diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 28100226..cf29ff9b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -36,152 +36,152 @@ jobs: name: build-artifact path: dist overwrite: true - release_npm: - name: Publish to npm - needs: release - runs-on: ubuntu-latest - permissions: - contents: read - issues: write - steps: - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a - with: - node-version: 18.x - - name: Download build artifacts - uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd - with: - name: build-artifact - path: dist - - name: Restore build artifact permissions - run: cd dist && setfacl --restore=permissions-backup.acl - continue-on-error: true - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - with: - path: .repo - - name: Install Dependencies - run: cd .repo && yarn install --check-files --frozen-lockfile - - name: Create js artifact - run: cd .repo && npx projen compile && npx projen package:js - - name: Collect js Artifact - run: mv .repo/dist/js dist/js - - name: Release - env: - NPM_DIST_TAG: latest - NPM_REGISTRY: registry.npmjs.org - NPM_TOKEN: ${{ secrets.NPM_TOKEN }} - run: npx -p publib@latest publib-npm - - name: Extract Version - id: extract-version - if: ${{ failure() }} - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to npm failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - release_maven: - name: Publish to Maven Central - needs: release - runs-on: ubuntu-latest - permissions: - contents: read - issues: write - steps: - - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b - with: - distribution: temurin - java-version: 11.x - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a - with: - node-version: 18.x - - name: Download build artifacts - uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd - with: - name: build-artifact - path: dist - - name: Restore build artifact permissions - run: cd dist && setfacl --restore=permissions-backup.acl - continue-on-error: true - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - with: - path: .repo - - name: Install Dependencies - run: cd .repo && yarn install --check-files --frozen-lockfile - - name: Create java artifact - run: cd .repo && npx projen compile && npx projen package:java - - name: Collect java Artifact - run: mv .repo/dist/java dist/java - - name: Release - env: - MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} - MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }} - MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} - MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} - MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }} - run: npx -p publib@latest publib-maven - - name: Extract Version - id: extract-version - if: ${{ failure() }} - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to Maven Central failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - release_pypi: - name: Publish to PyPI - needs: release - runs-on: ubuntu-latest - permissions: - contents: read - issues: write - steps: - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a - with: - node-version: 18.x - - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 - with: - python-version: 3.x - - name: Download build artifacts - uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd - with: - name: build-artifact - path: dist - - name: Restore build artifact permissions - run: cd dist && setfacl --restore=permissions-backup.acl - continue-on-error: true - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - with: - path: .repo - - name: Install Dependencies - run: cd .repo && yarn install --check-files --frozen-lockfile - - name: Create python artifact - run: cd .repo && npx projen compile && npx projen package:python - - name: Collect python Artifact - run: mv .repo/dist/python dist/python - - name: Release - env: - TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} - TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} - run: npx -p publib@latest publib-pypi - - name: Extract Version - id: extract-version - if: ${{ failure() }} - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to PyPI failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + # release_npm: + # name: Publish to npm + # needs: release + # runs-on: ubuntu-latest + # permissions: + # contents: read + # issues: write + # steps: + # - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a + # with: + # node-version: 18.x + # - name: Download build artifacts + # uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd + # with: + # name: build-artifact + # path: dist + # - name: Restore build artifact permissions + # run: cd dist && setfacl --restore=permissions-backup.acl + # continue-on-error: true + # - name: Checkout + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # with: + # path: .repo + # - name: Install Dependencies + # run: cd .repo && yarn install --check-files --frozen-lockfile + # - name: Create js artifact + # run: cd .repo && npx projen compile && npx projen package:js + # - name: Collect js Artifact + # run: mv .repo/dist/js dist/js + # - name: Release + # env: + # NPM_DIST_TAG: latest + # NPM_REGISTRY: registry.npmjs.org + # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + # run: npx -p publib@latest publib-npm + # - name: Extract Version + # id: extract-version + # if: ${{ failure() }} + # run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to npm failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + # release_maven: + # name: Publish to Maven Central + # needs: release + # runs-on: ubuntu-latest + # permissions: + # contents: read + # issues: write + # steps: + # - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b + # with: + # distribution: