8.0.0-M1 #45
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Licensed to the Apache Software Foundation (ASF) under one or more | |
| # contributor license agreements. See the NOTICE file distributed with | |
| # this work for additional information regarding copyright ownership. | |
| # The ASF licenses this file to You under the Apache License, Version 2.0 | |
| # (the "License"); you may not use this file except in compliance with | |
| # the License. You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| name: "Release" | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: write | |
| packages: read | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GRAILS_PUBLISH_RELEASE: true | |
| JAVA_DISTRIBUTION: liberica | |
| JAVA_VERSION: 21.0.10 # this must be a specific version for reproducible builds, keep it synced with .sdkmanrc | |
| PROJECT_DESC: > | |
| Apache Grails Spring Security adds production-ready | |
| authentication and authorization to Apache Grails applications. | |
| PROJECT_NAME: Apache Grails Spring Security | |
| REPO_NAME: ${{ github.event.repository.name }} | |
| REPO_SLUG: ${{ github.repository }} | |
| SVN_FOLDER: spring-security | |
| TAG: ${{ github.event.release.tag_name }} | |
| VERSION: will be computed in each job | |
| concurrency: | |
| group: release-pipeline | |
| cancel-in-progress: false | |
| jobs: | |
| publish: | |
| name: "Stage Jar Files" | |
| permissions: | |
| packages: read # pre-release workflow | |
| contents: write # to create release | |
| issues: write # to modify milestones | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: "π Output Agent IP" # in the event RAO blocks this agent, this can be used to debug it | |
| run: curl -s https://api.ipify.org | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ env.TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} # This should not be needed as ${{ github.token }} is the default, but there have been issues with it. | |
| - name: "π Store common build date" # to ensure a reproducible build | |
| run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> "$GITHUB_ENV" | |
| - name: "π Ensure source files use common date" | |
| run: find . -depth \( -type f -o -type d \) -exec touch -d "@${SOURCE_DATE_EPOCH}" {} + | |
| - name: "π Set up GPG" | |
| run: | | |
| echo "${{ secrets.GRAILS_GPG_KEY }}" | gpg --batch --import | |
| gpg --list-keys | |
| env: | |
| GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} | |
| - name: "βοΈ Setup JDK" | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: ${{ env.JAVA_DISTRIBUTION }} | |
| java-version: ${{ env.JAVA_VERSION }} | |
| - name: "π Setup Gradle" | |
| uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 | |
| with: | |
| develocity-access-key: ${{ secrets.GRAILS_DEVELOCITY_ACCESS_KEY }} | |
| - name: "βοΈ Run pre-release" | |
| uses: apache/grails-github-actions/pre-release@asf | |
| env: | |
| RELEASE_VERSION: ${{ env.VERSION }} | |
| - name: "β¨ Create Staging Repository" | |
| env: | |
| NEXUS_PUBLISH_USERNAME: ${{ secrets.NEXUS_STAGE_DEPLOYER_USER }} | |
| NEXUS_PUBLISH_PASSWORD: ${{ secrets.NEXUS_STAGE_DEPLOYER_PW }} | |
| NEXUS_PUBLISH_URL: ${{ vars.STAGING_URL }} | |
| NEXUS_PUBLISH_STAGING_PROFILE_ID: ${{ secrets.STAGING_PROFILE_ID }} | |
| NEXUS_PUBLISH_DESCRIPTION: '${{ env.REPO_NAME }}:${{ env.VERSION }}' | |
| SIGNING_KEY: ${{ secrets.GPG_KEY_ID }} | |
| run: ./gradlew initializeSonatypeStagingRepository | |
| - name: "π€ Publish to Staging Repository" | |
| env: | |
| NEXUS_PUBLISH_USERNAME: ${{ secrets.NEXUS_STAGE_DEPLOYER_USER }} | |
| NEXUS_PUBLISH_PASSWORD: ${{ secrets.NEXUS_STAGE_DEPLOYER_PW }} | |
| NEXUS_PUBLISH_URL: ${{ vars.STAGING_URL }} | |
| NEXUS_PUBLISH_STAGING_PROFILE_ID: ${{ secrets.STAGING_PROFILE_ID }} | |
| NEXUS_PUBLISH_DESCRIPTION: '${{ env.REPO_NAME }}:${{ env.VERSION }}' | |
| SIGNING_KEY: ${{ secrets.GPG_KEY_ID }} | |
| run: > | |
| ./gradlew findSonatypeStagingRepository | |
