Merge pull request #1445 from microsoft/feat/automate-ossrh-release #319
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Gradle Build and Publish | |
on: | |
workflow_dispatch: | |
push: | |
tags: ['v*'] | |
branches: ['main'] | |
permissions: | |
contents: write | |
env: | |
PREVIEW_TASK: publishToSonatype | |
PUBLISH_TASK: publishToSonatype closeSonatypeStagingRepository | |
jobs: | |
release-to-maven-central-snapshot: | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
environment: maven_central_snapshot | |
defaults: | |
run: | |
working-directory: ./ | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup JDK | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
distribution: 'temurin' | |
cache: gradle | |
- name: Detect Secrets | |
uses: RobertFischer/detect-secrets-action@v2.0.0 | |
- name: Download file | |
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH | |
shell: pwsh | |
env: | |
ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }} | |
OUTPUT_PATH: 'local.properties' | |
- name: Download file | |
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH | |
shell: pwsh | |
env: | |
ENCODED_VALUE: ${{ secrets.SECRING_GPG }} | |
OUTPUT_PATH: 'secring.gpg' | |
- name: Copy secring | |
run: | | |
Copy-Item secring.gpg components/abstractions/ -Verbose | |
Copy-Item secring.gpg components/authentication/azure/ -Verbose | |
Copy-Item secring.gpg components/serialization/form/ -Verbose | |
Copy-Item secring.gpg components/serialization/text/ -Verbose | |
Copy-Item secring.gpg components/serialization/json/ -Verbose | |
Copy-Item secring.gpg components/serialization/multipart/ -Verbose | |
Copy-Item secring.gpg components/http/okHttp/ -Verbose | |
Copy-Item secring.gpg components/bundle/ -Verbose | |
shell: pwsh | |
- name: Publish to local Maven cache | |
run: ./gradlew --no-daemon publishToMavenLocal | |
- name: Get current SNAPSHOT version | |
shell: pwsh | |
run: | | |
$contents = Get-Content gradle.properties -Raw | |
$major = $contents | Select-String -Pattern 'mavenMajorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$minor = $contents | Select-String -Pattern 'mavenMinorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$patch = $contents | Select-String -Pattern 'mavenPatchVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$version = "$major.$minor.$patch-SNAPSHOT" | |
echo "Current version is $version" | |
echo "PACKAGE_VERSION=$version" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append | |
- name: Inspect contents of local Maven cache | |
shell: pwsh | |
run: | | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-abstractions -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-authentication-azure -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-http-okHttp -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-form -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-json -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-text -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-multipart -Version $PACKAGE_VERSION | |
- name: Publish to Snapshot Repository | |
run: ./gradlew --no-daemon $PREVIEW_TASK | |
working-directory: ./ | |
release-to-maven-central: | |
if: contains(github.ref, 'refs/tags/v') | |
runs-on: ubuntu-latest | |
environment: maven_central | |
defaults: | |
run: | |
working-directory: ./ | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup JDK | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
distribution: 'temurin' | |
cache: gradle | |
- name: Detect Secrets | |
uses: RobertFischer/detect-secrets-action@v2.0.0 | |
- name: Download file | |
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH | |
shell: pwsh | |
env: | |
ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }} | |
OUTPUT_PATH: 'local.properties' | |
- name: Download file | |
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH | |
shell: pwsh | |
env: | |
ENCODED_VALUE: ${{ secrets.SECRING_GPG }} | |
OUTPUT_PATH: 'secring.gpg' | |
- name: Copy secring | |
run: | | |
Copy-Item secring.gpg components/abstractions/ -Verbose | |
Copy-Item secring.gpg components/authentication/azure/ -Verbose | |
Copy-Item secring.gpg components/serialization/form/ -Verbose | |
Copy-Item secring.gpg components/serialization/text/ -Verbose | |
Copy-Item secring.gpg components/serialization/json/ -Verbose | |
Copy-Item secring.gpg components/serialization/multipart/ -Verbose | |
Copy-Item secring.gpg components/http/okHttp/ -Verbose | |
Copy-Item secring.gpg components/bundle/ -Verbose | |
shell: pwsh | |
- name: Publish to local Maven cache for validation | |
run: ./gradlew --no-daemon publishToMavenLocal | |
- name: Get current SNAPSHOT version | |
shell: pwsh | |
run: | | |
$contents = Get-Content gradle.properties -Raw | |
$major = $contents | Select-String -Pattern 'mavenMajorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$minor = $contents | Select-String -Pattern 'mavenMinorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$patch = $contents | Select-String -Pattern 'mavenPatchVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } | |
$version = "$major.$minor.$patch-SNAPSHOT" | |
echo "Current version is $version" | |
echo "PACKAGE_VERSION=$version" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append | |
- name: Inspect contents of local Maven cache | |
shell: pwsh | |
run: | | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-abstractions -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-authentication-azure -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-http-okHttp -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-form -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-json -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-text -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-serialization-multipart -Version $PACKAGE_VERSION | |
.\scripts\ValidatePackageContents.ps1 -ArtifactId microsoft-kiota-bundle -Version $PACKAGE_VERSION | |
- name: Publish Release abstractions #publishing all components at once often results in split staging repos which fails to release | |
run: ./gradlew --no-daemon :components:abstractions:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release serialization form | |
run: ./gradlew --no-daemon :components:serialization:form:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release serialization json | |
run: ./gradlew --no-daemon :components:serialization:json:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release serialization text | |
run: ./gradlew --no-daemon :components:serialization:text:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release serialization multipart | |
run: ./gradlew --no-daemon :components:serialization:multipart:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release authentication azure | |
run: ./gradlew --no-daemon :components:authentication:azure:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release okHttp | |
run: ./gradlew --no-daemon :components:http:okHttp:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Publish Release bundle | |
run: ./gradlew --no-daemon :components:bundle:$PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" | |
- name: Release | |
uses: anton-yurchenko/git-release@v6.0 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
DRAFT_RELEASE: "false" | |
PRE_RELEASE: "false" | |
CHANGELOG_FILE: "CHANGELOG.md" | |
ALLOW_EMPTY_CHANGELOG: "true" |