 'true')
runs-on: ubuntu-latest
timeout-minutes: 10
permissions: {contents: write}
steps:
- uses: actions/checkout@v5.0.1
with: {fetch-depth: 0}
- uses: ./.github/actions/create-release
with: {version: '${{ needs.validate.outputs.version }}', token: '${{ secrets.GITHUB_TOKEN }}'}
failure:
name: Failure Report
needs: [validate, publish, release]
if: always() && (needs.publish.result == 'failure' || needs.release.result == 'failure')
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@v5.0.1
- uses: ./.github/actions/publish-report
with: {report-type: failure, version: '${{ needs.validate.outputs.version }}', error-message: Publication failed, error-details: 'Publish: ${{ needs.publish.result }}, Release: ${{ needs.release.result }}'}