temurin + # java-version: 11.x + # - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a + # with: + # node-version: 18.x + # - name: Download build artifacts + # uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd + # with: + # name: build-artifact + # path: dist + # - name: Restore build artifact permissions + # run: cd dist && setfacl --restore=permissions-backup.acl + # continue-on-error: true + # - name: Checkout + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # with: + # path: .repo + # - name: Install Dependencies + # run: cd .repo && yarn install --check-files --frozen-lockfile + # - name: Create java artifact + # run: cd .repo && npx projen compile && npx projen package:java + # - name: Collect java Artifact + # run: mv .repo/dist/java dist/java + # - name: Release + # env: + # MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} + # MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }} + # MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + # MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + # MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }} + # run: npx -p publib@latest publib-maven + # - name: Extract Version + # id: extract-version + # if: ${{ failure() }} + # run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to Maven Central failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + # release_pypi: + # name: Publish to PyPI + # needs: release + # runs-on: ubuntu-latest + # permissions: + # contents: read + # issues: write + # steps: + # - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a + # with: + # node-version: 18.x + # - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 + # with: + # python-version: 3.x + # - name: Download build artifacts + # uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd + # with: + # name: build-artifact + # path: dist + # - name: Restore build artifact permissions + # run: cd dist && setfacl --restore=permissions-backup.acl + # continue-on-error: true + # - name: Checkout + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # with: + # path: .repo + # - name: Install Dependencies + # run: cd .repo && yarn install --check-files --frozen-lockfile + # - name: Create python artifact + # run: cd .repo && npx projen compile && npx projen package:python + # - name: Collect python Artifact + # run: mv .repo/dist/python dist/python + # - name: Release + # env: + # TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} + # TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} + # run: npx -p publib@latest publib-pypi + # - name: Extract Version + # id: extract-version + # if: ${{ failure() }} + # run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to PyPI failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} release_nuget: name: Publish to NuGet Gallery needs: release @@ -208,125 +208,131 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: path: .repo + fetch-depth: 0 - name: Install Dependencies run: cd .repo && yarn install --check-files --frozen-lockfile - name: Create dotnet artifact - run: cd .repo && npx projen compile && npx projen package:dotnet + run: | + cd .repo + npx projen bump + npx projen compile + npx projen package:dotnet - name: Collect dotnet Artifact run: mv .repo/dist/dotnet dist/dotnet - name: Extract Version id: extract-version - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Log in to MongoDB Docker registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 - with: - registry: ${{ secrets.ARTIFACTORY_REGISTRY }} - username: ${{ secrets.ARTIFACTORY_USER }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - - name: Sign NuGet package run: | - docker run \ - -e GRS_CONFIG_USER1_USERNAME="${{ secrets.ARTIFACTORY_SIGN_USER }}" \ - -e GRS_CONFIG_USER1_PASSWORD="${{ secrets.ARTIFACTORY_SIGN_PASSWORD }}" \ - --rm -v "$(pwd)":"$(pwd)" -w "$(pwd)" \ - "${{ secrets.ARTIFACTORY_REGISTRY }}/${{ secrets.ARTIFACTORY_SIGN_TOOL }}" \ - /bin/bash -c "jsign --tsaurl http://timestamp.digicert.com -a ${{ secrets.AUTHENTICODE_KEY_NAME }} \ - ./dist/dotnet/MongoDB.AWSCDKResourcesMongoDBAtlas.${{ steps.extract-version.outputs.VERSION }}.nupkg" - - name: Release - env: - NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} - run: npx -p publib@latest publib-nuget - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to NuGet Gallery failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - release_golang: - name: Publish to GitHub Go Module Repository - needs: release - runs-on: ubuntu-latest - permissions: - contents: read - issues: write - steps: - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a - with: - node-version: 18.x - - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 - with: - go-version: ^1.16.0 - - name: Download build artifacts - uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd - with: - name: build-artifact - path: dist - - name: Restore build artifact permissions - run: cd dist && setfacl --restore=permissions-backup.acl - continue-on-error: true - - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - with: - path: .repo - - name: Install Dependencies - run: cd .repo && yarn install --check-files --frozen-lockfile - - name: Create go artifact - run: cd .repo && npx projen compile && npx projen package:go - - name: Collect go Artifact - run: mv .repo/dist/go dist/go - - name: Release - env: - GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }} - GIT_USER_NAME: ${{ secrets.GO_GIT_USER_NAME }} - GIT_USER_EMAIL: ${{ secrets.GO_GIT_USER_EMAIL }} - run: npx -p publib@latest publib-golang - - name: Extract Version - id: extract-version - if: ${{ failure() }} - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Go Module Repository failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} - release_github: - name: Publish to GitHub Releases - needs: [release, release_npm, release_maven, release_pypi, release_nuget, release_golang] - runs-on: ubuntu-latest - permissions: - contents: write - issues: write - steps: - - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a - with: - node-version: 18.x - - name: Download build artifacts - uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd - with: - name: build-artifact - path: dist - - name: Restore build artifact permissions - run: cd dist && setfacl --restore=permissions-backup.acl - continue-on-error: true - - name: Release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GITHUB_REPOSITORY: ${{ github.repository }} - GITHUB_REF: ${{ github.ref }} - run: errout=$(mktemp); gh release create "$(cat dist/releasetag.txt)" -R "${GITHUB_REPOSITORY}" -F dist/changelog.md -t "$(cat dist/releasetag.txt)" --target "${GITHUB_REF}" 2> "$errout" && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" "$errout"; then cat "$errout"; exit $exitcode; fi - - name: Extract Version - id: extract-version - if: ${{ failure() }} - run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" - - name: Create Issue - if: ${{ failure() }} - uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - labels: failed-release - title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Releases failed - body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + echo "VERSION=$(cat ./dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Log in to MongoDB Docker registry + # uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 + # with: + # registry: ${{ secrets.ARTIFACTORY_REGISTRY }} + # username: ${{ secrets.ARTIFACTORY_USER }} + # password: ${{ secrets.ARTIFACTORY_PASSWORD }} + # - name: Sign NuGet package + # run: | + # docker run \ + # -e GRS_CONFIG_USER1_USERNAME="${{ secrets.ARTIFACTORY_SIGN_USER }}" \ + # -e GRS_CONFIG_USER1_PASSWORD="${{ secrets.ARTIFACTORY_SIGN_PASSWORD }}" \ + # --rm -v "$(pwd)":"$(pwd)" -w "$(pwd)" \ + # "${{ secrets.ARTIFACTORY_REGISTRY }}/${{ secrets.ARTIFACTORY_SIGN_TOOL }}" \ + # /bin/bash -c "jsign --tsaurl http://timestamp.digicert.com -a ${{ secrets.AUTHENTICODE_KEY_NAME }} \ + # ./dist/dotnet/MongoDB.AWSCDKResourcesMongoDBAtlas.${{ steps.extract-version.outputs.VERSION }}.nupkg" + # - name: Release + # env: + # NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} + # run: npx -p publib@latest publib-nuget + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to NuGet Gallery failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + # release_golang: + # name: Publish to GitHub Go Module Repository + # needs: release + # runs-on: ubuntu-latest + # permissions: + # contents: read + # issues: write + # steps: + # - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a + # with: + # node-version: 18.x + # - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 + # with: + # go-version: ^1.16.0 + # - name: Download build artifacts + # uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd + # with: + # name: build-artifact + # path: dist + # - name: Restore build artifact permissions + # run: cd dist && setfacl --restore=permissions-backup.acl + # continue-on-error: true + # - name: Checkout + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + # with: + # path: .repo + # - name: Install Dependencies + # run: cd .repo && yarn install --check-files --frozen-lockfile + # - name: Create go artifact + # run: cd .repo && npx projen compile && npx projen package:go + # - name: Collect go Artifact + # run: mv .repo/dist/go dist/go + # - name: Release + # env: + # GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }} + # GIT_USER_NAME: ${{ secrets.GO_GIT_USER_NAME }} + # GIT_USER_EMAIL: ${{ secrets.GO_GIT_USER_EMAIL }} + # run: npx -p publib@latest publib-golang + # - name: Extract Version + # id: extract-version + # if: ${{ failure() }} + # run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Go Module Repository failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + # release_github: + # name: Publish to GitHub Releases + # needs: [release, release_npm, release_maven, release_pypi, release_nuget, release_golang] + # runs-on: ubuntu-latest + # permissions: + # contents: write + # issues: write + # steps: + # - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a + # with: + # node-version: 18.x + # - name: Download build artifacts + # uses: actions/download-artifact@533298bc57c27f112a2c04a74a04a4d43e2866fd + # with: + # name: build-artifact + # path: dist + # - name: Restore build artifact permissions + # run: cd dist && setfacl --restore=permissions-backup.acl + # continue-on-error: true + # - name: Release + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # GITHUB_REPOSITORY: ${{ github.repository }} + # GITHUB_REF: ${{ github.ref }} + # run: errout=$(mktemp); gh release create "$(cat dist/releasetag.txt)" -R "${GITHUB_REPOSITORY}" -F dist/changelog.md -t "$(cat dist/releasetag.txt)" --target "${GITHUB_REF}" 2> "$errout" && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" "$errout"; then cat "$errout"; exit $exitcode; fi + # - name: Extract Version + # id: extract-version + # if: ${{ failure() }} + # run: echo "VERSION=$(cat dist/version.txt)" >> "${GITHUB_OUTPUT}" + # - name: Create Issue + # if: ${{ failure() }} + # uses: imjohnbo/issue-bot@572eed14422c4d6ca37e870f97e7da209422f5bd + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # with: + # labels: failed-release + # title: Publishing v${{ steps.extract-version.outputs.VERSION }} to GitHub Releases failed + # body: See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}