v2.0.0 #9
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GitHub Actions Workflow created for handling the release process based on the draft release prepared with the Build workflow. | |
| # Running the publishPlugin task requires all following secrets to be provided: PUBLISH_TOKEN, PRIVATE_KEY, PRIVATE_KEY_PASSWORD, CERTIFICATE_CHAIN. | |
| # See https://plugins.jetbrains.com/docs/intellij/plugin-signing.html for more information. | |
| name: Release | |
| on: | |
| release: | |
| types: [prereleased, released] | |
| jobs: | |
| # Prepare and publish the plugin to the Marketplace repository | |
| release: | |
| name: Publish Plugin | |
| runs-on: ubuntu-latest | |
| env: | |
| RELEASE_TAG: ${{ github.event.release.tag_name }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Fetch Sources | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.GITHUB_SHA }} | |
| - name: Download plugin | |
| uses: dawidd6/action-download-artifact@v2 | |
| with: | |
| workflow: build.yml | |
| commit: ${{ env.GITHUB_SHA }} | |
| name: ".+[Ss]urveyor-\\d.+" | |
| name_is_regexp: true | |
| path: plugin-artifact | |
| # Publish the plugin to the Marketplace | |
| # - name: Publish Plugin | |
| # TODO: Revert back to publishing the plugin | |
| #- name: Build release version of plugin | |
| # env: | |
| # PUBLISH_TOKEN: ${{ secrets.PUBLISH_TOKEN }} | |
| # CERTIFICATE_CHAIN: ${{ secrets.CERTIFICATE_CHAIN }} | |
| # PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }} | |
| # PRIVATE_KEY_PASSWORD: ${{ secrets.PRIVATE_KEY_PASSWORD }} | |
| # run: ./gradlew -x buildPlugin signPlugin | |
| # Upload artifact as a release asset | |
| - name: Extract manifest data | |
| id: prepare | |
| run: | | |
| set -x | |
| unzip "$(find ${{ github.workspace }}/plugin-artifact/*/*.zip)" -d ${{ github.workspace }}/plugin-artifact | |
| unzip "$(find ${{ github.workspace }}/plugin-artifact/*/lib/instrumented-plugin-*.jar)" -d ${{ github.workspace }}/plugin-artifact | |
| VERSION=$(yq '.Version' ${{ github.workspace }}/plugin-artifact/META-INF/MANIFEST.MF) | |
| [[ "v$VERSION" == "$RELEASE_TAG" ]] | |
| [[ "$(git rev-list -n 1 "v$VERSION")" == "$GITHUB_SHA" ]] | |
| echo "version=$VERSION" >> "$GITHUB_OUTPUT" | |
| EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
| echo "changelog<<$EOF" >> "$GITHUB_OUTPUT" | |
| yq -p=xml -o=yaml '.idea-plugin.change-notes' ${{ github.workspace }}/plugin-artifact/META-INF/plugin.xml >> "$GITHUB_OUTPUT" | |
| echo "$EOF" >> "$GITHUB_OUTPUT" | |
| cat "$GITHUB_OUTPUT" | |
| - name: Upload Release Asset | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo 'sha256sum of the uploaded file is (please compare this sum with the sum from Garnix workflow):' | |
| sha256sum -b "$(find ${{ github.workspace }}/plugin-artifact/*/*.zip)" | |
| gh release upload $RELEASE_TAG "$(find ${{ github.workspace }}/plugin-artifact/*/*.zip)" | |
| # Create a branch for PR updating Unreleased section with the current release note | |
| - name: Fetch Sources | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.GITHUB_SHA }} | |
| - name: Gradle Wrapper Validation | |
| uses: gradle/actions/wrapper-validation@v3 | |
| # Setup Java environment for the next steps | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: zulu | |
| java-version: 17 | |
| # Setup Gradle | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| with: | |
| gradle-home-cache-cleanup: true | |
| - name: Patch Changelog | |
| if: ${{ steps.prepare.outputs.changelog != '' }} | |
| env: | |
| CHANGELOG: ${{ steps.prepare.outputs.changelog }} | |
| run: | | |
| ./gradlew patchChangelog | |
| - name: Create a Branch for a Pull Request | |
| if: ${{ steps.prepare.outputs.changelog != '' }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| VERSION="$RELEASE_TAG" | |
| BRANCH="changelog-update-$VERSION" | |
| LABEL="release changelog" | |
| git config user.email "action@github.com" | |
| git config user.name "GitHub Action" | |
| git checkout -b $BRANCH | |
| git commit -am "Changelog update - $VERSION" | |
| git push --set-upstream origin $BRANCH | |
| gh label create "$LABEL" \ | |
| --description "Pull requests with release changelog update" \ | |
| --force \ | |
| || true | |
| # gh pr create \ | |
| # --title "Changelog update - \`$VERSION\`" \ | |
| # --body "Current pull request contains patched \`CHANGELOG.md\` file for the \`$VERSION\` version." \ | |
| # --label "$LABEL" \ | |
| # --head $BRANCH | |
| - name: Collect Dependency Verification Errors | |
| if: ${{ failure() }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ github.job }}-dependency-verification-errors | |
| path: | | |
| ${{ github.workspace }}/build/reports/dependency-verification | |
| ${{ github.workspace }}/**/build/reports/dependency-verification |