Skip to content
publish

Merge #308 into 1.2.0-M7 #482

Sign in to view logs

Merge #308 into 1.2.0-M7

Merge #308 into 1.2.0-M7 #482

Workflow file for this run

.github/workflows/publish.yml at cf2956d
name: publish
on:
push:
branches: # For branches, better to list them explicitly than regexp include
- main
- 1.1.x
permissions: {}
jobs:
# General job notes: we DON'T want to cancel any previous runs, especially in the case of a "back to snapshots" build right after a release push
# We specify the ubuntu version to minimize the chances we have to deal with a migration during a release
prepare:
# Notes on prepare: this job has no access to secrets, only github token. As a result, all non-core actions are centralized here
# This includes the tagging and drafting of release notes. Still, when possible we favor plain run of gradle tasks
name: prepare
runs-on: ubuntu-22.04
outputs:
versionType: ${{ steps.version.outputs.versionType }}
fullVersion: ${{ steps.version.outputs.fullVersion }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- name: setup java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
distribution: 'temurin'
java-version: 8
- name: interpret version
id: version
#we only run the qualifyVersionGha task so that no other console printing can hijack this step's output
#output: versionType, fullVersion
#fails if versionType is BAD, which interrupts the workflow
run: ./gradlew qualifyVersionGha
- name: run checks
id: checks
run: ./gradlew check -Pjunit-tags=!slow
slowChecks:
# similar limitations as in prepare, but we parallelize the slowest tests here (races in CommonPoolTest)
name: slowChecks
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- name: setup java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
distribution: 'temurin'
java-version: 8
- name: run slow tests
id: slowTests
run: ./gradlew test -Pjunit-tags=slow
#deploy the snapshot artifacts to Artifactory
deploySnapshot:
name: deploySnapshot
runs-on: ubuntu-22.04
needs: [ prepare, slowChecks ]
if: needs.prepare.outputs.versionType == 'SNAPSHOT'
environment: snapshots
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_SNAPSHOT_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
run: |
./gradlew assemble artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-snapshot-local
#sign the milestone artifacts and deploy them to Artifactory
deployMilestone:
name: deployMilestone
runs-on: ubuntu-22.04
needs: [ prepare, slowChecks ]
if: needs.prepare.outputs.versionType == 'MILESTONE'
environment: releases
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
ORG_GRADLE_PROJECT_signingKey: ${{secrets.SIGNING_KEY}}
ORG_GRADLE_PROJECT_signingPassword: ${{secrets.SIGNING_PASSPHRASE}}
ORG_GRADLE_PROJECT_sonatypeUsername: ${{secrets.SONATYPE_USERNAME}}
ORG_GRADLE_PROJECT_sonatypePassword: ${{secrets.SONATYPE_PASSWORD}}
run: |
./gradlew assemble sign artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-milestone-local publishMavenJavaPublicationToSonatypeRepository
- name: Stage the milestone
env:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{secrets.SONATYPE_USERNAME}}
ORG_GRADLE_PROJECT_sonatypePassword: ${{secrets.SONATYPE_PASSWORD}}
run: |
GRADLE_PUBLISH_MAVEN_AUTHORIZATION=$(echo "${ORG_GRADLE_PROJECT_sonatypeUsername}:${ORG_GRADLE_PROJECT_sonatypePassword}" | base64)
echo "Searching for opened repository..."
REPOSITORY_RESPONSE=$(curl -s -X GET \
-H "Authorization: Bearer ${GRADLE_PUBLISH_MAVEN_AUTHORIZATION}" \
