0.2.1 #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Create release # You may choose a different name | |
run-name: ${{ inputs.releaseversion }} # Enumerates entries in the "workflow runs" view | |
on: | |
workflow_dispatch: | |
inputs: | |
releaseversion: | |
description: 'Release version' | |
required: true | |
type: string | |
default: "X.Y.Z" | |
jobs: | |
release: # Arbitrarily chosen | |
name: Release | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
packages: write | |
attestations: write | |
id-token: write | |
steps: | |
- uses: actions/create-github-app-token@v1 | |
id: app-token | |
with: | |
app-id: ${{ vars.CI_APP_ID }} | |
private-key: ${{ secrets.CI_PRIVATE_KEY }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{ steps.app-token.outputs.token }} | |
ref: ${{ github.head_ref }} | |
- name: Get GitHub App User ID | |
id: get-user-id | |
run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" | |
env: | |
GH_TOKEN: ${{ steps.app-token.outputs.token }} | |
- name: Configure git | |
run: | | |
git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]' | |
git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>' | |
- name: Setup Java | |
uses: actions/setup-java@v4 # Does also set up Maven and GPG | |
with: | |
distribution: 'temurin' # As good as any other, see: https://github.com/actions/setup-java#supported-distributions | |
java-package: 'jdk' | |
java-version: '17' | |
check-latest: true | |
cache: 'maven' | |
- name: Setup settings.xml | |
uses: s4u/[email protected] | |
with: | |
override: true | |
servers: | | |
[{ | |
"id": "central", | |
"username": "${{ secrets.OSS_SONATYPE_USER }}", | |
"password": "${{ secrets.OSS_SONATYPE_PASS }}" | |
},{ | |
"id":"github", | |
"username": "ci-bot", | |
"password": "${{ secrets.GITHUB_TOKEN }}" | |
}] | |
- id: install-secret-key | |
name: Install gpg secret key | |
run: | | |
# Install gpg secret key | |
cat <(echo -e "${{ secrets.OSS_SONATYPE_GPG_PRIVATE_KEY }}") | gpg --batch --import | |
# Verify gpg secret key | |
gpg --list-secret-keys --keyid-format LONG | |
- name: Create release | |
env: | |
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
MAVEN_GPG_KEY: ${{ secrets.OSS_SONATYPE_GPG_PRIVATE_KEY }} | |
MAVEN_GPG_PASSPHRASE: ${{ secrets.OSS_SONATYPE_GPG_PASSPHRASE }} | |
run: | | |
export TZ="Europe/Berlin" | |
./mvnw release:prepare release:perform -B -Pcentral-publish -DreleaseVersion=${{ inputs.releaseversion }} -Dgpg.keyname=${{ env.OSS_SONATYPE_GPG_KEYID }} -Dgpg.passphrase=${{ secrets.OSS_SONATYPE_GPG_PASSPHRASE }} -DskipITs=true -Darguments="-DskipTests=true -DskipITs=true -Dgpg.passphrase=${{ secrets.OSS_SONATYPE_GPG_PASSPHRASE }}" | |
# write version info | |
cat <<EOF >target/config.json | |
{ | |
"version": "${{ inputs.releaseversion }}" | |
} | |
EOF | |
- name: Conventional Changelog Action | |
uses: TriPSs/conventional-changelog-action@v5 | |
with: | |
input-file: CHANGELOG.md | |
github-token: ${{ steps.app-token.outputs.token }} | |
version-file: target/config.json | |
pre-release: true | |
skip-bump: true | |
skip-tag: true | |
skip-on-empty: true | |
tag-prefix: 'v' | |
- name: Create Release on GH | |
id: tag-and-release | |
uses: avakar/tag-and-release@v1 | |
with: | |
draft: true | |
release_name: ${{ github.event.inputs.releaseversion }} | |
tag_name: v${{ github.event.inputs.releaseversion }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |