Publish Release #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Release | |
| on: | |
| workflow_dispatch: | |
| repository_dispatch: | |
| types: [stdlib-release-pipeline] | |
| jobs: | |
| publish-release: | |
| name: Release Package | |
| runs-on: ubuntu-22.04 | |
| if: github.repository_owner == 'wso2' | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 21.0.3 | |
| - name: Build without Tests | |
| env: | |
| packageUser: ${{ github.actor }} | |
| packagePAT: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| git config --global user.name ${{ secrets.BALLERINA_BOT_USERNAME }} | |
| git config --global user.email ${{ secrets.BALLERINA_BOT_EMAIL }} | |
| ./gradlew build -x test | |
| - name: Create lib Directory if not Exists | |
| run: mkdir -p ballerina/lib | |
| - name: Run Trivy Vulnerability Scanner | |
| uses: aquasecurity/trivy-action@v0.35.0 | |
| env: | |
| TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db | |
| TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db | |
| with: | |
| scan-type: "rootfs" | |
| scan-ref: "${{ github.workspace }}/ballerina/lib" | |
| format: "table" | |
| timeout: "10m0s" | |
| exit-code: "1" | |
| scanners: "vuln" | |
| cache-dir: "/tmp/trivy-cache" | |
| - name: Get Release Version | |
| run: echo "VERSION=$(grep -w 'version' gradle.properties | cut -d= -f2 | sed -E 's/-(SNAPSHOT|[0-9]{8}-[0-9]{6}-[a-z0-9]+)$//')" >> $GITHUB_ENV | |
| - name: Pre-Release Dependency Version Update | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| run: | | |
| echo "Version: ${VERSION}" | |
| git checkout -b release-${VERSION} | |
| sed -i 's/ballerinaLangVersion=\(.*\)-SNAPSHOT/ballerinaLangVersion=\1/g' gradle.properties | |
| sed -i 's/ballerinaLangVersion=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/ballerinaLangVersion=\1/g' gradle.properties | |
| sed -i 's/stdlib\(.*\)=\(.*\)-SNAPSHOT/stdlib\1=\2/g' gradle.properties | |
| sed -i 's/stdlib\(.*\)=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/stdlib\1=\2/g' gradle.properties | |
| sed -i 's/observe\(.*\)=\(.*\)-SNAPSHOT/observe\1=\2/g' gradle.properties | |
| sed -i 's/observe\(.*\)=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/observe\1=\2/g' gradle.properties | |
| sed -i 's/ballerinaToOpenApiVersion=\(.*\)-[0-9]\{8\}-[0-9]\{6\}-.*$/ballerinaToOpenApiVersion=\1/g' gradle.properties | |
| git add gradle.properties | |
| git commit -m "Move dependencies to stable versions" || echo "No changes to commit" | |
| - name: Publish Package | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| BALLERINA_CENTRAL_ACCESS_TOKEN: ${{ secrets.BALLERINA_CENTRAL_ACCESS_TOKEN }} | |
| packageUser: ${{ secrets.BALLERINA_BOT_USERNAME }} | |
| packagePAT: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| publishUser: ${{ secrets.BALLERINA_BOT_USERNAME }} | |
| publishPAT: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| CENTRAL_VERBOSE_ENABLED: true | |
| run: | | |
| ./gradlew clean release -Prelease.useAutomaticVersion=true | |
| ./gradlew -Pversion=${VERSION} publish -x test -PpublishToCentral=true | |
| - name: GitHub Release and Release Sync PR | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} | |
| run: | | |
| gh release create v$VERSION --title "ballerina-module-strict-library-v$VERSION" | |
| gh pr create --head release-${VERSION} --base ${GITHUB_REF##*/} --title "[Automated] Sync ${GITHUB_REF##*/} after $VERSION release" --body "Sync ${GITHUB_REF##*/} after $VERSION release" |