-
Notifications
You must be signed in to change notification settings - Fork 30
125 lines (100 loc) · 4.36 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Release
on:
workflow_dispatch:
inputs:
dryRun:
type: boolean
description: "Dry-Run"
default: false
concurrency:
# only run one publishing at a time to avoid conflicts
group: publish-${{ github.ref }}
env:
# renovate: datasource=npm depName=@semantic-release/changelog
SEMANTIC_RELEASE_CHANGELOG_VERSION: 6.0.3
# renovate: datasource=npm depName=@semantic-release/exec
SEMANTIC_RELEASE_EXEC_VERSION: 6.0.3
# renovate: datasource=npm depName=@semantic-release/git
SEMANTIC_RELEASE_GIT_VERSION: 10.0.1
# renovate: datasource=npm depName=conventional-changelog-conventionalcommits
CONVENTIONAL_CHANGELOG_CONVENTIONALCOMMITS_VERSION: 8.0.0
jobs:
release:
# Only on main repository (don't release on forks)
if: github.repository_owner == 'stempler'
runs-on: ubuntu-latest
outputs:
release-published: ${{ steps.release.outputs.new_release_published }}
release-version: ${{ steps.release.outputs.new_release_version }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# fetch-depth 0 is required to fetch all tags (and to determine the version based on tags)
fetch-depth: 0
# do not persist credentials because this clashes with semantic-release action
# (because the @semantic-release/git attempts to use them but needs permissions to bypass protection)
persist-credentials: false
- uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
distribution: temurin
java-version: 17
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
- name: Setup NodeJs
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 20
- name: Test with Gradle
run: ./gradlew clean check
# https://github.com/marketplace/actions/junit-report-action
- name: Publish Test Report
uses: mikepenz/action-junit-report@992d97d6eb2e5f3de985fbf9df6a04386874114d # v5.1.0
if: always() # always run even if the previous step fails
with:
report_paths: 'build/test-results/**/*.xml'
require_tests: true # currently no tests present
annotate_only: true
detailed_summary: true
fail_on_failure: true
- name: Determine app token for release
# Permissions needed
# contents: write
# issues: write
# pull-requests: write
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: app-token
with:
app-id: ${{ secrets.RELEASE_GITHUB_APP_ID }}
private-key: "${{ secrets.RELEASE_GITHUB_PRIVATE_KEY }}"
- name: Release
id: release
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # v4.1.1
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
RUNNER_DEBUG: 1
# attempt for more verbose logging
# see https://github.com/semantic-release/semantic-release/blob/master/docs/usage/configuration.md#debug
DEBUG: "semantic-release:*"
# For Gradle execution
# CI marker
CI: 'true'
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
# in-memory key
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYE_PGP_PASSWORD }}
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYE_PGP_PRIVATE_KEY }}
GRADLE_PUBLISH_KEY: ${{ secrets.GRADLE_PUBLISH_KEY }}
GRADLE_PUBLISH_SECRET: ${{ secrets.GRADLE_PUBLISH_SECRET }}
with:
dry_run: ${{ inputs.dryRun }}
semantic_version: 24.2.0
extra_plugins:
"@semantic-release/changelog@\
${{ env.SEMANTIC_RELEASE_CHANGELOG_VERSION }} \
@semantic-release/exec@\
${{ env.SEMANTIC_RELEASE_EXEC_VERSION }} \
@semantic-release/git@\
${{ env.SEMANTIC_RELEASE_GIT_VERSION }} \
conventional-changelog-conventionalcommits@\
${{ env.CONVENTIONAL_CHANGELOG_CONVENTIONALCOMMITS_VERSION }} \
"