Skip to content

HHH-19341 Add automated release to 5.6 #10122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
May 14, 2025
Merged

HHH-19341 Add automated release to 5.6 #10122

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b057689
HHH-19341 Add automated release to 5.6
marko-bekhta May 7, 2025
1fde31d
HHH-19341 Stop building zip/tar distribution bundles
marko-bekhta May 8, 2025
0411483
HHH-19341 Adjust snapshot publishing to use the release scripts
marko-bekhta May 8, 2025
4641f58
HHH-19341 Update GH action versions
marko-bekhta May 8, 2025
2bd86e4
HHH-19341 Remove the use of the gradle-maven-publish-auth
marko-bekhta May 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a # v3.28.4
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -45,7 +45,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
uses: github/codeql-action/autobuild@7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a # v3.28.4

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -58,6 +58,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a # v3.28.4
with:
category: "/language:${{matrix.language}}"
category: "/language:${{matrix.language}}"
13 changes: 7 additions & 6 deletions .github/workflows/contributor-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ jobs:
# Running with HANA requires at least 8GB memory just for the database, which we don't have on GH Actions runners
# - rdbms: hana
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Reclaim Disk Space
Expand All @@ -59,16 +59,17 @@ jobs:
RDBMS: ${{ matrix.rdbms }}
run: ci/database-start.sh
- name: Set up Java 8
uses: actions/setup-java@v1
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: 1.8
distribution: 'temurin'
java-version: '8'
- name: Get year/month for cache key
id: get-date
run: |
echo "::set-output name=yearmonth::$(/bin/date -u "+%Y-%m")"
shell: bash
- name: Cache Maven local repository
uses: actions/cache@v2
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
id: cache-maven
with:
path: |
Expand All @@ -83,12 +84,12 @@ jobs:
run: ./ci/build-github.sh
shell: bash
- name: Upload test reports (if Gradle failed)
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
if: failure()
with:
name: test-reports-java8-${{ matrix.rdbms }}
path: |
./**/target/reports/tests/
./**/target/reports/checkstyle/
- name: Omit produced artifacts from build cache
run: ./ci/before-cache.sh
run: ./ci/before-cache.sh
3 changes: 3 additions & 0 deletions .release/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# The folder into which we checkout our release scripts into
*
!.gitignore
16 changes: 0 additions & 16 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,18 +21,11 @@ buildscript {

plugins {
id 'me.champeau.buildscan-recipes' version '0.2.3'
id 'io.github.gradle-nexus.publish-plugin' version '1.1.0'
id 'nu.studer.credentials' version '2.2'
id 'org.hibernate.build.xjc' version '2.0.1' apply false
id 'org.hibernate.build.maven-repo-auth' version '3.0.3' apply false
id 'biz.aQute.bnd' version '5.1.1' apply false
}

ext {
sonatypeOssrhUser = project.findProperty( 'SONATYPE_OSSRH_USER' )
sonatypeOssrhPassword = project.findProperty( 'SONATYPE_OSSRH_PASSWORD' )
}

File versionFile = file( "${rootProject.projectDir}/gradle/version.properties" )

ext {
Expand All @@ -51,15 +44,6 @@ ext {
group = 'org.hibernate'
version = project.ormVersion.fullName

nexusPublishing {
repositories {
sonatype {
username = project.sonatypeOssrhUser
password = project.sonatypeOssrhPassword
}
}
}

allprojects {
repositories {
mavenCentral()
Expand Down
275 changes: 275 additions & 0 deletions ci/release/Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,275 @@
#! /usr/bin/groovy
/*
* See https://github.com/hibernate/hibernate-jenkins-pipeline-helpers
*/
@Library('hibernate-jenkins-pipeline-helpers') _

import org.hibernate.jenkins.pipeline.helpers.version.Version

// --------------------------------------------
// Global build configuration
env.PROJECT = "orm"
env.JIRA_KEY = "HHH"
def RELEASE_ON_SCHEDULE = false // Set to `true` *only* on branches where you want a scheduled release.

print "INFO: env.PROJECT = ${env.PROJECT}"
print "INFO: env.JIRA_KEY = ${env.JIRA_KEY}"

// --------------------------------------------
// Build conditions

// Avoid running the pipeline on branch indexing
if (currentBuild.getBuildCauses().toString().contains('BranchIndexingCause')) {
print "INFO: Build skipped due to trigger being Branch Indexing"
currentBuild.result = 'NOT_BUILT'
return
}

def manualRelease = currentBuild.getBuildCauses().toString().contains( 'UserIdCause' )
def cronRelease = currentBuild.getBuildCauses().toString().contains( 'TimerTriggerCause' )

// Only do automatic release on branches where we opted in
if ( !manualRelease && !cronRelease ) {
print "INFO: Build skipped because automated releases on push are disabled on this branch."
currentBuild.result = 'NOT_BUILT'
return
}

if ( !manualRelease && cronRelease && !RELEASE_ON_SCHEDULE ) {
print "INFO: Build skipped because automated releases are disabled on this branch. See constant RELEASE_ON_SCHEDULE in ci/release/Jenkinsfile"
currentBuild.result = 'NOT_BUILT'
return
}

