Skip to content

Merge pull request #2253 from microsoftgraph/v1.0/pipelinebuild/174332 #626

Merge pull request #2253 from microsoftgraph/v1.0/pipelinebuild/174332

Merge pull request #2253 from microsoftgraph/v1.0/pipelinebuild/174332 #626

name: Maven Preview/Release and GitHub Release
on:
push:
branches: [main]
paths-ignore:
- '.gradle/wrapper'
- '.gitignore'
- 'LICENSE'
- 'THIRD PARTY NOTICES'
- '*.md'
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
workflow_dispatch:
env:
PREVIEW_TASK: publishToSonatype
PUBLISH_TASK: publishToSonatype closeAndReleaseSonatypeStagingRepository
JAVA_VERSION: 21
JAVA_DISTRIBUTION: 'temurin'
permissions:
contents: write
jobs:
maven_Preview:
if: ${{ github.ref == 'refs/heads/main' }}
environment:
name: maven_central_snapshot
runs-on: ubuntu-latest
needs: validate-package-contents
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DISTRIBUTION}}
cache: gradle
- name: Detect secrets
run: |
pip install detect-secrets
git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline
- name: Download File
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }}
OUTPUT_PATH: '.\local.properties'
- name: Download File
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.SECRING_GPG }}
OUTPUT_PATH: '.\secring.gpg'
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Publish
run: ./gradlew $PREVIEW_TASK
maven_Release:
if: ${{ startsWith(github.ref, 'refs/tags/') && github.actor == 'release-please[bot]'}}
environment:
name: maven_central_release
runs-on: ubuntu-latest
needs: validate-package-contents
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DISTRIBUTION}}
cache: gradle
- name: Detect secrets
run: |
pip install detect-secrets
git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline
- name: Download File
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }}
OUTPUT_PATH: '.\local.properties'
- name: Download File
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.SECRING_GPG }}
OUTPUT_PATH: '.\secring.gpg'
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Publish
run: ./gradlew $PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix=""
- name: Upload Build Artifact
uses: actions/upload-artifact@v4
with:
name: drop
path: |
**/libs/*
build/generated-pom.xml
build/generated-pom.xml.asc
build.gradle
gradlew
gradlew.bat
settings.gradle
gradle.properties
**/gradle/**
scripts/**
- name: GitHub Release
uses: softprops/action-gh-release@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
fail_on_unmatched_files: true
files: |
build/**/*.jar
validate-package-contents:
runs-on: ubuntu-latest
environment: ${{ contains(github.ref, 'refs/tags/v') && 'maven_central_release' || 'maven_central_snapshot' }}
defaults:
run:
working-directory: ./
steps:
- uses: actions/checkout@v4
- name: Setup JDK
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DISTRIBUTION}}
cache: gradle
- name: Download file
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }}
OUTPUT_PATH: 'local.properties'
- name: Download file
run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
shell: pwsh
env:
ENCODED_VALUE: ${{ secrets.SECRING_GPG }}
OUTPUT_PATH: '.\secring.gpg'
- name: Publish to local Maven cache for validation
run: ./gradlew --no-daemon publishToMavenLocal
- name: Get current SNAPSHOT version
shell: pwsh
run: |
$contents = Get-Content gradle.properties -Raw
$major = $contents | Select-String -Pattern 'mavenMajorVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value }
$minor = $contents | Select-String -Pattern 'mavenMinorVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value }
$patch = $contents | Select-String -Pattern 'mavenPatchVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value }
$version = "$major.$minor.$patch-SNAPSHOT"
echo "Current version is $version"
echo "PACKAGE_VERSION=$version" >> $Env:GITHUB_ENV
- name: Inspect contents of local Maven cache
shell: pwsh
run: |
.\scripts\validatePackageContents.ps1 -ArtifactId microsoft-graph -Version $env:PACKAGE_VERSION