Skip to content
Create Release 2

Create Release 2 for develop #6

Sign in to view logs

Create Release 2 for develop

Create Release 2 for develop #6

Workflow file for this run

.github/workflows/createerelease2.yml at bddda69
# Creates a release and uploads that. We don't upload the site - that's done in the master.yml workflow once it's merged.
# See also https://docs.github.com/en/actions/publishing-packages/publishing-java-packages-with-maven
# https://github.com/actions/setup-java
# https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md?tab=readme-ov-file#Publishing-using-Apache-Maven
# https://central.sonatype.org/publish-ea/publish-ea-guide/
name: Create Release 2
run-name: Create Release 2 for ${{ github.ref_name }}
on:
workflow_dispatch:
jobs:
createrelease:
runs-on: ubuntu-latest
env:
SUBDIR: ${{ github.event.inputs.subdir }}
MVNCMD: mvn -B -ntp -P release
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_ACTOR: ${{ github.actor }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 3
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: maven
server-id: central
server-username: MAVEN_USERNAME
server-password: MAVEN_CENTRAL_TOKEN
# gpg-private-key: ${{ secrets.GPG_SECRET_KEYS }}
gpg-passphrase: GPG_PASSPHRASE
- name: Try to set a master password
run: |
MASTERPWD=$(openssl rand -base64 25)
echo "<settingsSecurity> <master>$(mvn --encrypt-master-password "$MASTERPWD")</master></settingsSecurity>" > $HOME/.m2/settings-security.xml
# echo "MASTERPWD=\"$MASTERPWD\"" >> $GITHUB_ENV
# The master password isn't actually used, but the maven-gpg-plugin complains otherwise.
- name: Git & Maven Status
run: |
$MVNCMD -version
git remote -v
git status --untracked-files --ignored
git log -3 --no-color --decorate
- name: Import GPG key
env:
GPG_SECRET_KEYS: ${{ secrets.GPG_SECRET_KEYS }}
GPG_OWNERTRUST: ${{ secrets.GPG_OWNERTRUST }}
run: |
echo $GPG_SECRET_KEYS | base64 --decode | gpg --import --no-tty --batch --yes
echo $GPG_OWNERTRUST | base64 --decode | gpg --import-ownertrust --no-tty --batch --yes
gpg -v --refresh-keys
gpg --list-secret-keys --keyid-format LONG
- name: Configure git user for release commits
# specific to repository - we don't want that to be the same thing in a fork.
env:
X_RELEASE_USERNAME: ${{ vars.RELEASE_USERNAME }}
X_RELEASE_USEREMAIL: ${{ vars.RELEASE_USEREMAIL }}
run: |
git config --global user.email "${X_RELEASE_USERNAME}"
git config --global user.name "${X_RELEASE_USEREMAIL}"
- name: Check that we are on snapshot branch before creating the release
run: |
echo "Version: "
$MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout
$MVNCMD help:evaluate -Dexpression=project.version -q -DforceStdout | egrep -- '-SNAPSHOT$' > /dev/null || exit 1
# unfortunately, this would require a snapshot parent if just called from the command line, so we cannot use it: :-(
# mvn org.apache.maven.plugins:maven-enforcer-plugin:3.2.1:enforce -Drules=requireSnapshotVersion
- name: Dry run of release goals
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
# export GPG_PASSPHRASE=$(mvn --encrypt-password "$(echo $GPG_PASSPHRASE_RAW | base64 --decode)")
$MVNCMD clean release:clean
$MVNCMD release:prepare -DdryRun=true -DpushChanges=false
$MVNCMD release:perform -DdryRun=true -DlocalCheckout=true -DdeployAtEnd=true -DreleaseProfiles=release
$MVNCMD clean release:clean
git clean -f -d -x
- name: Verify git is clean
run: |
git status --untracked-files --ignored
git log -3 --no-color --decorate
git clean -f -d
- name: Prepare release
env:
MAVEN_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.OSS_SONATYPE_PASSWORD }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
git clean -f -d -x
$MVNCMD clean release:clean release:prepare
- name: Git status after prepare
run: |
git status --untracked-files --ignored
git log -3 --no-color --decorate
cat release.properties || true
- name: Perform release
env:
MAVEN_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.OSS_SONATYPE_PASSWORD }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
$MVNCMD -X release:perform -DdeployAtEnd=true "-Darguments=-DdeployAtEnd=true" "-DreleaseProfiles=release" "-Dgoals=clean install package source:jar javadoc:jar deploy"
- name: Dump settings
if: always()
run: cat $HOME/.m2/settings.xml
- name: Dump event context for debugging
if: always()
continue-on-error: true # Debugging output only, and this annoyingly fails when the commit messge has a (
run: |
echo '${{ github.event_name }} for ${{ github.ref_type }} ${{ github.ref_name }} or ${{ github.event.ref }}'
# https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push
echo 'github.event:'
echo '${{ toJSON(github.event) }}'
- name: Dump github context for debugging
if: always()
continue-on-error: true # Debugging output only, and this annoyingly fails when the commit message has a (
run: |
echo '${{ toJSON(github) }}'
- name: Mvn Effective POM
if: always()
run: $MVNCMD -N help:effective-pom
- name: Mvn Effective Settings
if: always()
run: $MVNCMD -N help:effective-settings
- name: Git Status after perform
if: always()
run: |
git status
git log -3 --no-color --decorate
- name: Git Status after perform, long
if: always()
run: |
git status --untracked-files --ignored
- name: List target files even if recipe fails
if: always()
run: |
pwd
ls -ld
ls -ld target
find . -type d -name target
ls -l ./target/checkout/target || true
ls -l ./target/checkout/commons/target || true