Skip to content

Release

Release #59

Workflow file for this run

name: Release
on:
# Releases can only be triggered via the action tab
workflow_dispatch:
permissions:
contents: read
env:
MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryhandler.count=5 -Dmaven.wagon.httpconnectionManager.ttlSeconds=240
jobs:
prepare-release:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
ref: main
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8
distribution: zulu
- name: Setup git configuration
run: |
git config --global user.email "[email protected]"
git config --global user.name "Netty Project Bot"
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY_PEM }}
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
# Cache .m2/repository
- uses: actions/cache@v4
continue-on-error: true
with:
path: ~/.m2/repository
key: prepare-release-cache-m2-repository-${{ hashFiles('**/pom.xml') }}
restore-keys: |
prepare-release-cache-m2-repository-
- name: Prepare release with Maven
run: |
./mvnw -B --file pom.xml release:prepare -DpreparationGoals=clean -DskipTests=true
./mvnw clean
- name: Checkout tag
run: ./.github/scripts/release_checkout_tag.sh release.properties
- name: Upload workspace
uses: actions/upload-artifact@v4
with:
name: prepare-release-workspace
path: ${{ github.workspace }}/**
include-hidden-files: true
stage-release-linux:
runs-on: ubuntu-latest
needs: prepare-release
permissions:
contents: write
strategy:
matrix:
include:
- setup: centos6-x86_64
docker-compose-build: "-f docker/docker-compose.centos-6.yaml -f docker/docker-compose.centos-6.18.yaml build"
docker-compose-run: "-f docker/docker-compose.centos-6.yaml -f docker/docker-compose.centos-6.18.yaml run stage-release"
- setup: debian7-x86_64
docker-compose-build: "-f docker/docker-compose.debian.yaml -f docker/docker-compose.debian-7.18.yaml build"
docker-compose-run: "-f docker/docker-compose.debian.yaml -f docker/docker-compose.debian-7.18.yaml run stage-release"
- setup: centos7-aarch64
docker-compose-build: "-f docker/docker-compose.centos-7.yaml build"
docker-compose-run: "-f docker/docker-compose.centos-7.yaml run cross-compile-aarch64-stage-release"
name: stage-release-${{ matrix.setup }}
steps:
- name: Download release-workspace
uses: actions/download-artifact@v4
with:
name: prepare-release-workspace
path: ./prepare-release-workspace/
- name: Adjust mvnw permissions
run: chmod 755 ./prepare-release-workspace/mvnw
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8
distribution: zulu
- name: Setup git configuration
run: |
git config --global user.email "[email protected]"
git config --global user.name "Netty Project Bot"
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY_PEM }}
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
# Cache .m2/repository
- uses: actions/cache@v4
continue-on-error: true
with:
path: ~/.m2/repository
key: stage-release-linux-${{ matrix.setup }}-m2-repository-cache-${{ hashFiles('**/pom.xml') }}
restore-keys: |
stage-release-linux-${{ matrix.setup }}-m2-repository-cache-
- uses: s4u/[email protected]
with:
servers: |
[{
"id": "sonatype-nexus-staging",
"username": "${{ secrets.SONATYPE_USERNAME }}",
"password": "${{ secrets.SONATYPE_PASSWORD }}"
}]
- name: Create local staging directory
run: mkdir -p ~/local-staging
- name: Build docker image
working-directory: ./prepare-release-workspace/
run: docker compose ${{ matrix.docker-compose-build }}
- name: Stage release to local staging directory
working-directory: ./prepare-release-workspace/
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: docker compose ${{ matrix.docker-compose-run }}
- name: Upload local staging directory
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.setup }}-local-staging
path: ~/local-staging
if-no-files-found: error
include-hidden-files: true
- name: Rollback release on failure
working-directory: ./prepare-release-workspace/
if: ${{ failure() }}
# Rollback the release in case of an failure
run: bash ./.github/scripts/release_rollback.sh release.properties netty/netty-tcnative main
stage-release-windows-x86_64:
runs-on: windows-2019
name: stage-release-windows-x86_64
needs: prepare-release
permissions:
contents: write
steps:
- name: Download release-workspace
uses: actions/download-artifact@v4
with:
name: prepare-release-workspace
path: prepare-release-workspace
- name: Setup git configuration
run: |
git config --global user.email "[email protected]"
git config --global user.name "Netty Project Bot"
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY_PEM }}
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8
distribution: zulu
