generated from SAP/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 6
127 lines (111 loc) · 4.81 KB
/
perform-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: "Perform Release"
on:
workflow_dispatch:
inputs:
release_pr_number:
description: "The PR number of the release PR"
required: true
skip-pr-merge:
description: "Whether to skip merging the PRs"
required: false
default: false
type: boolean
env:
MVN_CLI_ARGS: --batch-mode --no-transfer-progress --fail-at-end --show-version -DskipTests
JAVA_VERSION: 17
jobs:
prerequisites:
name: "Prerequisites"
outputs:
release-version: ${{ steps.determine-branch-names.outputs.RELEASE_VERSION }}
release-tag: ${{ steps.determine-branch-names.outputs.RELEASE_TAG }}
code-branch: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }}
release-commit: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }}
permissions:
pull-requests: read
contents: read
runs-on: ubuntu-latest
steps:
- name: "Determine Branch Names"
id: determine-branch-names
run: |
if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then
echo "[DEBUG] Taking branch name from pull request event"
BRANCH_NAME=${{ github.event.pull_request.head.ref }}
elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo "[DEBUG] Taking branch name from workflow dispatch event"
BRANCH_NAME=$(gh pr view ${{ github.event.inputs.release_pr_number }} --repo "${{ github.repository }}" --json headRefName | jq -r '.headRefName')
else
echo "Cannot determine branch name from event '${{ github.event_name }}'"
exit 1
fi
RELEASE_VERSION=$(echo "$BRANCH_NAME" | cut -d '-' -f2)
echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_OUTPUT
echo "RELEASE_TAG=rel/$RELEASE_VERSION" >> $GITHUB_OUTPUT
echo "CODE_BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_OUTPUT
echo "RELEASE_COMMIT=$(gh release view "$RELEASE_TAG" --repo "${{ github.repository }}" --json targetCommitish | jq -r '.targetCommitish')" >> $GITHUB_OUTPUT
echo "[DEBUG] Current GITHUB_OUTPUT: '$(cat $GITHUB_OUTPUT)'"
env:
GH_TOKEN: ${{ github.token }}
- name: "Checkout Repository"
uses: actions/checkout@v4
- name: "Check Whether Code PR Can Be Merged"
if: ${{ inputs.skip-pr-merge != 'true' }}
uses: ./.github/actions/pr-is-mergeable
with:
pr-ref: ${{ steps.determine-branch-names.outputs.CODE_BRANCH_NAME }}
excluded-check-runs: |
{
\"Continuous Integration\": [\"Run BlackDuck Scan\", \"Run Security Rating\"],
\"dependabot merger\": []
}
- name: "Check Code Release Commit Continuous Integration"
if: ${{ inputs.skip-pr-merge != 'true' }}
uses: ./.github/actions/workflow-succeeded
with:
workflow: "Continuous Integration"
sha: ${{ steps.determine-branch-names.outputs.RELEASE_COMMIT }}
release:
name: "Release"
needs: [ prerequisites ]
runs-on: ubuntu-latest
permissions:
contents: write # needed to modify the release draft
pull-requests: write # needed to merge the release PR
steps:
- name: "Setup java"
uses: actions/setup-java@v4
with:
distribution: "sapmachine"
java-version: ${{ env.JAVA_VERSION }}
- name: "Download Release Asset"
id: download-asset
run: |
gh release download ${{ needs.prerequisites.outputs.release-tag }} --dir ./ --repo "${{ github.repository }}"
# x=extract v=verbose z=decompress f=file C=destination directory
tar -xvzf release-artifacts.tar.gz -C .
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: "Import GPG Key"
run: |
echo "${{ secrets.PGP_PRIVATE_KEY }}" | gpg --batch --passphrase "$PASSPHRASE" --import
env:
PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
- name: "Create settings.xml"
run: |
echo '${{ secrets.CENTRAL_SONATYPE_SETTINGS_XML }}' > settings.xml
- name: "Deploy"
run: |
MVN_ARGS="${{ env.MVN_CLI_ARGS }} -Drelease -s settings.xml"
mvn deploy $MVN_ARGS
env:
MAVEN_GPG_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
- name: "Merge Code PR"
if: ${{ inputs.skip-pr-merge != 'true' }}
run: gh pr merge --squash "${{ needs.prerequisites.outputs.code-branch }}" --delete-branch --repo "${{ github.repository }}"
env:
GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}
- name: "Publish the Draft Release"
run: gh release edit ${{ needs.prerequisites.outputs.release-tag }} --draft=false --repo "${{ github.repository }}"
env:
GH_TOKEN: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}