| publishToSonatype | |
| aggregateChecksums | |
| aggregatePublishedArtifacts | |
| -x initializeSonatypeStagingRepository | |
| - name: "β Close Staging Repository" | |
| env: | |
| NEXUS_PUBLISH_USERNAME: ${{ secrets.NEXUS_STAGE_DEPLOYER_USER }} | |
| NEXUS_PUBLISH_PASSWORD: ${{ secrets.NEXUS_STAGE_DEPLOYER_PW }} | |
| NEXUS_PUBLISH_URL: ${{ vars.STAGING_URL }} | |
| NEXUS_PUBLISH_STAGING_PROFILE_ID: ${{ secrets.STAGING_PROFILE_ID }} | |
| NEXUS_PUBLISH_DESCRIPTION: '${{ env.REPO_NAME }}:${{ env.VERSION }}' | |
| SIGNING_KEY: ${{ secrets.GPG_KEY_ID }} | |
| run: > | |
| ./gradlew findSonatypeStagingRepository | |
| closeSonatypeStagingRepository | |
| -x initializeSonatypeStagingRepository | |
| - name: "π Generate build date file" | |
| run: echo "$SOURCE_DATE_EPOCH" >> build/BUILD_DATE.txt | |
| - name: "π€ Upload build date, checksums and published artifacts files" | |
| uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 | |
| with: | |
| tag_name: ${{ env.TAG }} | |
| files: | | |
| build/BUILD_DATE.txt | |
| build/CHECKSUMS.txt | |
| build/PUBLISHED_ARTIFACTS.txt | |
| source: | |
| # to ensure we never publish any build artifacts, run the source distribution as a separate build workflow | |
| name: "Create Source Distribution" | |
| needs: publish | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| path: ${{ env.REPO_NAME }} | |
| ref: ${{ env.TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} # This should not be needed as ${{ github.token }} is the default, but there have been issues with it. | |
| - name: "ποΈ Remove unnecessary files" | |
| working-directory: ${{ env.REPO_NAME }} | |
| run: | | |
| rm -f gradle/wrapper/gradle-wrapper.jar | |
| rm -f gradle/wrapper/gradle-wrapper.properties | |
| rm -f gradlew | |
| rm -f gradlew.bat | |
| rm -f .asf.yaml | |
| - name: "π₯ Download CHECKSUMS.txt and rename to CHECKSUMS" | |
| working-directory: ${{ env.REPO_NAME }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| release_url=$(gh release view "$TAG" --json assets --repo "$REPO_SLUG" --jq '.assets[] | select(.name == "CHECKSUMS.txt") | .url') | |
| curl -f -L -H "Authorization: token $GH_TOKEN" -o CHECKSUMS "$release_url" | |
| - name: "π₯ Download PUBLISHED_ARTIFACTS.txt and rename to PUBLISHED_ARTIFACTS" | |
| working-directory: ${{ env.REPO_NAME }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| release_url=$(gh release view "$TAG" --json assets --repo "$REPO_SLUG" --jq '.assets[] | select(.name == "PUBLISHED_ARTIFACTS.txt") | .url') | |
| curl -f -L -H "Authorization: token $GH_TOKEN" -o PUBLISHED_ARTIFACTS "$release_url" | |
| - name: "π₯ Download BUILD_DATE.txt and rename to BUILD_DATE" | |
| working-directory: ${{ env.REPO_NAME }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| release_url=$(gh release view "$TAG" --json assets --repo "$REPO_SLUG" --jq '.assets[] | select(.name == "BUILD_DATE.txt") | .url') | |
| curl -f -L -H "Authorization: token $GH_TOKEN" -o BUILD_DATE "$release_url" | |
| - name: "π Ensure source files use common date" | |
| run: | | |
| SOURCE_DATE_EPOCH=$(cat ${REPO_NAME}/BUILD_DATE) | |
| find . -depth \( -type f -o -type d \) -exec touch -d "@${SOURCE_DATE_EPOCH}" {} + | |
| - name: "π¦ Create source distribution ZIP" | |
| run: | | |
| zip -r \ | |
| "apache-${REPO_NAME}-${VERSION}-src.zip" \ | |
| "$REPO_NAME" \ | |
| -x "${REPO_NAME}/.git/*" \ | |
| -x "${REPO_NAME}/.github/*" | |
| - name: "π Set up GPG" | |
| run: | | |
| echo "${{ secrets.GRAILS_GPG_KEY }}" | gpg --batch --import | |
| gpg --list-keys | |
| env: | |
| GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} | |
| - name: "π Sign source distribution ZIP" | |
| env: | |
| GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} | |
| run: | | |
| gpg \ | |
| --default-key "$GPG_KEY_ID" \ | |
| --batch \ | |
| --yes \ | |
| --pinentry-mode loopback \ | |
| --armor \ | |
| --detach-sign "apache-${REPO_NAME}-${VERSION}-src.zip" | |
