1+ # Licensed to the Apache Software Foundation (ASF) under one or more
2+ # contributor license agreements. See the NOTICE file distributed with
3+ # this work for additional information regarding copyright ownership.
4+ # The ASF licenses this file to You under the Apache License, Version 2.0
5+ # (the "License"); you may not use this file except in compliance with
6+ # the License. You may obtain a copy of the License at
7+ #
8+ # https://www.apache.org/licenses/LICENSE-2.0
9+ #
10+ # Unless required by applicable law or agreed to in writing, software
11+ # distributed under the License is distributed on an "AS IS" BASIS,
12+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+ # See the License for the specific language governing permissions and
14+ # limitations under the License.
15+
16+ name : " Release - Abort Release"
17+ on :
18+ workflow_dispatch :
19+ inputs :
20+ release_tag :
21+ description : ' Release tag (e.g., v7.0.0-M5)'
22+ required : true
23+ type : string
24+ permissions :
25+ contents : write
26+ actions : write
27+ jobs :
28+ abort :
29+ name : " Abort Release"
30+ runs-on : ubuntu-latest
31+ steps :
32+ - name : " Output Agent IP" # in the event RAO blocks this agent, this can be used to debug it
33+ run : curl -s https://api.ipify.org
34+ - name : " Setup SVN and Tools"
35+ run : sudo apt-get install -y subversion subversion-tools tree
36+ - name : " Extract repository name"
37+ id : extract_repository_name
38+ run : |
39+ echo "repository_name=${GITHUB_REPOSITORY##*/}" >> $GITHUB_OUTPUT
40+ name : " Extract release version"
41+ id : release_version
42+ run : |
43+ version="${{ github.event.inputs.release_tag }}"
44+ version="${version#v}"
45+ echo "Extracted version: $version"
46+ echo "value=${version}" >> $GITHUB_OUTPUT
47+ name : " Drop staging repository from Nexus"
48+ continue-on-error : true
49+ env :
50+ NEXUS_STAGE_DEPLOYER_USER : ${{ secrets.NEXUS_STAGE_DEPLOYER_USER }}
51+ NEXUS_STAGE_DEPLOYER_PW : ${{ secrets.NEXUS_STAGE_DEPLOYER_PW }}
52+ run : |
53+ export REPO_DESCRIPTION="${{ steps.extract_repository_name.outputs.repository_name }}:${{ steps.release_version.outputs.value }}"
54+ export STAGING_REPOSITORY_ID=$(curl -s -u "$NEXUS_STAGE_DEPLOYER_USER:$NEXUS_STAGE_DEPLOYER_PW" -H "Accept: application/json" \
55+ "https://repository.apache.org/service/local/staging/profile_repositories/${{ secrets.STAGING_PROFILE_ID }}" |
56+ jq -r '.data[] | select(.description=="'"$REPO_DESCRIPTION"'") | .repositoryId')
57+
58+ test -n "$STAGING_REPOSITORY_ID" || { echo "No repo with that description"; exit 1; }
59+
60+ response=$(curl -s --request POST -u "$NEXUS_STAGE_DEPLOYER_USER:$NEXUS_STAGE_DEPLOYER_PW" \
61+ --url https://repository.apache.org/service/local/staging/bulk/drop \
62+ --header 'Content-Type: application/json' \
63+ --header 'Accept: application/json' \
64+ --header 'User-Agent: Grails Github Actions' \
65+ --data '{ "data" : {"stagedRepositoryIds":["'"$STAGING_REPOSITORY_ID"'"], "description":"Drop '"$STAGING_REPOSITORY_ID"'." } }')
66+
67+ if [ ! -z "$response" ]; then
68+ echo "Error while dropping staged repository $STAGING_REPOSITORY_ID : $response."
69+ exit 1
70+ else
71+ echo "Successfully dropped repository $STAGING_REPOSITORY_ID."
72+ fi
73+ name : " Remove Staged Artifacts"
74+ continue-on-error : true
75+ env :
76+ SVN_USERNAME : ${{ secrets.SVC_DIST_GRAILS_USERNAME }}
77+ SVN_PASSWORD : ${{ secrets.SVC_DIST_GRAILS_PASSWORD }}
78+ run : |
79+ export VERSION="${{ steps.release_version.outputs.value }}"
80+ svnmucc --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive \
81+ -m "Remove grails dev version $VERSION" \
82+ rm "https://dist.apache.org/repos/dist/dev/incubator/grails/spring-security/$VERSION"
83+ name : " Cancel GitHub Actions"
84+ continue-on-error : true
85+ env :
86+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
87+ OWNER : ${{ github.repository_owner }}
88+ REPO : ${{ steps.extract_repository_name.outputs.repository_name }}
89+ run : |
90+ for status in queued in_progress; do
91+ curl -s -H "Authorization: Bearer $GITHUB_TOKEN" \
92+ -H "Accept: application/vnd.github+json" \
93+ "https://api.github.com/repos/$OWNER/$REPO/actions/runs?event=release&status=$status&per_page=100" |
94+ jq -r '.workflow_runs[].id'
95+ done > run-ids.txt
96+
97+ while read run_id; do
98+ echo "cancelling $run_id"
99+ curl -s -X POST \
100+ -H "Authorization: Bearer $GITHUB_TOKEN" \
101+ -H "Accept: application/vnd.github+json" \
102+ "https://api.github.com/repos/$OWNER/$REPO/actions/runs/$run_id/cancel"
103+ done < run-ids.txt
104+ rm -f run-ids.txt || true
105+ name : " Remove GitHub Release & Tag"
106+ env :
107+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
108+ TAG : ${{ github.event.inputs.release_tag }}
109+ OWNER : ${{ github.repository_owner }}
110+ REPO : ${{ steps.extract_repository_name.outputs.repository_name }}
111+ run : |
112+ set -euo pipefail
113+
114+ if release_json="$(gh api -H 'Accept: application/vnd.github+json' \
115+ "/repos/$OWNER/$REPO/releases/tags/$TAG" 2>/dev/null)"; then
116+ if [ "$(jq -r '.prerelease' <<<"$release_json")" != "true" ]; then
117+ echo "❌ Release $TAG exists but is *not* marked as a pre-release. Aborting."
118+ exit 1
119+ fi
120+
121+ release_id="$(jq -r '.id' <<<"$release_json")"
122+ echo "Deleting pre-release $release_id linked to tag $TAG"
123+ gh api -X DELETE "/repos/$OWNER/$REPO/releases/$release_id"
124+ else
125+ echo "No GitHub release found for tag $TAG – skipping release deletion"
126+ fi
127+
128+ ref="tags/$TAG"
129+ echo "Deleting git ref $ref"
130+ gh api -X DELETE "/repos/$OWNER/$REPO/git/refs/$ref" || echo "Tag $TAG already absent"
0 commit comments