Skip to content

Merge 0a55cb4 into 3.5.2 #196

Merge 0a55cb4 into 3.5.2

Merge 0a55cb4 into 3.5.2 #196

Workflow file for this run

name: publish
on:
push:
branches: # For branches, better to list them explicitly than regexp include
- main
- 3.5.x
- 3.4.x
permissions: read-all
jobs:
# General job notes: we DON'T want to cancel any previous runs, especially in the case of a "back to snapshots" build right after a release push
# We specify the ubuntu version to minimize the chances we have to deal with a migration during a release
prepare:
# Notes on prepare: this job has no access to secrets, only github token. As a result, all non-core actions are centralized here
# This includes the tagging and drafting of release notes. Still, when possible we favor plain run of gradle tasks
name: prepare
runs-on: ubuntu-20.04
outputs:
versionType: ${{ steps.version.outputs.versionType }}
fullVersion: ${{ steps.version.outputs.fullVersion }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: setup java
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # tag=v3
with:
distribution: 'temurin'
java-version: 8
- name: interpret version
id: version
#we only run the qualifyVersionGha task so that no other console printing can hijack this step's output
#output: versionType, fullVersion
#fails if versionType is BAD, which interrupts the workflow
run: ./gradlew qualifyVersionGha
- name: run checks
id: checks
run: ./gradlew check
#deploy the snapshot artifacts to Artifactory
deploySnapshot:
name: deploySnapshot
runs-on: ubuntu-20.04
needs: prepare
if: needs.prepare.outputs.versionType == 'SNAPSHOT'
environment: snapshots
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # tag=v3
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_SNAPSHOT_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
run: |
./gradlew assemble artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-snapshot-local
#sign the milestone artifacts and deploy them to Artifactory
deployMilestone:
name: deployMilestone
runs-on: ubuntu-20.04
needs: prepare
if: needs.prepare.outputs.versionType == 'MILESTONE'
environment: releases
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # tag=v3
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
ORG_GRADLE_PROJECT_signingKey: ${{secrets.SIGNING_KEY}}
ORG_GRADLE_PROJECT_signingPassword: ${{secrets.SIGNING_PASSPHRASE}}
run: |
./gradlew assemble sign artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-milestone-local
#sign the release artifacts and deploy them to Artifactory
deployRelease:
name: deployRelease
runs-on: ubuntu-20.04
needs: prepare
if: needs.prepare.outputs.versionType == 'RELEASE'
environment: releases
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # tag=v3
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
ORG_GRADLE_PROJECT_signingKey: ${{secrets.SIGNING_KEY}}
ORG_GRADLE_PROJECT_signingPassword: ${{secrets.SIGNING_PASSPHRASE}}
ORG_GRADLE_PROJECT_sonatypeUsername: ${{secrets.SONATYPE_USERNAME}}
ORG_GRADLE_PROJECT_sonatypePassword: ${{secrets.SONATYPE_PASSWORD}}
run: |
./gradlew assemble sign artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-release-local publishMavenJavaPublicationToSonatypeRepository
tagMilestone:
name: Tag milestone
needs: [ prepare, deployMilestone ]
runs-on: ubuntu-20.04
permissions:
contents: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: tag
run: |
git config --local user.name 'reactorbot'
git config --local user.email '32325210+reactorbot@users.noreply.github.com'
git tag -m "Release milestone ${{ needs.prepare.outputs.fullVersion }}" v${{ needs.prepare.outputs.fullVersion }} ${{ github.sha }}
git push --tags
tagRelease:
name: Tag release
needs: [ prepare, deployRelease ]
runs-on: ubuntu-20.04
permissions:
contents: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- name: tag
run: |
git config --local user.name 'reactorbot'
git config --local user.email '32325210+reactorbot@users.noreply.github.com'
git tag -m "Release version ${{ needs.prepare.outputs.fullVersion }}" v${{ needs.prepare.outputs.fullVersion }} ${{ github.sha }}
git push --tags
# For Gradle configuration of signing, see https://docs.gradle.org/current/userguide/signing_plugin.html#sec:in-memory-keys
# publishMavenJavaPublicationToSonatypeRepository only sends to a staging repository