build: implement new release workflow (#31)

* build: implement new release workflow * Trigger build
eclipse-edc · Sep 4, 2024 · 5c092a9 · 5c092a9
1 parent 11c1db6
commit 5c092a9
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 151 deletions.
diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
@@ -58,22 +58,18 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        test-def: [ { repo: "runtime-metamodel",    workflowfile: "verify.yaml" },
-                    { repo: "gradleplugins",        workflowfile: "verify.yaml" },
-                    { repo: "connector",            workflowfile: "verify.yaml" },
-                    { repo: "identityhub",          workflowfile: "verify.yaml" },
-                    { repo: "federatedcatalog",     workflowfile: "verify.yaml" }]
+        repository: [ "runtime-metamodel", "gradleplugins", "connector", "identityhub", "federatedcatalog" ]
 
     steps:
       - uses: actions/checkout@v4
       - name: "Log version"
         run: |
           echo "Will build version ${{ needs.Determine-Version.outputs.VERSION }}"
 
-      - name: "Run test for ${{ matrix.test-def.repo }}"
+      - name: "Run test for ${{ matrix.repository }}"
         run: |
           chmod +x ./scripts/github_action.sh
-          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.test-def.repo }}" "${{ matrix.test-def.workflowfile}}" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}"
+          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.repository }}" "verify.yaml" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}"
 
   Publish-Components:
     needs: [ Determine-Version, Run-All-Tests ]

diff --git a/.github/workflows/publish-all-in-one.yaml b/.github/workflows/publish-all-in-one.yaml
@@ -6,7 +6,7 @@ on:
       version:
         type: string
         required: true
-        description: "The version that should be released. "
+        description: "The version that should be released."
       branch: 
         type: string
         required: false
@@ -24,52 +24,33 @@ on:
         default: "main"
         description: "The branch which to publish. must exist in all repos!"
 
-# these environment variables will be read by prepare.sh
+# these environment variables will be read by release-setup.sh
 env:
-  VERSION: ${{ github.event.inputs.version || inputs.version }}
-  SOURCE_BRANCH: ${{ github.event.inputs.branch || inputs.branch }} 
+  VERSION: ${{ inputs.version }}
+  SOURCE_BRANCH: ${{ inputs.branch }}
 
 jobs:
-  secrets-presence:
-    name: "Check for required credentials"
-    runs-on: ubuntu-latest
-    outputs:
-      HAS_OSSRH: ${{ steps.secret-presence.outputs.HAS_OSSRH }}
-    steps:
-      - name: Check whether secrets exist
-        id: secret-presence
-        run: |
-          [ ! -z "${{ secrets.ORG_GPG_PASSPHRASE }}" ] &&
-          [ ! -z "${{ secrets.ORG_GPG_PRIVATE_KEY }}" ] &&
-          [ ! -z "${{ secrets.ORG_OSSRH_USERNAME }}" ] && echo "HAS_OSSRH=true" >> $GITHUB_OUTPUT
-          exit 0
 
   Publish-All-Components:
     runs-on: ubuntu-latest
-    needs: [ secrets-presence ]
     steps:
       - uses: actions/checkout@v4
-
       - uses: eclipse-edc/.github/.github/actions/setup-build@main
 
-      - name: "Prepare all-in-one project"
+      - name: release setup
         run: |
-          ./prepare.sh
+          echo "Launch release setup on branch $SOURCE_BRANCH and version $VERSION"
+          ./release-setup.sh
 
       - name: "Display project structure"
         run: ./gradlew projects
 
-      # Import GPG Key
       - uses: eclipse-edc/.github/.github/actions/import-gpg-key@main
-        if: |
-          needs.secrets-presence.outputs.HAS_OSSRH
         name: "Import GPG Key"
         with:
           gpg-private-key: ${{ secrets.ORG_GPG_PRIVATE_KEY }}
 
       - name: "Publish all-in-one project"
-        if: |
-          needs.secrets-presence.outputs.HAS_OSSRH
         env:
           OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }}
           OSSRH_USER: ${{ secrets.ORG_OSSRH_USERNAME }}
@@ -82,4 +63,3 @@ jobs:
           echo "Publishing Version $VERSION to Sonatype"
           ./gradlew publishToSonatype ${cmd} --no-parallel -Pversion=$VERSION -Psigning.gnupg.executable=gpg -Psigning.gnupg.passphrase="${{ secrets.ORG_GPG_PASSPHRASE }}" \
               -Dorg.gradle.internal.network.retry.max.attempts=5 -Dorg.gradle.internal.network.retry.initial.backOff=5000
-
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -6,121 +6,60 @@ on:
         description: Semantic Version string to use for this release
         required: true
       branch: 
-        description: Source ranch from which the version should be created. If omitted, 'main' is used.
-        required: false
-        default: "main"
-
-env:
-  INPUT_VERSION: ${{ github.event.inputs.version || inputs.version }}
-  INPUT_SOURCE_BRANCH: ${{ github.event.inputs.branch || inputs.branch }}
-
+        description: Source branch from which the version should be created. 'main' should never be used, to create a release branch please trigger the "prepare" workflow before.
+        required: true
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
 
