-
Notifications
You must be signed in to change notification settings - Fork 1
168 lines (148 loc) · 6.1 KB
/
release-sdk.yml
File metadata and controls
168 lines (148 loc) · 6.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
name: Release SDK
on:
workflow_dispatch:
inputs:
dry-run:
description: 'If true, simulate the commands without executing them'
required: false
default: 'true'
jobs:
read-version:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: Extract version from pom.xml
id: get_version
run: |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "VERSION=$VERSION"
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Generate custom settings.xml with expanded credentials
run: |
mkdir -p ~/.m2
cat > ~/.m2/settings.xml <<EOF
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>central</id>
<username>${{ secrets.MAVEN_CENTRAL_USERNAME }}</username>
<password>${{ secrets.MAVEN_CENTRAL_TOKEN }}</password>
</server>
</servers>
</settings>
EOF
echo "Created ~/.m2/settings.xml with expanded credentials"
- name: Show extracted version
run: echo "Current version is ${{ steps.get_version.outputs.version }}"
- name: Extract release version
id: extract_version
run: |
RAW_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
RELEASE_VERSION=${RAW_VERSION/-SNAPSHOT/}
echo "RELEASE_VERSION=$RELEASE_VERSION"
echo "release-version=$RELEASE_VERSION" >> $GITHUB_OUTPUT
- name: Set release version in pom.xml (temporary)
run: |
RELEASE_VERSION=${{ steps.extract_version.outputs.release-version }}
echo "Temporarily setting version to $RELEASE_VERSION"
mvn versions:set -DnewVersion=$RELEASE_VERSION
mvn versions:commit
- name: Confirm version after set
run: mvn help:evaluate -Dexpression=project.version -q -DforceStdout
- name: Import GPG key
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
echo "$GPG_PRIVATE_KEY" | gpg --batch --yes --import
mkdir -p ~/.gnupg
echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf
echo RELOADAGENT | gpg-connect-agent
- name: Debug settings.xml (safe)
run: |
echo "Sanitized settings.xml:"
cat ~/.m2/settings.xml
echo ""
echo "Preview secrets:"
echo "MAVEN_CENTRAL_USERNAME starts with: ${MAVEN_CENTRAL_USERNAME:0:3}***"
echo "MAVEN_CENTRAL_TOKEN starts with: ${MAVEN_CENTRAL_TOKEN:0:3}***"
env:
MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
- name: Fail if version still has -SNAPSHOT
run: |
V=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "Effective version: $V"
if [[ "$V" == *"-SNAPSHOT" ]]; then
echo "ERROR: Version still contains -SNAPSHOT. Aborting publish."
exit 1
fi
- name: Deploy to Maven Central (with signing)
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
echo "Running: mvn deploy -Psign-release -X"
mvn deploy -Psign-release -X \
-DskipTests=true \
-DretryFailedDeploymentCount=3 \
-Dmaven.wagon.http.timeout=120000 \
-Dmaven.wagon.http.retryHandler.count=3 \
-Dmaven.wagon.httpconnectionManager.maxPerHost=2 \
-Dmaven.wagon.httpconnectionManager.ttlSeconds=60
- name: Commit POM version bump to main
if: ${{ github.event.inputs.dry-run != 'true' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
VERSION=${{ steps.extract_version.outputs.release-version }}
git config user.name "github-actions[bot]"
git config user.email "action@github.com"
git add pom.xml
git commit -m "release: set version ${VERSION}"
git push origin HEAD:main
- name: Create tag v<version>
if: ${{ github.event.inputs.dry-run != 'true' }}
run: |
VERSION=${{ steps.extract_version.outputs.release-version }}
git tag "v${VERSION}"
git push origin "v${VERSION}"
- name: Create GitHub Release (no assets)
if: ${{ github.event.inputs.dry-run != 'true' }}
uses: softprops/action-gh-release@v2
with:
tag_name: v${{ steps.extract_version.outputs.release-version }}
name: Release ${{ steps.extract_version.outputs.release-version }}
draft: false
prerelease: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Bump to next snapshot
if: ${{ github.event.inputs.dry-run != 'true' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
CURRENT=${{ steps.extract_version.outputs.release-version }}
# Calcula siguiente versión de patch: X.Y.(Z+1)-SNAPSHOT
IFS='.' read -r MAJ MIN PAT <<< "$CURRENT"
NEXT="$MAJ.$MIN.$((PAT+1))-SNAPSHOT"
echo "Setting next dev version: $NEXT"
mvn versions:set -DnewVersion="$NEXT" -q
mvn versions:commit -q
git add pom.xml
git commit -m "chore: start next dev cycle $NEXT"
git push origin HEAD:main
- name: Upload all artifacts (post-deploy)
if: always()
uses: actions/upload-artifact@v4
with:
name: full-publish-output
path: |
target/central-publishing/central-bundle.zip