-
-
Notifications
You must be signed in to change notification settings - Fork 207
207 lines (189 loc) · 6.5 KB
/
Copy pathearly-release.yml
File metadata and controls
207 lines (189 loc) · 6.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
name: Create Early Access Release
on:
workflow_dispatch:
pull_request:
types:
- closed
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
DOCKER_IMAGE_NAME: schemacrawler/schemacrawler
DOCKER_IMAGE_TAG: early-access-release
DOCKERFILE_PATH: ./schemacrawler-distrib/Dockerfile
DOCKER_CONTEXT_PATH: ./schemacrawler-distrib/target/_expanded-distribution/
jobs:
build:
name: Create Early Access Release
if: |
github.actor != 'dependabot[bot]' &&
((github.event.pull_request.merged == true &&
github.event.pull_request.base.ref == 'main') ||
github.event_name == 'workflow_dispatch')
runs-on: ubuntu-latest
permissions:
id-token: write # Required for OIDC authentication
contents: write # Required to create a new tag
steps:
# SETUP BUILD ENVIRONMENT
- id: prepare-maven-build
name: Prepare Maven build
uses: sualeh/prepare-maven-build@v1.7.2
with:
java-version: 17
- id: install-graphviz
name: Install Graphviz
uses: sualeh/install-graphviz@v1.0.3
# BUILD DEPENDENCIES
- id: build-schemacrawler-core
name: Build SchemaCrawler-Core
uses: sualeh/build-maven-dependency@v1.0.8
with:
repository: schemacrawler/SchemaCrawler-Core
artifact: us.fatehi:schemacrawler:17.11.4
# BUILD FOR DISTRIBUTION
- id: build
name: Build and test for distribution
shell: bash
run: |
# Build
# ... and install (for later phase of Docker image tests)
mvn \
--no-transfer-progress \
--batch-mode \
-Ddistrib \
clean install
- id: show-distrib
name: Show distribution directory
shell: bash
run: |
# Show distribution directory
echo "Show distribution directory"
ls -1R ./schemacrawler-distrib/target/_expanded-distribution
# CREATE GITHUB RELEASE
- id: create-release
name: Create GitHub early access release
uses: softprops/action-gh-release@v3
with:
target_commitish: ${{ github.sha }}
tag_name: ${{ env.DOCKER_IMAGE_TAG }}
token: ${{ secrets.GITHUB_TOKEN }}
name: ${{ env.DOCKER_IMAGE_TAG }}
draft: false
prerelease: true
body: |
SchemaCrawler early access release at last commit ${{ github.sha }}
generate_release_notes: true
files: |
./schemacrawler-distrib/target/schemacrawler-17.11.4-bin.zip
./schemacrawler-distrib/target/schemacrawler-17.11.4-bin.zip.SHA-512
overwrite_files: true
# MOVE GITHUB TAG
- id: install-gitsign
name: Install gitsign for commit signing
# See https://github.com/chainguard-dev/actions/blob/main/setup-gitsign/action.yml
uses: chainguard-dev/actions/setup-gitsign@f0be69916b439d0fcced2451b23d0f27cd46d545
- id: move-tag
name: Move early-access-release tag
env:
GITSIGN_CONNECTOR_ID: "https://github.com/login/oauth"
GITSIGN_TOKEN_PROVIDER: "github-actions"
shell: bash
run: |
# Move early-access-release tag
# Set up user
git config user.name "Sualeh Fatehi"
git config user.email "sualeh@hotmail.com"
# Confirm gitsign is installed
gitsign --version
# Move tag
git tag -d ${{ env.DOCKER_IMAGE_TAG }} || true
git push --delete origin ${{ env.DOCKER_IMAGE_TAG }} || true
git tag -a ${{ env.DOCKER_IMAGE_TAG }} -m "SchemaCrawler AI Early Access Release"
git push --follow-tags origin ${{ env.DOCKER_IMAGE_TAG }}
git show --no-patch ${{ env.DOCKER_IMAGE_TAG }}
# BUILD AND PUBLISH DOCKER IMAGE
- id: setup-qemu
name: Setup QEMU
uses: docker/setup-qemu-action@v4
- id: setup-buildx
name: Setup Docker Buildx
uses: docker/setup-buildx-action@v4
- id: docker-login
name: Log into Docker Hub
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- id: validate-build-configuration
name: Validate build configuration
uses: docker/build-push-action@v7
with:
call: check
file: ${{ env.DOCKERFILE_PATH }}
context: ${{ env.DOCKER_CONTEXT_PATH }}
load: false
push: false
- id: meta
name: Set up Docker metadata
uses: docker/metadata-action@v6
with:
images: |
${{ env.DOCKER_IMAGE_NAME }}
tags: |
type=raw,value=${{ env.DOCKER_IMAGE_TAG }},priority=1200
labels: |
maintainer=Sualeh Fatehi <sualeh@hotmail.com>
org.opencontainers.image.authors=Sualeh Fatehi <sualeh@hotmail.com>
org.opencontainers.image.vendor=SchemaCrawler
org.opencontainers.image.licenses=(EPL-2.0)
org.opencontainers.image.url=https://www.schemacrawler.com/
org.opencontainers.image.documentation=https://github.com/schemacrawler/SchemaCrawler-Usage
- id: build-docker-image
name: Build Docker image locally
uses: docker/build-push-action@v7
with:
call: build
file: ${{ env.DOCKERFILE_PATH }}
context: ${{ env.DOCKER_CONTEXT_PATH }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Build just for runner platform
platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
load: true
push: false
- id: test-docker-image
name: Test Docker image build
shell: bash
run: |
# Run the Testcontainers integration test
# This will pull the Docker image, start and verify it
mvn \
--no-transfer-progress \
--batch-mode \
-Dverify \
-Ddocker_image_tag=${{ env.DOCKER_IMAGE_TAG }} \
-pl schemacrawler-verify \
test
- id: push-docker-image
name: Build and push Docker image
uses: docker/build-push-action@v7
with:
call: build
file: ${{ env.DOCKERFILE_PATH }}
context: ${{ env.DOCKER_CONTEXT_PATH }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: |-
linux/amd64
linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
sbom: true
provenance: true
load: false
push: true