-  Secrets-Presence:
-    name: "Check for required credentials"
-    runs-on: ubuntu-latest
-    outputs:
-      HAS_GH_PAT: ${{ steps.secrets-presence.outputs.HAS_GH_PAT }}
-      HAS_WEBHOOK: ${{ steps.secrets-presence.outputs.HAS_WEBHOOK }}
-    steps:
-      - name: Check whether secrets exist
-        id: secrets-presence
-        run: |
-          [ ! -z "${{ secrets.ORG_GITHUB_BOT_USER }}" ] &&
-          [ ! -z "${{ secrets.ORG_GITHUB_BOT_TOKEN }}" ] && echo "HAS_GH_PAT=true" >> $GITHUB_OUTPUT
-          [ ! -z "${{ secrets.DISCORD_GITHUB_CI_WEBHOOK }}" ] && echo "HAS_WEBHOOK=true" >> $GITHUB_OUTPUT
-          exit 0
-
-  Determine-Version:
-    # this looks to be necessary because some constructs as "with" are not able to get values from env
-    runs-on: ubuntu-latest
-    outputs:
-      VERSION: ${{ steps.get-version.outputs.VERSION }}
-    steps:
-      - name: "Extract version"
-        id: get-version
-        run: echo "VERSION=${{ env.INPUT_VERSION }}" >> "$GITHUB_OUTPUT"
-
-  Determine-Branch:
-    # this looks to be necessary because some constructs as "with" are not able to get values from env
-    runs-on: ubuntu-latest
-    outputs: 
-      SOURCE_BRANCH: ${{ steps.get-branch.outputs.BRANCH }}
-    steps:
-      - name: "Get branch"
-        id: get-branch
-        run: echo "SOURCE_BRANCH=${{ env.INPUT_SOURCE_BRANCH }}" >> "$GITHUB_OUTPUT"
-
   Run-All-Tests:
     name: "Run tests"
     runs-on: ubuntu-latest
-    needs: [ Secrets-Presence, Determine-Version ]
-    if: |
-      needs.Secrets-Presence.outputs.HAS_GH_PAT
     strategy:
       fail-fast: false
       matrix:
-        test-def: [ { repo: "runtime-metamodel",    workflowfile: "ci.yaml" },
-                    { repo: "gradleplugins",        workflowfile: "test.yaml" },
-                    { repo: "connector",            workflowfile: "verify.yaml" },
-                    { repo: "identityhub",          workflowfile: "verify.yaml" },
-                    { repo: "federatedcatalog",     workflowfile: "verify.yaml" } ]
+        repository: [ "runtime-metamodel", "gradleplugins", "connector", "identityhub", "federatedcatalog" ]
     steps:
       - uses: actions/checkout@v4
 
       - name: "Run test for ${{ matrix.test-def.repo }}"
         run: |
           chmod +x ./scripts/github_action.sh
-          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.test-def.repo }}" "${{ matrix.test-def.workflowfile}}" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}" "${{ env.INPUT_SOURCE_BRANCH }}"
+          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.repository }}" "verify.yaml" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}" "${{ inputs.branch }}"
 
   Publish-Components:
-    needs: [ Determine-Version, Determine-Branch, Run-All-Tests ]
+    needs: [ Run-All-Tests ]
     uses: ./.github/workflows/publish-all-in-one.yaml
     with:
-      version: ${{ needs.Determine-Version.outputs.VERSION }}
-      branch: "${{ needs.Determine-Branch.outputs.SOURCE_BRANCH }}"
+      version: ${{ inputs.version }}
+      branch: ${{ inputs.branch }}
     secrets: inherit
 
