diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8fc3827..4dcacb9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,30 +1,36 @@ -# Automatically build the project and run any configured tests for every push -# and submitted pull request. This can help catch issues that only occur on -# certain platforms or Java versions, and provides a first line of defence -# against bad commits. +name: Build +on: + pull_request: + push: + # in some ways I would prefer paths-ignore to be more + # resilient against changes but this list is half the length + paths: + - 'libs/**' + - 'src.**' + - '*.gradle.kts' + - 'gradle**' + - '.github/workflows/build.yml' -name: build -on: [pull_request, push] +permissions: + contents: read jobs: build: - runs-on: ubuntu-24.04 + runs-on: ubuntu-latest steps: - - name: checkout repository - uses: actions/checkout@v4 - - name: validate gradle wrapper - uses: gradle/actions/wrapper-validation@v4 - - name: setup jdk - uses: actions/setup-java@v4 + - name: Checkout repository + uses: actions/checkout@v6 + - name: Setup JDK + uses: actions/setup-java@v5 with: java-version: '21' - distribution: 'microsoft' - - name: make gradle wrapper executable - run: chmod +x ./gradlew - - name: build + distribution: 'temurin' + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v5 + - name: Build Hexchanting run: ./gradlew build - - name: capture build artifacts - uses: actions/upload-artifact@v4 + - name: Capture build artifacts + uses: actions/upload-artifact@v6 with: - name: Artifacts - path: build/libs/ \ No newline at end of file + path: build/libs/ + if-no-files-found: error \ No newline at end of file diff --git a/.github/workflows/build_docs.yml b/.github/workflows/build_docs.yml index 6aa475e..c7a9277 100644 --- a/.github/workflows/build_docs.yml +++ b/.github/workflows/build_docs.yml @@ -3,20 +3,15 @@ name: Build the web book on: push: branches: ["*"] + paths: + - 'doc/**' + - 'src/**' + - 'LICENSE' + - 'README.md' + - 'pyproject.toml' + - 'uv.lock' + - '.github/workflows/build_docs.yml' pull_request: - workflow_dispatch: - inputs: - release: - description: Release this version - type: boolean - default: false - package-index: - description: Package index to publish to - type: choice - options: - - none - - PyPI - # - TestPyPI permissions: contents: read @@ -35,28 +30,24 @@ jobs: pages: read outputs: pages-url: ${{ steps.build.outputs.pages-url }} - deploy: ${{ github.event_name != 'pull_request' && contains(fromJson(env.HEXDOC_BRANCHES), github.ref_name) || inputs.release == true }} + deploy: ${{ github.event_name != 'pull_request' && contains(fromJson(env.HEXDOC_BRANCHES), github.ref_name) }} steps: - - uses: actions/checkout@v4 - + - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version-file: .python-version - - - uses: astral-sh/setup-uv@v6 + - uses: astral-sh/setup-uv@v7 with: activate-environment: true enable-cache: true - - name: Sync dependencies run: uv sync --frozen --no-dev - - id: build uses: hexdoc-dev/actions/build@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - release: ${{ inputs.release == true }} + release: false deploy-pages: needs: build-hexdoc @@ -68,76 +59,24 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v4 - + - uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version-file: .python-version - - - uses: astral-sh/setup-uv@v6 + - uses: astral-sh/setup-uv@v7 with: activate-environment: true enable-cache: true - - name: Sync dependencies run: uv sync --frozen --no-dev - - name: Merge new hexdoc build into existing book uses: hexdoc-dev/actions/merge@v1 with: - release: ${{ inputs.release == true }} + release: false site-url: ${{ needs.build-hexdoc.outputs.pages-url }} - # if you want to add extra things to your website (eg. Javadoc/Dokka), add it to _site/dst/docs here - - name: Deploy to Pages uses: hexdoc-dev/actions/deploy-pages@v1 with: - release: ${{ inputs.release == true }} - merge: false - - publish-pypi: - runs-on: ubuntu-latest - needs: - - build-hexdoc - - deploy-pages - if: inputs.release == true && inputs.package-index == 'PyPI' - environment: - name: pypi - url: https://pypi.org/p/${{ env.PYPI_PACKAGE }} - permissions: - id-token: write - steps: - - name: Download package artifact - uses: actions/download-artifact@v4 - with: - name: hexdoc-build - path: dist - - - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 - - # Uncomment if you want to try publishing to TestPyPI before using the real index. - - # publish-testpypi: - # runs-on: ubuntu-latest - # needs: - # - build-hexdoc - # - deploy-pages - # if: inputs.package-index == 'TestPyPI' - # environment: - # name: testpypi - # url: https://test.pypi.org/p/${{ env.PYPI_PACKAGE }} - # permissions: - # id-token: write - # steps: - # - name: Download package artifact - # uses: actions/download-artifact@v4 - # with: - # name: hexdoc-build - # path: dist - - # - name: Publish to TestPyPI - # uses: pypa/gh-action-pypi-publish@release/v1 - # with: - # repository-url: https://test.pypi.org/legacy/ + release: false + merge: false \ No newline at end of file diff --git a/.github/workflows/build_release.yml b/.github/workflows/build_release.yml index cf7df41..46a34e8 100644 --- a/.github/workflows/build_release.yml +++ b/.github/workflows/build_release.yml @@ -2,36 +2,151 @@ name: Publish release on: push: - tags: "v*" - workflow_dispatch: - inputs: - release: - description: Release this version - type: boolean - default: false + tags: ['v[0-9].