Release SDK #28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release SDK | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: "Version tag (e.g. v1.2.3)" | |
| required: true | |
| type: string | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| concurrency: | |
| group: release | |
| cancel-in-progress: false | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: Only Main | |
| timeout-minutes: 15 | |
| outputs: | |
| merge_sha: ${{ steps.create_pr.outputs.merge_sha }} | |
| defaults: | |
| run: | |
| shell: bash --noprofile --norc -euo pipefail {0} | |
| env: | |
| TAG: ${{ inputs.version }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| with: | |
| ref: main | |
| - name: Setup jdk | |
| uses: actions/setup-java@91d3aa4956ec4a53e477c4907347b5e3481be8c9 # v2.5.1 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '21' | |
| - name: Validate version format | |
| run: | | |
| if ! echo "$TAG" | grep -qE '^v[0-9]+\.[0-9]+\.[0-9]+$'; then | |
| echo "ERROR: Version must be in format vX.X.X (e.g., v1.2.3), got: $TAG" >&2 | |
| exit 1 | |
| fi | |
| echo "Version format valid: $TAG" | |
| - name: Check tag does not exist | |
| run: | | |
| git fetch --tags | |
| if git tag -l | grep -q "^${TAG}$"; then | |
| echo "ERROR: Tag $TAG already exists" >&2 | |
| exit 1 | |
| fi | |
| echo "Tag $TAG does not exist. Proceeding..." | |
| - name: Configure git user | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| - name: Create release branch | |
| run: | | |
| BRANCH_NAME="release/${TAG}" | |
| if git ls-remote --exit-code --heads origin "$BRANCH_NAME" >/dev/null 2>&1; then | |
| echo "ERROR: Branch $BRANCH_NAME already exists" >&2 | |
| exit 1 | |
| fi | |
| git checkout -b "$BRANCH_NAME" | |
| - name: Update version in libs.versions.toml | |
| run: | | |
| VERSION_NUMBER="${TAG#v}" | |
| sed -i "s|^nubrick = \".*\"|nubrick = \"${VERSION_NUMBER}\"|" gradle/libs.versions.toml | |
| echo "Updated version to $VERSION_NUMBER" | |
| git add gradle/libs.versions.toml | |
| git commit -m "[bot] Release ${TAG}: update version" | |
| - name: Push release branch and create PR | |
| id: create_pr | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| BRANCH_NAME="release/${TAG}" | |
| git push origin "$BRANCH_NAME" | |
| PR_URL=$(gh pr create \ | |
| --base main \ | |
| --head "$BRANCH_NAME" \ | |
| --title "Release ${TAG}" \ | |
| --body "Automated release PR for ${TAG}") | |
| echo "Created PR: $PR_URL" | |
| gh pr merge "$BRANCH_NAME" --squash || gh pr merge "$BRANCH_NAME" --merge | |
| MERGE_SHA=$(gh pr view "$BRANCH_NAME" --json mergeCommit --jq '.mergeCommit.oid') | |
| echo "merge_sha=$MERGE_SHA" >> "$GITHUB_OUTPUT" | |
| echo "Merge commit: $MERGE_SHA" | |
| - name: Create tag and publish release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| MERGE_SHA: ${{ steps.create_pr.outputs.merge_sha }} | |
| run: | | |
| git fetch origin "$MERGE_SHA" | |
| git checkout "$MERGE_SHA" | |
| git tag -a "$TAG" -m "Release $TAG" | |
| git push origin "$TAG" | |
| gh release create "$TAG" \ | |
| --title "$TAG" \ | |
| --target "$MERGE_SHA" \ | |
| --generate-notes | |
| - name: Make archive | |
| run: | | |
| GPG_SIGNING_KEY=$(echo "$GPG_SIGNING_KEY_BASE64" | base64 --decode) ./gradlew makeArchive | |
| env: | |
| GPG_SIGNING_KEY_BASE64: ${{ secrets.GPG_SIGNING_KEY }} | |
| GPG_SIGNING_KEY_PASSPHRASE: ${{ secrets.GPG_SIGNING_KEY_PASSPHRASE }} | |
| - name: Publish to Maven Central | |
| run: | | |
| ls nubrick/build/distributions | |
| curl --fail-with-body --request POST \ | |
| --header "Authorization: Bearer $(echo "$SONATYPE_USERNAME:$SONATYPE_PASSWORD" | base64)" \ | |
| --form bundle="@nubrick/build/distributions/$(ls nubrick/build/distributions)" \ | |
| 'https://central.sonatype.com/api/v1/publisher/upload?publishingType=AUTOMATIC' | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| test: | |
| needs: release | |
| uses: ./.github/workflows/test-android.yaml | |
| with: | |
| ref: ${{ needs.release.outputs.merge_sha }} | |
| e2e: | |
| needs: release | |
| uses: ./.github/workflows/e2e.yaml | |
| secrets: inherit | |
| with: | |
| ref: ${{ needs.release.outputs.merge_sha }} |