| - name: "π¦ Create source distribution checksum" | |
| run: | | |
| sha512sum "./apache-${REPO_NAME}-${VERSION}-src.zip" \ | |
| > "apache-${REPO_NAME}-${VERSION}-src.zip.sha512" | |
| cat "./apache-${REPO_NAME}-${VERSION}-src.zip.sha512" | |
| - name: "π Upload ZIP and Signature to GitHub Release" | |
| uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 | |
| with: | |
| tag_name: ${{ env.TAG }} | |
| files: | | |
| apache-${{ env.REPO_NAME }}-${{ env.VERSION }}-src.zip | |
| apache-${{ env.REPO_NAME }}-${{ env.VERSION }}-src.zip.sha512 | |
| apache-${{ env.REPO_NAME }}-${{ env.VERSION }}-src.zip.asc | |
| - name: "ποΈ Remove CHECKSUMS.txt asset from release" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| gh release delete-asset \ | |
| "$TAG" \ | |
| CHECKSUMS.txt \ | |
| --repo "$REPO_SLUG" \ | |
| --yes | |
| - name: "ποΈ Remove BUILD_DATE.txt asset from release" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| gh release delete-asset \ | |
| "$TAG" \ | |
| BUILD_DATE.txt \ | |
| --repo "$REPO_SLUG" \ | |
| --yes | |
| - name: "ποΈ Remove PUBLISHED_ARTIFACTS.txt asset from release" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| gh release delete-asset \ | |
| "$TAG" \ | |
| PUBLISHED_ARTIFACTS.txt \ | |
| --repo "$REPO_SLUG" \ | |
| --yes | |
| upload: | |
| name: "Upload Source Distribution" | |
| needs: [ publish, source ] | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| env: | |
| SVN_USERNAME: ${{ secrets.SVC_DIST_GRAILS_USERNAME }} | |
| SVN_PASSWORD: ${{ secrets.SVC_DIST_GRAILS_PASSWORD }} | |
| steps: | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "βοΈ Setup SVN and Tools" | |
| run: sudo apt-get install -y subversion subversion-tools tree gettext-base | |
| - name: "π Ensure grails dev folder exists" | |
| run: | | |
| set -e | |
| if svn ls https://dist.apache.org/repos/dist/dev/grails --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive; then | |
| echo "Dev Folder [grails] already exists β skipping creation" | |
| else | |
| echo "Dev Folder [grails] does not exist, creating" | |
| svnmucc --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive \ | |
| mkdir https://dist.apache.org/repos/dist/dev/grails \ | |
| -m "Create 'grails' dev folder" | |
| fi | |
| - name: "π Ensure grails ${{ env.SVN_FOLDER }} folder exists" | |
| run: | | |
| set -e | |
| if svn ls "https://dist.apache.org/repos/dist/dev/grails/${SVN_FOLDER}" --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive; then | |
| echo "Dev Folder [grails/${SVN_FOLDER}] already exists β skipping creation" | |
| else | |
| echo "Dev Folder [grails/${SVN_FOLDER}] does not exist, creating" | |
| svnmucc --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive \ | |
| mkdir "https://dist.apache.org/repos/dist/dev/grails/${SVN_FOLDER}" \ | |
| -m "Create 'grails ${SVN_FOLDER}' dev folder" | |
| fi | |
| - name: "π₯ Checkout dev repo" | |
| run: | | |
| svn checkout --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive "https://dist.apache.org/repos/dist/dev/grails/${SVN_FOLDER}" dev-repo | |
| - name: "ποΈ Remove existing dev version" | |
| run: | | |
| cd dev-repo | |
| if [ -d "$VERSION" ]; then | |
| svn delete "$VERSION" | |
| svn commit -m "Remove grails ${SVN_FOLDER} dev version ${VERSION}" --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive | |
| else | |
| echo "No existing dev version ${VERSION} to remove" | |
| fi | |
| - name: "π₯ Fetch source distributions" | |
| run: | | |
| cd dev-repo | |
| mkdir -p "${VERSION}/sources" | |
| cd "${VERSION}/sources" | |
| curl -f -LO "https://github.com/${REPO_SLUG}/releases/download/${TAG}/apache-${REPO_NAME}-${VERSION}-src.zip" | |
| curl -f -LO "https://github.com/${REPO_SLUG}/releases/download/${TAG}/apache-${REPO_NAME}-${VERSION}-src.zip.sha512" | |
| curl -f -LO "https://github.com/${REPO_SLUG}/releases/download/${TAG}/apache-${REPO_NAME}-${VERSION}-src.zip.asc" | |
