Skip to content
.github/workflows/release.yml

AE-1686: removing obsolete property #24

Sign in to view logs

AE-1686: removing obsolete property

AE-1686: removing obsolete property #24

Workflow file for this run

.github/workflows/release.yml at a6f5a78
name: Create Release

Check failure on line 1 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yml

Invalid workflow file 

(Line: 137, Col: 14): Unrecognized named-value: 'main'. Located at position 1 within expression: main
on:
workflow_dispatch:
inputs:
version:
description: 'Release version. Must be valid semantic versioning.'
required: true
type: string
ae-core-version:
description: 'Valid metaeffekt-core version tag.'
required: true
type: string
ae-artifact-analysis-version:
description: 'Valid metaeffekt-artifact-analysis version tag.'
required: true
type: string
trigger-workbench-release:
description: 'If true, triggers a workbench release based on this kontinuum release.'
default: true
type: boolean
env:
MIRROR_URL: "https://metaeffekt.com/mirror/ae-vulnerability-mirror/ae-mirror-index_gen5-external.tar.gz"
permissions:
contents: write
jobs:
release:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Create release branch
shell: bash
run: |
git config --local user.email "github-actions[bot]@metaeffekt.com"
git config --local user.name "github-actions[bot]"
git checkout -B release/${{ inputs.version }}
- uses: actions/setup-java@v4
with:
distribution: zulu
java-version: '17'
- name: Adjust core and artifact-analysis versions
run: |
sed -i 's|<ae.core.version>HEAD-SNAPSHOT</ae.core.version>|<ae.core.version>${{ inputs.ae-core-version }}</ae.core.version>|g' \
processors/_common_/ae-kontinuum-processors.xml
sed -i 's|<ae.artifact.analysis.version>HEAD-SNAPSHOT</ae.artifact.analysis.version>|<ae.artifact.analysis.version>${{ inputs.ae-artifact-analysis-version }}</ae.artifact.analysis.version>|g' \
processors/_common_/ae-kontinuum-processors.xml
- name: Checkout metaeffekt-workbench
run: |
git clone https://github.com/org-metaeffekt/metaeffekt-workbench.git ${{ github.workspace }}/.metaeffekt-workbench
cd ${{ github.workspace }}/.metaeffekt-workbench
git checkout ${{ inputs.ae-workbench-version }}
- name: Adjust core and artifact-analysis versions in workbench
run: |
cd ${{ github.workspace }}/.metaeffekt-workbench
sed -i 's|<ae.core.version>HEAD-SNAPSHOT</ae.core.version>|<ae.core.version>${{ inputs.ae-core-version }}</ae.core.version>|' templates/report-template/pom.xml
sed -i 's|<ae.artifact.analysis.version>HEAD-SNAPSHOT</ae.artifact.analysis.version>|<ae.artifact.analysis.version>${{ inputs.ae-artifact-analysis-version }}</ae.artifact.analysis.version>|' templates/report-template/pom.xml
sed -i 's|<ae.core.version>HEAD-SNAPSHOT</ae.core.version>|<ae.core.version>${{ inputs.ae-core-version }}</ae.core.version>|' processors/workbench-parent.xml
sed -i 's|<ae.artifact.analysis.version>HEAD-SNAPSHOT</ae.artifact.analysis.version>|<ae.artifact.analysis.version>${{ inputs.ae-artifact-analysis-version }}</ae.artifact.analysis.version>|' processors/workbench-parent.xml
- name: Create external.rc file
run: |
touch ${{ github.workspace }}/external.rc
echo "EXTERNAL_WORKBENCH_DIR=${{ github.workspace }}/.metaeffekt-workbench" >> ${{ github.workspace }}/external.rc
echo "EXTERNAL_VULNERABILITY_MIRROR_DIR=${{ github.workspace }}/.mirror" >> ${{ github.workspace }}/external.rc
echo "EXTERNAL_VULNERABILITY_MIRROR_URL=${{ env.MIRROR_URL }}" >> ${{ github.workspace }}/external.rc
echo "NVD_API_KEY=${{ secrets.NVD_API_KEY }}" >> ${{ github.workspace }}/external.rc
echo "AE_CORE_VERSION=${{ inputs.ae-core-version }}" >> ${{ github.workspace }}/external.rc
echo "AE_ARTIFACT_ANALYSIS_VERSION=${{ inputs.ae-artifact-analysis-version }}" >> ${{ github.workspace }}/external.rc
echo "DUMP_LOGS=true" >> ${{ github.workspace }}/external.rc
- name: Restore vulnerability mirror and maven index cache
uses: actions/cache/restore@v4
with:
key: key-${{ inputs.ae-core-version }}-${{ inputs.ae-artifact-analysis-version }}
path: |
.mirror
.maven-index
- name: Run test pipelines
shell: bash
env:
AE_CORE_VERSION: ${{ inputs.ae-core-version }}
AE_ARTIFACT_ANALYSIS_VERSION: ${{ inputs.ae-artifact-analysis-version }}
run: |
./tests/scripts/pipelines/001_remote.sh
- name: Save vulnerability mirror and maven index cache
uses: actions/cache/save@v4
if: ${{ always() }}
with:
key: key-${{ inputs.ae-core-version }}-${{ inputs.ae-artifact-analysis-version }}
path: |
.mirror
.maven-index
- uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: logs
path: .logs
- name: Commit changes
if: ${{ !env.ACT }}
run: |
git add processors/_common_/ae-kontinuum-processors.xml
git commit -m "Release ${{ inputs.version }}" || echo "No changes to commit"
# We need to use --force here as previous failed pipeline might have pushed to the branch already.
- name: Push changes
if: ${{ !env.ACT }}
run: git push --set-upstream origin "release/${{ inputs.version }}" --force
- name: Create Release
if: ${{ !env.ACT }}
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ inputs.version }}
target_commitish: "release/${{ inputs.version }}"
name: ${{ inputs.version }}
draft: false
prerelease: false
- name: Release workbench
if: ${{ inputs.trigger-workbench-release }}
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.ACCESS_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/org-metaeffekt/metaeffekt-workbench/actions/workflows/209808056/dispatches \
-d '{"ref":"${{ main }}", "inputs":{"ae-kontinuum-version": "${{ inputs.version }}", "ae-core-version": "${{ inputs.ae-core-version }}", "ae-artifact-analysis-version": "${{ inputs.ae-artifact-analysis-version }}", "version": "${{ inputs.version }}"}}'