   Release-Components:
     name: "Release Components"
     runs-on: ubuntu-latest
-    needs: [Secrets-Presence, Determine-Version, Determine-Branch, Publish-Components ]
-    if: |
-      needs.Secrets-Presence.outputs.HAS_GH_PAT && 
-      needs.Determine-Branch.outputs.SOURCE_BRANCH == 'main'
+    needs: [ Publish-Components ]
     strategy:
       fail-fast: false
-      max-parallel: 1
       matrix:
-        test-def: [ { repo: "runtime-metamodel", workflowfile: "release-rm.yml",          versionfield: "edc_version" },
-                    { repo: "gradleplugins",     workflowfile: "release-all-java.yml",    versionfield: "metamodel_version" },
-                    { repo: "connector",         workflowfile: "release-edc.yml",         versionfield: "edc_version" },
-                    { repo: "identityhub",       workflowfile: "release-identityhub.yml", versionfield: "ih_version" },
-                    { repo: "federatedcatalog",  workflowfile: "release-fcc.yml",         versionfield: "edc_version" }]
+        repository: [ "runtime-metamodel", "gradleplugins", "connector", "identityhub", "federatedcatalog" ]
     steps:
       - uses: actions/checkout@v4
       - name: "Log version"
         run: |
-          echo "Will release version ${{ needs.Determine-Version.outputs.VERSION }}"
+          echo "Will release version ${{ inputs.version }}"
 
       - name: "Release ${{ matrix.test-def.repo }}"
         run: |
           chmod +x ./scripts/github_action.sh
-          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.test-def.repo }}" "${{ matrix.test-def.workflowfile}}" "{\"${{ matrix.test-def.versionfield }}\": \"${{ needs.Determine-Version.outputs.VERSION }}\"}" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}"
-
-      - name: "Publish new SNAPSHOT version for ${{ matrix.test-def.repo }}"
-        run: |
-          chmod +x ./scripts/github_action.sh
-          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.test-def.repo }}" "trigger_snapshot.yml" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}"
+          ./scripts/github_action.sh "eclipse-edc" "${{ matrix.repository }}" "release.yml" "" "${{ secrets.ORG_GITHUB_BOT_USER }}" "${{ secrets.ORG_GITHUB_BOT_TOKEN }}" "${{ inputs.branch }}"
 
   Post-To-Discord:
-    needs: [ Publish-Components, Release-Components, Determine-Version, Secrets-Presence ]
-    if: needs.Secrets-Presence.outputs.HAS_WEBHOOK && always()
+    needs: [ Publish-Components, Release-Components ]
+    if: always()
     runs-on: ubuntu-latest
     steps:
       - uses: sarisia/actions-status-discord@v1
@@ -129,6 +68,6 @@ jobs:
           webhook: ${{ secrets.DISCORD_GITHUB_CI_WEBHOOK }}
           # if the publishing is skipped, that means the preceding test run failed
           status: ${{ needs.Publish-Components.result == 'skipped' && 'Failure' || needs.Publish-Components.result }}
-          title: "Nightly Build"
-          description: "Build and publish ${{ needs.Determine-Version.outputs.VERSION }}"
+          title: "Release Core"
+          description: "Build and publish ${{ inputs.version }}"
           username: GitHub Actions
diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml
@@ -9,13 +9,16 @@ on:
       - '**.md'
 
 jobs:
-  Prepare:
+  setup:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - uses: eclipse-edc/.github/.github/actions/setup-build@main
-      - name: verifies that prepare doesn't throw errors
-        run: VERSION=0.0.1-ci-SNAPSHOT ./prepare.sh
+      - name: verifies that release setup works correctly
+        run: |
+          export VERSION=0.0.1-ci-SNAPSHOT 
+          export SOURCE_BRANCH=main 
+          ./release-setup.sh
       - name: publish to maven local
         run: |
           ./gradlew -Pskip.signing=true publishToMavenLocal \

diff --git a/README.md b/README.md
@@ -1,10 +1,11 @@
 # EDC Release
 
-This gradle project prepares the EDC for a full release
+EDC core repositories release
 