| echo "Downloaded the following files:" | |
| ls -l | |
| - name: "π Upload distributions" | |
| run: | | |
| cd dev-repo | |
| echo "Adding the following files to SVN:" | |
| tree | |
| svn add "$VERSION" --force | |
| svn commit -m "Upload ${PROJECT_NAME} distribution files for ${VERSION}" --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive | |
| pwd | |
| - name: "πΎ Store Distribution SVN revision in a file" | |
| run: | | |
| cd dev-repo | |
| svn info "$VERSION" > "DIST_SVN_REVISION.txt" | |
| - name: "π€ Upload the Distribution SVN revision file" | |
| uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 | |
| with: | |
| tag_name: ${{ env.TAG }} | |
| files: dev-repo/DIST_SVN_REVISION.txt | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| path: ${{ env.REPO_NAME }} | |
| ref: ${{ env.TAG }} | |
| - name: "π Fetch new sha for the release tag after pre-prelease commit" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| ref_json=$(gh api "repos/${REPO_SLUG}/git/ref/tags/${TAG}") | |
| type=$(jq -r '.object.type' <<<"$ref_json") | |
| sha=$(jq -r '.object.sha' <<<"$ref_json") | |
| if [ "$type" = "tag" ]; then | |
| sha=$(gh api "repos/${REPO_SLUG}/git/tags/${sha}" --jq '.object.sha') | |
| fi | |
| echo "Found sha: $sha" | |
| echo "SHA=${sha}" >> "$GITHUB_ENV" | |
| - name: "π§ Print Grails Vote Email" | |
| run: | | |
| export DIST_SVN_REVISION=$(awk '/Last Changed Rev:/ {print $4}' dev-repo/DIST_SVN_REVISION.txt) | |
| echo "::group::Grails PMC Vote Email" | |
| echo "" | |
| echo "TO:" | |
| echo "*************************************************" | |
| echo "dev@grails.apache.org" | |
| echo "*************************************************" | |
| echo "" | |
| echo "Subject:" | |
| echo "*************************************************" | |
| echo "[VOTE] Release ${PROJECT_NAME} ${VERSION}" | |
| echo "*************************************************" | |
| echo "Body:" | |
| echo "*************************************************" | |
| cat ${REPO_NAME}/.github/vote_templates/staged.txt | envsubst | |
| echo "*************************************************" | |
| echo "::endgroup::" | |
| release: | |
| environment: release | |
| name: 'VOTE SUCCEEDED - Release Artifacts' | |
| needs: [ publish, source, upload ] | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ env.TAG }} | |
| - name: "βοΈ Setup SVN and Tools" | |
| run: sudo apt-get install -y subversion subversion-tools tree gettext-base | |
| - name: "π³ MANUAL - Confirm Grails PMC Vote succeeded" | |
| run: | | |
| echo "::group::Manual Confirmation" | |
| echo "π Make sure that the vote confirmation on dev@grails.apache.org completed successfully before proceeding." | |
| echo "::endgroup::" | |
| - name: "βοΈ MANUAL - Send Vote Result Email" | |
| run: | | |
| echo "::group::Manual Vote Result Email" | |
| echo "" | |
| echo "Send a new email or reply to the original vote email by changing the subject." | |
| echo "" | |
| echo "TO:" | |
| echo "*************************************************" | |
| echo "dev@grails.apache.org" | |
| echo "*************************************************" | |
| echo "" | |
| echo "Subject:" | |
| echo "*************************************************" | |
| echo "[RESULT][VOTE] ${PROJECT_NAME} ${VERSION}" | |
| echo "*************************************************" | |
| echo "" | |
| echo "Body:" | |
| echo "*************************************************" | |
| cat .github/vote_templates/vote_succeeded.txt | envsubst | |
| echo "*************************************************" | |
| echo "::endgroup::" | |
| - name: "π MANUAL - Release JAR files" | |
| run: | | |
| echo "::group::Manual Jar Promotion" | |
| echo "Run .github/scripts/releaseJarFiles.sh ${REPO_NAME}:${VERSION} <ASF_USER>" | |
| echo "::endgroup::" | |
| - name: "π MANUAL - Release distribution artifacts" | |
| run: | | |