"https://ossrh-staging-api.central.sonatype.com/manual/search/repositories?state=open")
REPOSITORY_KEY=$(echo "${REPOSITORY_RESPONSE}" | grep -o '"key":"[^"]*"' | head -1 | cut -d':' -f2 | tr -d '"')
echo "Triggering uploading..."
curl -s -X POST \
-H "Authorization: Bearer ${GRADLE_PUBLISH_MAVEN_AUTHORIZATION}" \
"https://ossrh-staging-api.central.sonatype.com/manual/upload/repository/${REPOSITORY_KEY}?publishing_type=user_managed"
#sign the release artifacts and deploy them to Artifactory
deployRelease:
name: deployRelease
runs-on: ubuntu-22.04
needs: [ prepare, slowChecks ]
if: needs.prepare.outputs.versionType == 'RELEASE'
environment: releases
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165
with:
distribution: 'temurin'
java-version: 8
- name: deploy
env:
ORG_GRADLE_PROJECT_artifactory_publish_username: ${{secrets.ARTIFACTORY_USERNAME}}
ORG_GRADLE_PROJECT_artifactory_publish_password: ${{secrets.ARTIFACTORY_PASSWORD}}
ORG_GRADLE_PROJECT_signingKey: ${{secrets.SIGNING_KEY}}
ORG_GRADLE_PROJECT_signingPassword: ${{secrets.SIGNING_PASSPHRASE}}
ORG_GRADLE_PROJECT_sonatypeUsername: ${{secrets.SONATYPE_USERNAME}}
ORG_GRADLE_PROJECT_sonatypePassword: ${{secrets.SONATYPE_PASSWORD}}
run: |
./gradlew assemble sign artifactoryPublish -Partifactory_publish_contextUrl=https://repo.spring.io -Partifactory_publish_repoKey=libs-release-local publishMavenJavaPublicationToSonatypeRepository
- name: Stage the release
env:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{secrets.SONATYPE_USERNAME}}
ORG_GRADLE_PROJECT_sonatypePassword: ${{secrets.SONATYPE_PASSWORD}}
run: |
GRADLE_PUBLISH_MAVEN_AUTHORIZATION=$(echo "${ORG_GRADLE_PROJECT_sonatypeUsername}:${ORG_GRADLE_PROJECT_sonatypePassword}" | base64)
echo "Searching for opened repository..."
REPOSITORY_RESPONSE=$(curl -s -X GET \
-H "Authorization: Bearer ${GRADLE_PUBLISH_MAVEN_AUTHORIZATION}" \
"https://ossrh-staging-api.central.sonatype.com/manual/search/repositories?state=open")
REPOSITORY_KEY=$(echo "${REPOSITORY_RESPONSE}" | grep -o '"key":"[^"]*"' | head -1 | cut -d':' -f2 | tr -d '"')
echo "Triggering uploading..."
curl -s -X POST \
-H "Authorization: Bearer ${GRADLE_PUBLISH_MAVEN_AUTHORIZATION}" \
"https://ossrh-staging-api.central.sonatype.com/manual/upload/repository/${REPOSITORY_KEY}?publishing_type=user_managed"
tagMilestone:
name: Tag milestone
needs: [ prepare, deployMilestone ]
runs-on: ubuntu-22.04
permissions:
contents: write
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- name: tag
run: |
git config --local user.name 'reactorbot'
git config --local user.email '32325210+reactorbot@users.noreply.github.com'
git tag -m "Release milestone ${{ needs.prepare.outputs.fullVersion }}" v${{ needs.prepare.outputs.fullVersion }} ${{ github.sha }}
git push --tags
tagRelease:
name: Tag release
needs: [ prepare, deployRelease ]
runs-on: ubuntu-22.04
permissions:
contents: write
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- name: tag
run: |
git config --local user.name 'reactorbot'
git config --local user.email '32325210+reactorbot@users.noreply.github.com'
git tag -m "Release version ${{ needs.prepare.outputs.fullVersion }}" v${{ needs.prepare.outputs.fullVersion }} ${{ github.sha }}
git push --tags
# For Gradle configuration of signing, see https://docs.gradle.org/current/userguide/signing_plugin.html#sec:in-memory-keys
# publishMavenJavaPublicationToSonatypeRepository only sends to a staging repository