 ## Run
 
-```
-SOURCE_BRANCH=<git_source_branch> # this is optional
-VERSION=<version number> ./prepare.sh
+```shell
+export SOURCE_BRANCH=<git_source_branch>
+export VERSION=<version number>
+./release-setup.sh
 ```
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -2,7 +2,7 @@
 format.version = "1.1"
 
 [versions]
-edc = "0.8.1"
+edc = "0.7.3"
 
 [libraries]
 edc-build = { module = "org.eclipse.edc.edc-build:org.eclipse.edc.edc-build.gradle.plugin", version.ref = "edc" }
diff --git a/prepare.sh → release-setup.sh b/prepare.sh → release-setup.sh
@@ -2,10 +2,16 @@
 
 set -ve
 
-# if SOURCE_BRANCH is not set, set it to "main"
+# release should always happen from a dedicated branch, SOURCE_BRANCH must be set
 if [ -z "${SOURCE_BRANCH}" ]; then
-  echo "SOURCE_BRANCH variable not set, will default to 'main'"
-  SOURCE_BRANCH="main"
+  echo "SOURCE_BRANCH variable not set and it is mandatory."
+  exit 1;
+fi
+
+# VERSION is mandatory
+if [ -z "${VERSION}" ]; then
+  echo "VERSION variable not set and it is mandatory."
+  exit 1;
 fi
 
 echo "Will build version '$VERSION' off of branch '$SOURCE_BRANCH'"
@@ -19,9 +25,7 @@ toVersionCatalogName () {
   echo $lower
 }
 
-# the components that need to be built
-#declare -a components=("Runtime-Metamodel" "GradlePlugins" "Connector" "IdentityHub" "RegistrationService" "FederatedCatalog")
-# RegistrationService has been excluded because currently it can't work with the IATP implementation
+# the core components
 declare -a components=("Runtime-Metamodel" "GradlePlugins" "Connector" "IdentityHub" "FederatedCatalog")
 
 # create the base settings.gradle.kts file containing the version catalogs
@@ -49,6 +53,9 @@ dependencyResolutionManagement {
         mavenLocal()
     }
     versionCatalogs {
+        create("runtimemetamodel"){
+          from("org.eclipse.edc:runtime-metamodel-versions:$VERSION")
+        }
         create("gradleplugins") {
           from("org.eclipse.edc:edc-versions:$VERSION")
         }
@@ -61,9 +68,6 @@ dependencyResolutionManagement {
         create("federatedcatalog") {
           from("org.eclipse.edc:federated-catalog-versions:$VERSION")
         }
-        create("runtimemetamodel"){
-          from("org.eclipse.edc:runtime-metamodel-versions:$VERSION")
-        }
     }
 }
 
@@ -89,39 +93,32 @@ EOF
 for component in "${components[@]}"
 do
   rm -rf "$component"
-  git clone -b $SOURCE_BRANCH "https://github.com/eclipse-edc/$component"
+  git clone -b "$SOURCE_BRANCH" "https://github.com/eclipse-edc/$component"
 done
 
-# if the version variable is set, set it in the various gradle.properties and settings.gradle.kts files, otherwise leave the old version
-if [ -n "$VERSION" ]
-then
-  # TODO: new release process:
-  # set the project version
-  # ...
-  # set the edc dependency version
-  # ...
-  # the rows until the end of the if branch can be removed then
-
-  # read the old version from the Connector's gradle.properties
-  oldVersion=$(grep "version" Connector/gradle.properties  | awk -F= '{print $2}')
-  sed -i "s#$oldVersion#$VERSION#g" $(find . -name "gradle.properties")
-  sed -i "s#$oldVersion#$VERSION#g" $(find . -name "libs.versions.toml")
-  sed -i "s#$oldVersion#$VERSION#g" $(find . -name "settings.gradle.kts")
-fi
+# update the project version
+sed -i 's#^version=.*#version='"$VERSION"'#g' $(find . -name "gradle.properties")
 
-# prebuild and publish plugins and modules to local repository, this needed to permit the all-in-one publish later
-versionProp=""
-if [ ! -z "$VERSION" ]
-then
-  versionProp="-Pversion=$VERSION"
-fi
+# update the eventual core library version in the version catalog
+sed -i 's#^edc\s*=\s*.*#edc = "'"$VERSION"'"#g' $(find . -name "libs.versions.toml")
+
+# update the versions in the DEPENDENCIES files
+sed -i "s#maven/mavencentral/org.eclipse.edc/\(.*\)/\([^,]*\),\(.*\)#maven/mavencentral/org.eclipse.edc/\1/$VERSION,\3#g" $(find . -name "DEPENDENCIES")
 
+# Copy LICENSE and NOTICE.md files to root, to be included in the jar
+cp Connector/LICENSE .
+cp Connector/NOTICE.md .
+
+# create a comprehensive DEPENDENCIES file on root, to be included in the jar
+cat */DEPENDENCIES | sort -u > DEPENDENCIES
+
+# prebuild and publish plugins and modules to local repository, this needed to permit the all-in-one publish later
 for component in "${components[@]}"
 do
   # publish artifacts to maven local
   echo "Build and publish to maven local component $component"
   cd "$component"
-  ./gradlew -Pskip.signing "${versionProp}" publishToMavenLocal -Dorg.gradle.internal.network.retry.max.attempts=5 -Dorg.gradle.internal.network.retry.initial.backOff=5000
+  ./gradlew -Pskip.signing "-Pversion=$VERSION" publishToMavenLocal -Dorg.gradle.internal.network.retry.max.attempts=5 -Dorg.gradle.internal.network.retry.initial.backOff=5000
   cd ..
 done