diff --git a/.github/bin/versionIncrement.sh b/.github/bin/versionIncrement.sh index 73c06fa..464d166 100755 --- a/.github/bin/versionIncrement.sh +++ b/.github/bin/versionIncrement.sh @@ -16,15 +16,15 @@ major=${version_parts[0]} minor=${version_parts[1]} patch=${version_parts[2]} next_patch=$((patch + 1)) -next_development_version="'$major.$minor.$next_patch-SNAPSHOT'" -next_version="'$major.$minor.$next_patch'" +next_development_version="$major.$minor.$patch-SNAPSHOT" +next_version="$major.$minor.$next_patch" # Update the YAML file -./update_text.sh ./../workflows/publish.yml releaseVersion $next_version -./update_text.sh ./../workflows/publish.yml developmentVersion $next_development_version +./update_text.sh ./../workflows/publish.yml releaseVersion "$next_version" +./update_text.sh ./../workflows/publish.yml developmentVersion "$next_development_version" git add ./../workflows/publish.yml git commit -m "Updated publish.yml with release version: $release_version and development version: $next_development_version" -echo "Updated publish.yml with release version: $release_version and development version: $next_development_version and commited" +echo "Updated publish.yml with next patch release version: $release_version and patch development version: $next_development_version and commited" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index e5e5191..68efbc5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -36,6 +36,7 @@ jobs: uses: actions/checkout@v4 with: ssh-key: ${{ secrets.DEPLOY_KEY }} + fetch-depth: 3 - name: Set up JDK uses: actions/setup-java@v4 @@ -44,6 +45,39 @@ jobs: java-version: '21' cache: 'maven' + - name: Dump event context for debugging + continue-on-error: true # Debugging output only, and this annoyingly fails when the commit messge has a ( + run: | + echo '${{ github.event_name }} for ${{ github.ref_type }} ${{ github.ref_name }} or ${{ github.event.ref }}' + # https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push + echo 'github.event:' + echo '${{ toJSON(github.event) }}' + + - name: Dump github context for debugging + continue-on-error: true # Debugging output only, and this annoyingly fails when the commit message has a ( + run: | + echo '${{ toJSON(github) }}' + + - name: Try to set a master password + run: | + MASTERPWD=$(openssl rand -base64 25) + echo " $(mvn --encrypt-master-password "$MASTERPWD")" > $HOME/.m2/settings-security.xml + # echo "MASTERPWD=\"$MASTERPWD\"" >> $GITHUB_ENV + # The master password isn't actually used, but the maven-gpg-plugin complains otherwise. + + - name: Git & Maven Status + run: | + $MVNCMD -version + git remote -v + git status --untracked-files --ignored + git log -3 --no-color --decorate + + - name: Mvn Effective POM + run: $MVNCMD -N help:effective-pom + + - name: Mvn Effective Settings + run: $MVNCMD -N help:effective-settings + - name: Build with Maven env: KITEWORKS_BASE_URI: ${{ secrets.KITEWORKS_BASE_URI }} @@ -58,34 +92,81 @@ jobs: - name: Set up Git username and email run: | - git config --global user.name " ${{ variables.GPG_NAME }}" + git config --global user.name "${{ variables.GPG_NAME }}" git config --global user.email "${{ secrets.GPG_EMAIL }}" - echo "${{ secrets.GPG_KEY }}" | gpg --batch --import + echo "${{ secrets.GPG_KEY }}" | base64 --decode | gpg --import --no-tty --batch --yes + gpg -v --refresh-keys + gpg --list-secret-keys --keyid-format LONG git config --global user.signingkey ${{ secrets.GPG_KEY_ID }} git config --global commit.gpgSign true git config --global gpg.program gpg env: - ssh-deploy-key: ${{ secrets.DEPLOY_KEY }} - ssh-gpg-email: ${{ secrets.GPG_EMAIL }} - ssh-gpg-key: ${{ secrets.GPG_KEY }} - ssh-gpg-key-id: ${{ secrets.GPG_KEY_ID }} - ssh-gpg-name: ${{ variables.GPG_NAME }} + #ssh-deploy-key: ${{ secrets.DEPLOY_KEY }} + #ssh-gpg-email: ${{ secrets.GPG_EMAIL }} + #ssh-gpg-key: ${{ secrets.GPG_KEY }} + #ssh-gpg-key-id: ${{ secrets.GPG_KEY_ID }} + #ssh-gpg-name: ${{ variables.GPG_NAME }} - - name: "Verify GPG setup" - run: gpg --list-keys + - name: Check that we are on snapshot branch before creating the release + run: | + echo "Version: " + $MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout + $MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout | egrep -- '-SNAPSHOT$' > /dev/null || exit 1 + # unfortunately, this would require a snapshot parent if just called from the command line, so we cannot use it: :-( + # mvn org.apache.maven.plugins:maven-enforcer-plugin:3.2.1:enforce -Drules=requireSnapshotVersion + + - name: Check that we are on snapshot branch before creating the release + run: | + echo "Version: " + $MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout + $MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout | egrep -- '-SNAPSHOT$' > /dev/null || exit 1 + # unfortunately, this would require a snapshot parent if just called from the command line, so we cannot use it: :-( + # mvn org.apache.maven.plugins:maven-enforcer-plugin:3.2.1:enforce -Drules=requireSnapshotVersion + + - name: Dry run of release goals + + run: | + mvn clean release:clean + mvn release:prepare -DdryRun=true -DpushChanges=false + mvn release:perform -DdryRun=true -DlocalCheckout=true -DdeployAtEnd=true + mvn clean release:clean + git clean -f -d -x + + - name: Verify git is clean + run: | + git status --untracked-files --ignored + git log -3 --no-color --decorate + git clean -f -d + + - name: Prepare package publish + run: | + # Define versions and tag + RELEASE_VERSION="${github.event.inputs.releaseVersion}" + DEVELOPMENT_VERSION="${github.event.inputs.developmentVersion}" + TAG=v"${github.event.inputs.releaseVersion}" + + # Prepare the release with -DpushChanges=false so its all local for now + mvn release:prepare -DreleaseVersion=$RELEASE_VERSION -DdevelopmentVersion=$DEVELOPMENT_VERSION -Dtag=$TAG -DpushChanges=false - - name: Increment poms - run: echo "do" env: - ssh-deploy-key: ${{ secrets.DEPLOY_KEY }} - ssh-gpg-email: ${{ secrets.GPG_EMAIL }} - ssh-gpg-key: ${{ secrets.GPG_KEY }} - ssh-gpg-key-id: ${{ secrets.GPG_KEY_ID }} - ssh-gpg-name: ${{ variables.GPG_NAME }} + KITEWORKS_BASE_URI: ${{ secrets.KITEWORKS_BASE_URI }} + KITEWORKS_CLIENT_ID: ${{ secrets.KITEWORKS_CLIENT_ID }} + KITEWORKS_CLIENT_SECRET: ${{ secrets.KITEWORKS_CLIENT_SECRET }} + KITEWORKS_SIGNATURE_KEY: ${{ secrets.KITEWORKS_SIGNATURE_KEY }} + KITEWORKS_USER_ID: ${{ secrets.KITEWORKS_USER_ID }} + KITEWORKS_CLIENT_APP_SCOPES: ${{ secrets.KITEWORKS_CLIENT_APP_SCOPES }} + KITEWORKS_REDIRECT_URI: ${{ secrets.KITEWORKS_REDIRECT_URI }} + KITEWORKS_ACCESS_TOKEN_URI: ${{ secrets.KITEWORKS_ACCESS_TOKEN_URI }} + + - name: Git status after prepare + run: | + git status --untracked-files --ignored + git log -3 --no-color --decorate + cat release.properties || true - - name: Publish package + - name: Perform package publish if: ${{ env.DO_DEPLOYMENT == 'true' }} - run: mvn --batch-mode deploy + run: mvn release:perform -DlocalCheckout=true -DdeployAtEnd=true "-Dgoals=clean install package source:jar javadoc:jar deploy" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} KITEWORKS_BASE_URI: ${{ secrets.KITEWORKS_BASE_URI }} @@ -97,12 +178,37 @@ jobs: KITEWORKS_REDIRECT_URI: ${{ secrets.KITEWORKS_REDIRECT_URI }} KITEWORKS_ACCESS_TOKEN_URI: ${{ secrets.KITEWORKS_ACCESS_TOKEN_URI }} + - name: Git Status after perform + if: always() + run: | + git status + git log -3 --no-color --decorate + + - name: Git Status after perform, long + if: always() + run: | + git status --untracked-files --ignored + - name: Increment workflow defaults if: ${{ env.DO_DEPLOYMENT == 'true' }} run: | ./../bin/versionIncrement.sh - git push - + + + - name: Push changes + if: ${{ env.DO_DEPLOYMENT == 'true' }} + run: | + git push origin --follow-tags -v + + - name: List target files even if recipe fails + if: always() + run: | + pwd + ls -ld + ls -ld target + find . -type d -name target + ls -l ./target/checkout/target || true + ls -l ./target/checkout/commons/target || true - name: Publish - Skipped if: ${{ env.DO_DEPLOYMENT != 'true' }}