build-release #245
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-release | |
on: | |
create: | |
branches: [ 'release/**' ] ## To create a release PR | |
push: | |
branches: [ main ] | |
tags: [ 'v*' ] | |
paths-ignore: | |
- '.github/ISSUE_TEMPLATE/**' | |
- '.github/*.yml' | |
- '*.md' | |
- 'LICENSE' | |
pull_request: | |
types: [ opened, synchronize, reopened, closed ] | |
branches: [ main ] | |
env: | |
ENABLE_TEST: true | |
ENABLE_GH_MAVEN: true | |
ENABLE_GRADLE_PLUGIN: true | |
ENABLE_SONAR: true | |
jobs: | |
context: | |
runs-on: ubuntu-latest | |
outputs: | |
branch: ${{ steps.context.outputs.branch }} | |
shouldBuild: ${{ steps.context.outputs.decision_build }} | |
shouldPublish: ${{ steps.context.outputs.decision_publish }} | |
isRelease: ${{ steps.context.outputs.isTag && steps.context.outputs.onRelease }} | |
version: ${{ steps.context.outputs.version }} | |
commitId: ${{ steps.context.outputs.commitShortId }} | |
semanticVersion: ${{ steps.semantic.outputs.semanticVersion }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.BEEIO_CI_TOKEN }} | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
git_tag_gpgsign: true | |
git_push_gpgsign: false | |
gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Project context | |
id: context | |
uses: zero88/gh-project-context@v2 | |
with: | |
changelog: true | |
mustSign: true | |
nextVerMode: MINOR | |
token: ${{ secrets.BEEIO_CI_TOKEN }} | |
- name: Find semantic version | |
id: semantic | |
shell: bash | |
run: | | |
[[ "${{ steps.context.outputs.isTag }}" == "true" ]] && sv="" || sv=$(grep semanticVersion gradle.properties | cut -d'=' -f2) | |
echo semanticVersion=$sv >> $GITHUB_OUTPUT | |
build: | |
runs-on: ubuntu-latest | |
needs: context | |
if: needs.context.outputs.shouldBuild == 'true' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
cache: 'gradle' | |
- name: Cache Gradle packages | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-build-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: ${{ runner.os }}-gradle-build | |
- name: Build | |
run: | | |
./gradlew clean build -x test \ | |
-Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \ | |
-PbuildBy="GitHub Action" \ | |
-PbuildHash=${{ needs.context.outputs.commitId }} \ | |
--no-daemon | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v4 | |
if: env.ENABLE_TEST == 'true' | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-gradle-sonar-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: ${{ runner.os }}-gradle-sonar | |
- name: Test | |
if: env.ENABLE_TEST == 'true' | |
run: ./gradlew test | |
- name: SonarQube | |
if: needs.context.outputs.shouldPublish == 'true' && env.ENABLE_TEST == 'true' && env.ENABLE_SONAR == 'true' | |
run: | | |
./gradlew sonarqube --info -x test \ | |
-Dsonar.branch.name=${{ needs.context.outputs.branch }} \ | |
-Dorg.gradle.jvmargs="-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.OSS_SONARQUBE_TOKEN }} | |
publish-snapshot: | |
name: Publish to Sonatype OSSRH | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.shouldPublish == 'true' && needs.context.outputs.isRelease != 'true' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 11 | |
cache: 'gradle' | |
- name: Publish | |
run: | | |
args=( -Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \ | |
-Pnexus.username=${{ secrets.ORG_NEXUS_USER }} \ | |
-Pnexus.password=${{ secrets.ORG_NEXUS_TOKEN }} ) | |
./gradlew publishToSonatype "${args[@]}" | |
publish-release: | |
name: Release to Sonatype OSSRH | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 11 | |
cache: 'gradle' | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
git_user_signingkey: true | |
gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Publish | |
run: | | |
args=( -Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \ | |
-PbuildBy="GitHub Action" \ | |
-PbuildHash=${{ needs.context.outputs.commitId }} \ | |
-Psigning.gnupg.homeDir=/home/runner/.gnupg \ | |
-Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \ | |
-Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \ | |
-Pnexus.username=${{ secrets.ORG_NEXUS_USER }} \ | |
-Pnexus.password=${{ secrets.ORG_NEXUS_TOKEN }} ) | |
./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository -Prelease "${args[@]}" | |
publish-plugin: | |
name: Release to Gradle plugin | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 11 | |
cache: 'gradle' | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
git_user_signingkey: true | |
gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Publish Gradle plugin | |
if: env.ENABLE_GRADLE_PLUGIN == 'true' | |
run: | | |
./gradlew publishPlugins \ | |
-Prelease \ | |
-Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \ | |
-PbuildBy="GitHub Action" -PbuildHash=${{ needs.context.outputs.commitId }} \ | |
-Psigning.gnupg.homeDir=/home/runner/.gnupg \ | |
-Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \ | |
-Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \ | |
-Pgradle.publish.key=${{ secrets.OSS_GRADLE_KEY }} \ | |
-Pgradle.publish.secret=${{ secrets.OSS_GRADLE_SECRET }} | |
publish-github: | |
name: Release to GitHub Package | |
runs-on: ubuntu-latest | |
needs: [ build, context ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 11 | |
cache: 'gradle' | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
git_user_signingkey: true | |
gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }} | |
- name: Publish GitHub Package | |
if: env.ENABLE_GH_MAVEN == 'true' | |
run: | | |
args=( -Pversion=${{ needs.context.outputs.version }} \ | |
-PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \ | |
-PbuildBy="GitHub Action" -PbuildHash=${{ needs.context.outputs.commitId }} \ | |
-Psigning.gnupg.homeDir=/home/runner/.gnupg \ | |
-Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \ | |
-Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \ | |
-Pnexus.username=${{ github.repository_owner }} \ | |
-Pnexus.password=${{ secrets.BEEIO_CI_TOKEN }} ) | |
args+=( -Pgithub ) | |
./gradlew publishToGitHub -Prelease "${args[@]}" | |
release: | |
runs-on: ubuntu-latest | |
needs: [ build, context, publish-release, publish-plugin, publish-github ] | |
if: needs.context.outputs.isRelease == 'true' | |
steps: | |
- name: Create GitHub Release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: ${{ needs.context.outputs.branch }} | |
release_name: Release ${{ needs.context.outputs.branch }} | |
generate_release_notes: true |