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v2
- name: Configuring Developer Command Prompt
uses: ilammy/msvc-dev-cmd@v1
with:
arch: x86_amd64
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Install tools
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install ninja nasm
# Cache .m2/repository
- uses: actions/cache@v4
continue-on-error: true
with:
path: ~/.m2/repository
key: staging-release-cache-windows-m2-repository-${{ hashFiles('**/pom.xml') }}
restore-keys: |
staging-release-cache-windows-m2-repository-
- uses: s4u/[email protected]
with:
servers: |
[{
"id": "sonatype-nexus-staging",
"username": "${{ secrets.SONATYPE_USERNAME }}",
"password": "${{ secrets.SONATYPE_PASSWORD }}"
}]
- name: Stage release to local staging directory
working-directory: prepare-release-workspace
run: ./mvnw --file pom.xml -Pstage -am -pl boringssl-static clean javadoc:jar package gpg:sign org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=local-staging -DskipRemoteStaging=true -DskipTests=true -D'checkstyle.skip=true'
- name: Upload local staging directory
uses: actions/upload-artifact@v4
with:
name: windows-x86_64-local-staging
path: prepare-release-workspace/boringssl-static/local-staging
if-no-files-found: error
include-hidden-files: true
- name: Rollback release on failure
working-directory: prepare-release-workspace
if: ${{ failure() }}
# Rollback the release in case of an failure
run: ./.github/scripts/release_rollback.ps1 release.properties netty/netty-tcnative main
deploy-staged-release:
runs-on: ubuntu-latest
# Wait until we have staged everything
needs: [stage-release-linux, stage-release-windows-x86_64]
permissions:
contents: write
steps:
- name: Download release-workspace
uses: actions/download-artifact@v4
with:
name: prepare-release-workspace
path: ./prepare-release-workspace/
- name: Adjust mvnw permissions
run: chmod 755 ./prepare-release-workspace/mvnw
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8
distribution: zulu
- name: Setup git configuration
run: |
git config --global user.email "[email protected]"
git config --global user.name "Netty Project Bot"
- name: Install SSH key
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.SSH_PRIVATE_KEY_PEM }}
known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}
# Hardcode the staging artifacts that need to be downloaded.
# These must match the matrix setups. There is currently no way to pull this out of the config.
- name: Download windows-x86_64 staging directory
uses: actions/download-artifact@v4
with:
name: windows-x86_64-local-staging
path: ~/windows-x86_64-local-staging
- name: Download centos7-aarch64 staging directory
uses: actions/download-artifact@v4
with:
name: centos7-aarch64-local-staging
path: ~/centos7-aarch64-local-staging
- name: Download debian7-x86_64 staging directory
uses: actions/download-artifact@v4
with:
name: debian7-x86_64-local-staging
path: ~/debian7-x86_64-local-staging
- name: Download centos6-x86_64 staging directory
uses: actions/download-artifact@v4
with:
name: centos6-x86_64-local-staging
path: ~/centos6-x86_64-local-staging
# This step takes care of merging all the previous staged repositories in a way that will allow us to deploy
# all together with one maven command.
- name: Merge staging repositories
working-directory: ./prepare-release-workspace/
run: bash ./.github/scripts/merge_local_staging.sh /home/runner/local-staging/staging ~/windows-x86_64-local-staging/staging ~/centos7-aarch64-local-staging/staging ~/debian7-x86_64-local-staging/staging ~/centos6-x86_64-local-staging/staging
# Cache .m2/repository
- uses: actions/cache@v4
continue-on-error: true
with:
path: ~/.m2/repository
key: deploy-staged-release-cache-m2-repository-${{ hashFiles('**/pom.xml') }}
restore-keys: |
deploy-staged-release-cache-m2-repository-
- uses: s4u/[email protected]
with:
servers: |
[{
"id": "sonatype-nexus-staging",
"username": "${{ secrets.SONATYPE_USERNAME }}",
"password": "${{ secrets.SONATYPE_PASSWORD }}"
}]
- name: Deploy local staged artifacts
working-directory: ./prepare-release-workspace/
# If we don't want to close the repository we can add -DskipStagingRepositoryClose=true
run: ./mvnw -B --file pom.xml org.sonatype.plugins:nexus-staging-maven-plugin:deploy-staged -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=/home/runner/local-staging -DskipStagingRepositoryClose=true
- name: Rollback release on failure
working-directory: ./prepare-release-workspace/
if: ${{ failure() }}
# Rollback the release in case of an failure
run: bash ./.github/scripts/release_rollback.sh release.properties netty/netty-tcnative main