// --------------------------------------------
// Reusable methods

def checkoutReleaseScripts() {
dir('.release/scripts') {
checkout scmGit(branches: [[name: '*/main']], extensions: [],
userRemoteConfigs: [[credentialsId: 'ed25519.Hibernate-CI.github.com',
url: 'https://github.com/hibernate/hibernate-release-scripts.git']])
}
}


// --------------------------------------------
// Pipeline

pipeline {
agent {
label 'Release'
}
triggers {
// Run every week Sunday midnight
cron('0 0 * * 0')
}
tools {
jdk 'OpenJDK 8 Latest'
}
options {
buildDiscarder logRotator(daysToKeepStr: '30', numToKeepStr: '10')
disableConcurrentBuilds(abortPrevious: false)
preserveStashes()
}
parameters {
string(
name: 'RELEASE_VERSION',
defaultValue: '',
description: 'The version to be released, e.g. 6.2.1.Final. Mandatory for manual releases, to prevent mistakes.',
trim: true
)
string(
name: 'DEVELOPMENT_VERSION',
defaultValue: '',
description: 'The next version to be used after the release, e.g. 6.2.2-SNAPSHOT. If not set, determined automatically from the release version.',
trim: true
)
booleanParam(
name: 'RELEASE_DRY_RUN',
defaultValue: false,
description: 'If true, just simulate the release, without pushing any commits or tags, and without uploading any artifacts or documentation.'
)
}
stages {
stage('Release check') {
steps {
script {
print "INFO: params.RELEASE_VERSION = ${params.RELEASE_VERSION}"
print "INFO: params.DEVELOPMENT_VERSION = ${params.DEVELOPMENT_VERSION}"
print "INFO: params.RELEASE_DRY_RUN? = ${params.RELEASE_DRY_RUN}"

checkoutReleaseScripts()

def currentVersion = Version.parseDevelopmentVersion( sh(
script: ".release/scripts/determine-current-version.sh ${env.PROJECT}",
returnStdout: true
).trim() )
echo "Workspace version: ${currentVersion}"

def releaseVersion
def developmentVersion

def lastCommitter = sh(script: 'git show -s --format=\'%an\'', returnStdout: true).trim()
def secondLastCommitter = sh(script: 'git show -s --format=\'%an\' HEAD~1', returnStdout: true).trim()
def isCiLastCommiter = lastCommitter == 'Hibernate-CI' && secondLastCommitter == 'Hibernate-CI'

echo "Last two commits were performed by '${lastCommitter}'/'${secondLastCommitter}'."
echo "Is 'Hibernate-CI' the last commiter: '${isCiLastCommiter}'."

if ( manualRelease ) {
echo "Release was requested manually"

if ( !params.RELEASE_VERSION ) {
throw new IllegalArgumentException(
'Missing value for parameter RELEASE_VERSION. This parameter must be set explicitly to prevent mistakes.'
)
}
releaseVersion = Version.parseReleaseVersion( params.RELEASE_VERSION )

if ( !releaseVersion.toString().startsWith( currentVersion.family + '.' ) ) {
throw new IllegalArgumentException( "RELEASE_VERSION = $releaseVersion, which is different from the family of CURRENT_VERSION = $currentVersion. Did you make a mistake?" )
}
}
else {
echo "Release was triggered automatically"

// Avoid doing an automatic release for commits from a release

if (isCiLastCommiter) {
print "INFO: Automatic release skipped because last commits were for the previous release"
currentBuild.getRawBuild().getExecutor().interrupt(Result.NOT_BUILT)
sleep(1) // Interrupt is not blocking and does not take effect immediately.
return
}

releaseVersion = Version.parseReleaseVersion( sh(
script: ".release/scripts/determine-release-version.sh ${currentVersion}",
returnStdout: true
).trim() )
}
echo "Release version: ${releaseVersion}"

if ( !params.DEVELOPMENT_VERSION ) {
developmentVersion = Version.parseDevelopmentVersion( sh(
script: ".release/scripts/determine-development-version.sh ${releaseVersion}",
returnStdout: true
).trim() )
}
else {
developmentVersion = Version.parseDevelopmentVersion( params.DEVELOPMENT_VERSION )
}
echo "Development version: ${developmentVersion}"

env.RELEASE_VERSION = releaseVersion.toString()
env.DEVELOPMENT_VERSION = developmentVersion.toString()
env.SCRIPT_OPTIONS = params.RELEASE_DRY_RUN ? "-d" : ""
env.JRELEASER_DRY_RUN = params.RELEASE_DRY_RUN