| echo "::group::Manual ASF Artifact Promotion" | |
| echo "Run .github/scripts/releaseDistributions.sh ${TAG} ${SVN_FOLDER} <ASF_USER>" | |
| echo "::endgroup::" | |
| - name: "β MANUAL - Update ASF Reporter" | |
| run: | | |
| echo "::group::Manual ASF Reporter Update" | |
| TODAY=$(date +"%Y-%m-%d") | |
| echo "Check email from no-reply@reporter.apache.org & update https://reporter.apache.org/addrelease.html?grails to add ${SVN_FOLDER^^}-${VERSION} as complete as of ${TODAY}" | |
| echo "::endgroup::" | |
| docs: | |
| environment: docs | |
| name: "VOTE SUCCEEDED - Publish Documentation" | |
| needs: [ publish, source, upload ] # TODO Once we have confirmed `release` won't fail, add it as a dependency here | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write # required for gradle.properties revert | |
| issues: write # required for milestone closing | |
| steps: | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ env.TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "π Ensure Common Build Date" # to ensure a reproducible build | |
| run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> "$GITHUB_ENV" | |
| - name: "βοΈ Setup JDK" | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: ${{ env.JAVA_DISTRIBUTION }} | |
| java-version: ${{ env.JAVA_VERSION }} | |
| - name: "π Setup Gradle" | |
| uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 | |
| with: | |
| develocity-access-key: ${{ secrets.GRAILS_DEVELOCITY_ACCESS_KEY }} | |
| - name: "π¨ Build Documentation" | |
| run: ./gradlew aggregateDocs | |
| - name: "π Publish to Github Pages" | |
| uses: apache/grails-github-actions/deploy-github-pages@asf | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GRADLE_PUBLISH_RELEASE: 'true' | |
| SOURCE_FOLDER: build/docs | |
| close: | |
| name: "VOTE SUCCEEDED - Close Release" | |
| environment: release | |
| needs: [ publish, source, upload, docs ] # TODO Once we have confirmed `release` won't fail, add it as a dependency here | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write # required for gradle.properties revert | |
| issues: write # required for milestone closing | |
| pull-requests: write # to open PR | |
| actions: write | |
| steps: | |
| - name: "π Establish release version" | |
| run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV" | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ env.TAG }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "βοΈ Setup JDK" | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: ${{ env.JAVA_DISTRIBUTION }} | |
| java-version: ${{ env.JAVA_VERSION }} | |
| - name: "π Setup Gradle" | |
| uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 | |
| with: | |
| develocity-access-key: ${{ secrets.GRAILS_DEVELOCITY_ACCESS_KEY }} | |
| - name: "βοΈ Run post-release" | |
| uses: apache/grails-github-actions/post-release@asf | |
| - name: 'π MANUAL - Create Blog Post' | |
| run: | | |
| echo "::group::Blog Post Creation - MANUAL" | |
| echo "Publish a blog post on https://grails.apache.org/blog/ about the new release [${VERSION}] using the repo https://github.com/apache/grails-static-website" | |
| echo "::endgroup::" | |
| - name: "π§ MANUAL - Send Announcement Email" | |
| run: | | |
| echo "::group::Announcement Email" | |
| echo "" | |
| echo "TO:" | |
| echo "*************************************************" | |
| echo "announce@apache.org, dev@grails.apache.org, users@grails.apache.org" | |
| echo "*************************************************" | |
| echo "" | |
| echo "Subject:" | |
| echo "*************************************************" | |
| echo "[ANNOUNCE] ${PROJECT_NAME} ${VERSION}" | |
| echo "*************************************************" | |
| echo "" | |
| echo "Body:" | |
| echo "*************************************************" | |
| cat .github/vote_templates/announce.txt | envsubst | |
| echo "*************************************************" | |
| echo "::endgroup::" |