Publish release #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| prepare_release: | |
| description: 'Prepare release' | |
| type: boolean | |
| required: false | |
| default: true | |
| publish_artifacts: | |
| description: 'Publish maven artifacts' | |
| type: boolean | |
| required: false | |
| default: true | |
| jobs: | |
| release: | |
| runs-on: ubuntu-latest | |
| environment: release | |
| strategy: | |
| fail-fast: true | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - name: Check branch | |
| if: ${{ github.ref != 'refs/heads/master' }} | |
| run: echo "Invalid branch. This action can only be run on the master branch." && exit 1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.PRESTODB_CI_TOKEN }} | |
| ref: master | |
| show-progress: false | |
| fetch-depth: 5 | |
| fetch-tags: true | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| overwrite-settings: true | |
| server-id: ossrh | |
| server-username: NEXUS_USERNAME | |
| server-password: NEXUS_PASSWORD | |
| gpg-private-key: ${{ secrets.GPG_SECRET }} | |
| - name: Setup git | |
| run: | | |
| git config --global --add safe.directory ${{github.workspace}} | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "prestodb-ci" | |
| git config --global alias.ls 'log --pretty=format:"%cd %h %ce: %s" --date=short --no-merges' | |
| git config pull.rebase false | |
| git ls -3 | |
| - name: Get current version | |
| run: | | |
| CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| echo "CURRENT_VERSION=${CURRENT_VERSION}" | |
| echo "CURRENT_VERSION=${CURRENT_VERSION}" >> $GITHUB_ENV | |
| - name: Prepare release | |
| if: ${{ inputs.prepare_release }} | |
| run: | | |
| mvn release:prepare -B -DskipTests \ | |
| -DautoVersionSubmodules=true \ | |
| -DgenerateBackupPoms=false | |
| echo "RELEASE_VERSION=$(grep scm.tag= release.properties | cut -d'=' -f2)" >> $GITHUB_ENV | |
| git ls -5 | |
| - name: Set release version | |
| if: ${{ !inputs.prepare_release }} | |
| env: | |
| CURRENT_VERSION: ${{ env.CURRENT_VERSION }} | |
| run: | | |
| VERSION_WITHOUT_SNAPSHOT=${CURRENT_VERSION%-SNAPSHOT} | |
| VERSION=${VERSION_WITHOUT_SNAPSHOT%.*} | |
| RELEASE_VERSION=$((VERSION - 1)) | |
| echo "RELEASE_VERSION=${RELEASE_VERSION}" | |
| echo "RELEASE_VERSION=${RELEASE_VERSION}" >> $GITHUB_ENV | |
| - name: Set up GPG key | |
| if: ${{ inputs.publish_artifacts }} | |
| env: | |
| GPG_TTY: $(tty) | |
| GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" | |
| GPG_KEY_FILE: /tmp/gpg-key.txt | |
| run: | | |
| echo "${{ secrets.GPG_SECRET }}" > ${{ env.GPG_KEY_FILE }} | |
| chmod 600 ${{ env.GPG_KEY_FILE }} | |
| gpg --import --batch ${{ env.GPG_KEY_FILE }} | |
| gpg --batch --yes --pinentry-mode loopback --passphrase "${{ secrets.GPG_PASSPHRASE }}" --sign ${{ env.GPG_KEY_FILE }} | |
| - name: Publish maven artifacts | |
| if: ${{ inputs.publish_artifacts }} | |
| env: | |
| NEXUS_USERNAME: "${{ secrets.NEXUS_USERNAME }}" | |
| NEXUS_PASSWORD: "${{ secrets.NEXUS_PASSWORD }}" | |
| GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" | |
| RELEASE_VERSION: "${{ env.RELEASE_VERSION }}" | |
| run: | | |
| echo "RELEASE_VERSION=${RELEASE_VERSION}" | |
| git checkout "${RELEASE_VERSION}" | |
| git ls -4 | |
| mvn -V -B -U -e -T2C deploy \ | |
| -DautoReleaseAfterClose=true \ | |
| -Dgpg.passphrase="${GPG_PASSPHRASE}" \ | |
| -DkeepStagingRepositoryOnCloseRuleFailure=true \ | |
| -DkeepStagingRepositoryOnFailure=true \ | |
| -DskipTests \ | |
| -Poss-release \ | |
| -Pdeploy-to-ossrh \ | |
| -DstagingProgressTimeoutMinutes=10 | |
| - name: Push changes and tags | |
| if: ${{ inputs.prepare_release }} | |
| run: | | |
| git checkout master | |
| git ls -5 | |
| git push origin master --tags |