[0-9].[0-9]'] + +permissions: + contents: read + +env: + PYPI_PACKAGE: hexdoc-hexchanting jobs: - build: - runs-on: ubuntu-24.04 + build-release: + runs-on: ubuntu-latest environment: modrinth + permissions: + contents: write # write needed for releases + # these are needed for attestations + id-token: write + attestations: write + artifact-metadata: write steps: - - name: checkout repository - uses: actions/checkout@v4 - - name: validate gradle wrapper - uses: gradle/actions/wrapper-validation@v4 - - name: setup jdk - uses: actions/setup-java@v4 + - name: Checkout repository + uses: actions/checkout@v6 + - name: Verify mod_version matches tag + run: | + # match mod_version=1.2.3 + # spaces are accepted around the = + MOD_VERSION=$(sed -nE 's/^mod_version[[:space:]]*=[[:space:]]*([0-9]+\.[0-9]+\.[0-9])$/\1/p' gradle.properties) + echo "mod_version: '$MOD_VERSION'" + if [ -z "$MOD_VERSION" ]; then + echo "::error::Could not parse a valid X.Y.Z version from gradle.properties" + exit 1 + fi + + # tag has a v prefix we want to strip + TAG_VERSION="${GITHUB_REF_NAME#v}" + echo "tag_version: '$TAG_VERSION'" + + if [ "$MOD_VERSION" != "$TAG_VERSION" ]; then + echo "::error::Version mismatch! gradle.properties ($MOD_VERSION) != tag ($TAG_VERSION)" + exit 1 + fi + + echo "Version in gradle.properties matches tag" + - name: Setup JDK + uses: actions/setup-java@v5 with: java-version: '21' - distribution: 'microsoft' - - name: make gradle wrapper executable - run: chmod +x ./gradlew - - name: build + distribution: 'temurin' + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v5 + - name: Create Modrinth release run: ./gradlew modrinth env: MODRINTH_TOKEN: ${{ secrets.MODRINTH_TOKEN }} - - name: capture build artifacts - uses: actions/upload-artifact@v4 + - name: Capture build artifacts + uses: actions/upload-artifact@v6 + with: + path: build/libs/ + if-no-files-found: error + - name: Attest build + uses: actions/attest-build-provenance@v3 + with: + subject-path: 'build/libs/**' + - name: Create Github release + # This pins to a commit sha because it's from a random user + # Github, for some reason, deprecated their own action for this. + # This commit is for the 2.5.0 release + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b + with: + files: 'build/libs/**' + overwrite_files: false + fail_on_unmatched_files: true + generate_release_notes: true + + build-hexdoc: + needs: build-release + runs-on: ubuntu-latest + permissions: + contents: read + pages: read + outputs: + pages-url: ${{ steps.build.outputs.pages-url }} + steps: + - uses: actions/checkout@v6 + - uses: actions/setup-python@v6 + with: + python-version-file: .python-version + - uses: astral-sh/setup-uv@v7 + with: + activate-environment: true + enable-cache: true + - name: Sync dependencies + run: uv sync --frozen --no-dev + - id: build + uses: hexdoc-dev/actions/build@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + release: true + + deploy-pages: + needs: build-hexdoc + runs-on: ubuntu-latest + concurrency: + group: hexdoc-deploy-pages + cancel-in-progress: false + permissions: + contents: write + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v6 + with: + python-version-file: .python-version + - uses: astral-sh/setup-uv@v6 + with: + activate-environment: true + enable-cache: true + - name: Sync dependencies + run: uv sync --frozen --no-dev + - name: Merge new hexdoc build into existing book + uses: hexdoc-dev/actions/merge@v1 + with: + release: true + site-url: ${{ needs.build-hexdoc.outputs.pages-url }} + # if you want to add extra things to your website (eg. Javadoc/Dokka), add it to _site/dst/docs here + - name: Deploy to Pages + uses: hexdoc-dev/actions/deploy-pages@v1 + with: + release: true + merge: false + + publish-pypi: + runs-on: ubuntu-latest + needs: + - build-hexdoc + - deploy-pages + environment: + name: pypi + url: https://pypi.org/p/${{ env.PYPI_PACKAGE }} + permissions: + id-token: write + steps: + - name: Download package artifact + uses: actions/download-artifact@v4 with: - name: ReleaseArtifacts - path: build/libs/ \ No newline at end of file + name: hexdoc-build + path: dist + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 \ No newline at end of file