Release (Requires manual steps to take, check all jobs are successful)

Release (Requires manual steps to take, check all jobs are successful) #84

Workflow file for this run

.github/workflows/release.yml at 50c39f2

	name: Release (Requires manual steps to take, check all jobs are successful)
	on: workflow_dispatch
	jobs:
	release:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	issues: write
	steps:
	- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
	- name: Set git config safe.directory
	run: git config --global --add safe.directory "$(pwd)"
	- name: Set git identity
	run: \|-
	git config user.name "github-actions"
	git config user.email "[email protected]"
	- name: Setup Node.js
	uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
	name: Setup Java
	with:
	distribution: temurin
	java-version: 21.x
	- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
	name: Setup Python
	with:
	python-version: 3.x
	- uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d
	name: Setup .NET
	with:
	dotnet-version: 9.0.x
	- uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00
	name: Setup Go
	with:
	go-version: ^1.25.0
	- name: Install dependencies
	run: npm ci
	- name: release
	run: \|
	unset CI # enable full package-all https://github.com/mongodb/awscdk-resources-mongodbatlas/blob/main/.projen/tasks.json#L157-L170
	npx projen release
	- name: Backup artifact permissions
	run: cd dist && getfacl -R . > permissions-backup.acl
	continue-on-error: true
	- name: Upload artifact
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4
	with:
	name: build-artifact
	path: dist
	overwrite: true
	release_npm:
	name: Publish to npm
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: read
	issues: write
	id-token: write # Required for provenance & Trusted Publishing.
	steps:
	- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	registry-url: https://registry.npmjs.org
	- name: Download build artifacts
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
	with:
	name: build-artifact
	path: dist
	- name: Restore build artifact permissions
	run: cd dist && setfacl --restore=permissions-backup.acl
	continue-on-error: true
	- name: Install dependencies
	run: npm ci
	- name: Publish to npm with provenance
	env:
	NPM_CONFIG_PROVENANCE: true
	run: npx -p publib@latest publib-npm
	release_maven:
	name: Publish to Maven Central
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: read
	issues: write
	steps:
	- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
	with:
	distribution: temurin
	java-version: 21.x
	- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	- name: Download build artifacts
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
	with:
	name: build-artifact
	path: dist
	- name: Restore build artifact permissions
	run: cd dist && setfacl --restore=permissions-backup.acl
	continue-on-error: true
	- name: Release
	env:
	MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
	MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }}
	MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
	MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
	MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }}
	MAVEN_SERVER_ID: ${{ vars.MAVEN_SERVER_ID }}
	run: npx -p publib@latest publib-maven
	release_pypi:
	name: Publish to PyPI
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: read
	issues: write
	id-token: write # Required for Trusted Publishing.
	steps:
	- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
	with:
	python-version: 3.x
	- name: Download build artifacts
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
	with:
	name: build-artifact
	path: dist
	- name: Restore build artifact permissions
	run: cd dist && setfacl --restore=permissions-backup.acl
	continue-on-error: true
	- name: Import GPG key
	uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec
	with:
	gpg_private_key: ${{ secrets.APIX_BOT_GPG_PRIVATE_KEY }}
	passphrase: ${{ secrets.APIX_BOT_GPG_PASSPHRASE }}
	- name: GPG sign PyPI distributions
	run: \|
	for file in dist/python/.whl dist/python/.tar.gz; do
	if [ -f "$file" ]; then
	gpg --batch --yes --pinentry-mode loopback --passphrase "$APIX_BOT_GPG_PASSPHRASE" --detach-sign -a "$file"
	fi
	done
	env:
	APIX_BOT_GPG_PASSPHRASE: ${{ secrets.APIX_BOT_GPG_PASSPHRASE }}
	- name: Upload to PyPI
	uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
	with:
	packages-dir: dist/python/
	release_nuget:
	name: Publish to NuGet Gallery
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: read
	issues: write
	id-token: write # Required for Trusted Publishing.
	steps:
	- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	- uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d
	with:
	dotnet-version: 9.0.x
	- name: Download build artifacts
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
	with:
	name: build-artifact
	path: dist
	- name: Restore build artifact permissions
	run: cd dist && setfacl --restore=permissions-backup.acl
	continue-on-error: true
	- name: Extract Version
	id: extract-version
	run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}"
	- name: Log in to MongoDB Docker registry
	uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef
	with:
	registry: ${{ secrets.ARTIFACTORY_REGISTRY }}
	username: ${{ secrets.ARTIFACTORY_USER }}
	password: ${{ secrets.ARTIFACTORY_PASSWORD }}
	- name: Sign NuGet package
	run: \|
	docker run \
	-e GRS_CONFIG_USER1_USERNAME="${{ secrets.ARTIFACTORY_SIGN_USER }}" \
	-e GRS_CONFIG_USER1_PASSWORD="${{ secrets.ARTIFACTORY_SIGN_PASSWORD }}" \
	--rm -v "$(pwd)":"$(pwd)" -w "$(pwd)" \
	"${{ secrets.ARTIFACTORY_REGISTRY }}/${{ secrets.ARTIFACTORY_SIGN_TOOL }}" \
	/bin/bash -c "jsign --tsaurl http://timestamp.digicert.com -a ${{ secrets.AUTHENTICODE_KEY_NAME }} \
	./dist/dotnet/MongoDB.AWSCDKResourcesMongoDBAtlas.${{ steps.extract-version.outputs.VERSION }}.nupkg"
	- id: login
	uses: NuGet/login@d22cc5f58ff5b88bf9bd452535b4335137e24544
	with:
	user: ${{ secrets.NUGET_USER }}
	- name: Release
	env:
	NUGET_API_KEY: ${{ steps.login.outputs.NUGET_API_KEY }}
	run: npx -p publib@latest publib-nuget
	release_golang:
	name: Publish to GitHub Go Module Repository
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: read
	issues: write
	steps:
	- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903
	with:
	node-version: 24.x
	- uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00
	with:
	go-version: ^1.25.0
	- name: Download build artifacts
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
	with:
	name: build-artifact
	path: dist
	- name: Restore build artifact permissions
	run: cd dist && setfacl --restore=permissions-backup.acl
	continue-on-error: true
	- name: Release
	env:
	GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }}
	GIT_USER_NAME: ${{ secrets.GO_GIT_USER_NAME }}
	GIT_USER_EMAIL: ${{ secrets.GO_GIT_USER_EMAIL }}
	run: npx -p publib@latest publib-golang

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Release (Requires manual steps to take, check all jobs are successful) #84

Workflow file

Release (Requires manual steps to take, check all jobs are successful) #84

Uh oh!

Jobs

Run details

Workflow file for this run