// Determine version id to check if Jira version exists
sh ".release/scripts/determine-jira-version-id.sh ${env.JIRA_KEY} ${releaseVersion.withoutFinalQualifier}"
}
}
}
stage('Release prepare') {
steps {
script {
checkoutReleaseScripts()

configFileProvider([
configFile(fileId: 'release.config.ssh', targetLocation: "${env.HOME}/.ssh/config"),
configFile(fileId: 'release.config.ssh.knownhosts', targetLocation: "${env.HOME}/.ssh/known_hosts")
]) {
sshagent(['ed25519.Hibernate-CI.github.com', 'hibernate.filemgmt.jboss.org', 'hibernate-ci.frs.sourceforge.net']) {
// set release version
// update changelog from JIRA
// tags the version
// changes the version to the provided development version
withEnv([
"DISABLE_REMOTE_GRADLE_CACHE=true",
// Increase the amount of memory for this part since asciidoctor doc rendering consumes a lot of metaspace
"GRADLE_OPTS=-Dorg.gradle.jvmargs='-Dlog4j2.disableJmx -Xmx4g -XX:MaxMetaspaceSize=768m -XX:+HeapDumpOnOutOfMemoryError -Duser.language=en -Duser.country=US -Duser.timezone=UTC -Dfile.encoding=UTF-8'"
]) {
sh ".release/scripts/prepare-release.sh -j -b ${env.GIT_BRANCH} -v ${env.DEVELOPMENT_VERSION} ${env.PROJECT} ${env.RELEASE_VERSION}"
}
}
}
}
}
}
stage('Publish release') {
steps {
script {
checkoutReleaseScripts()

configFileProvider([
configFile(fileId: 'release.config.ssh', targetLocation: "${env.HOME}/.ssh/config"),
configFile(fileId: 'release.config.ssh.knownhosts', targetLocation: "${env.HOME}/.ssh/known_hosts")
]) {
withCredentials([
// https://github.com/gradle-nexus/publish-plugin#publishing-to-maven-central-via-sonatype-ossrh
// TODO: HHH-19309:
// Once we switch to maven-central publishing (from nexus2) we need to add a new credentials
// to use the following env variable names to set the user/password:
// - JRELEASER_MAVENCENTRAL_USERNAME
// - JRELEASER_MAVENCENTRAL_TOKEN
// Also use the new `credentialsId` for Maven Central, e.g.:
// usernamePassword(credentialsId: '???????', passwordVariable: 'JRELEASER_MAVENCENTRAL_TOKEN', usernameVariable: 'JRELEASER_MAVENCENTRAL_USERNAME'),
usernamePassword(credentialsId: 'ossrh.sonatype.org', passwordVariable: 'JRELEASER_NEXUS2_PASSWORD', usernameVariable: 'JRELEASER_NEXUS2_USERNAME'),
// https://docs.gradle.org/current/userguide/publishing_gradle_plugins.html#account_setup
usernamePassword(credentialsId: 'gradle-plugin-portal-api-key', passwordVariable: 'GRADLE_PUBLISH_SECRET', usernameVariable: 'GRADLE_PUBLISH_KEY'),
gitUsernamePassword(credentialsId: 'username-and-token.Hibernate-CI.github.com', gitToolName: 'Default'),
file(credentialsId: 'release.gpg.private-key', variable: 'RELEASE_GPG_PRIVATE_KEY_PATH'),
string(credentialsId: 'release.gpg.passphrase', variable: 'JRELEASER_GPG_PASSPHRASE'),
string(credentialsId: 'Hibernate-CI.github.com', variable: 'JRELEASER_GITHUB_TOKEN')
]) {
sshagent(['ed25519.Hibernate-CI.github.com', 'hibernate.filemgmt.jboss.org', 'hibernate-ci.frs.sourceforge.net']) {
// performs documentation upload and Sonatype release
// push to github
withEnv([
"DISABLE_REMOTE_GRADLE_CACHE=true"
]) {
sh ".release/scripts/publish.sh -j ${env.SCRIPT_OPTIONS} ${env.PROJECT} ${env.RELEASE_VERSION} ${env.DEVELOPMENT_VERSION} ${env.GIT_BRANCH}"
}
}
}
}
}
}
}
stage('Website release') {
steps {
script {
checkoutReleaseScripts()

configFileProvider([
configFile(fileId: 'release.config.ssh', targetLocation: "${env.HOME}/.ssh/config"),
configFile(fileId: 'release.config.ssh.knownhosts', targetLocation: "${env.HOME}/.ssh/known_hosts")
]) {
withCredentials([
gitUsernamePassword(credentialsId: 'username-and-token.Hibernate-CI.github.com', gitToolName: 'Default')
]) {
sshagent( ['ed25519.Hibernate-CI.github.com', 'hibernate.filemgmt.jboss.org', 'hibernate-ci.frs.sourceforge.net'] ) {
dir( '.release/hibernate.org' ) {
checkout scmGit(
branches: [[name: '*/production']],
extensions: [],
userRemoteConfigs: [[credentialsId: 'ed25519.Hibernate-CI.github.com', url: 'https://github.com/hibernate/hibernate.org.git']]
)
sh "../scripts/website-release.sh ${env.SCRIPT_OPTIONS} ${env.PROJECT} ${env.RELEASE_VERSION}"
}
}
}
}
}
}
}
}
post {
always {
configFileProvider([configFile(fileId: 'job-configuration.yaml', variable: 'JOB_CONFIGURATION_FILE')]) {
notifyBuildResult maintainers: (String) readYaml(file: env.JOB_CONFIGURATION_FILE).notification?.email?.recipients
}
}
}
}
Loading
Loading