From a1e9fefc2c624a89eba4f66654e4d1f5bb0bd7f0 Mon Sep 17 00:00:00 2001 From: Diogo Matsubara Date: Mon, 18 Nov 2024 19:11:29 +0100 Subject: [PATCH] fix: inherit secret and add debug for workflows (#299) * fix: inherit secret for reusable workflow * fix: add optional debug input to publish workflows * fix: Pass GPG key id to gradle --- .github/workflows/ci.yml | 2 ++ .github/workflows/publish-android.yml | 14 ++++++++++++-- .github/workflows/publish-jvm.yml | 17 +++++++++++++++-- .github/workflows/release.yml | 6 ++++++ zenoh-kotlin/build.gradle.kts | 2 +- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6fa248ac..8eaa79b8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -85,6 +85,7 @@ jobs: with: snapshot: true branch: ${{ github.ref_name }} + secrets: inherit publish_android_snapshot_package: name: Publish Android snapshot package @@ -97,3 +98,4 @@ jobs: with: snapshot: true branch: ${{ github.ref_name }} + secrets: inherit diff --git a/.github/workflows/publish-android.yml b/.github/workflows/publish-android.yml index 4e7f8f45..02489e25 100644 --- a/.github/workflows/publish-android.yml +++ b/.github/workflows/publish-android.yml @@ -12,6 +12,10 @@ on: description: Target branch type: string required: false + debug: + description: If true, pass --debug flag to gradle + type: boolean + required: false workflow_dispatch: env: @@ -70,15 +74,21 @@ jobs: echo "PUB_MODE=-PSNAPSHOT" >> $GITHUB_ENV fi + - name: Set debug env var + run: | + if [[ "${{ inputs.debug }}" == "true" ]]; then + echo "DEBUG=--debug" >> $GITHUB_ENV + fi + - name: Gradle Publish Android Package to GitHub packages repository - run: ./gradlew publishAndroidReleasePublicationToGithubPackagesRepository -PremotePublication=true -Pandroid=true ${{ env.PUB_MODE }} + run: ./gradlew publishAndroidReleasePublicationToGithubPackagesRepository -PremotePublication=true -Pandroid=true ${{ env.PUB_MODE }} ${{ env.DEBUG }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ORG_GPG_PRIVATE_KEY: ${{ secrets.ORG_GPG_PRIVATE_KEY }} ORG_GPG_PASSPHRASE: ${{ secrets.ORG_GPG_PASSPHRASE }} - name: Gradle Publish Android Package to Maven Central repository - run: ./gradlew publishAndroidReleasePublicationToMavenCentralRepository -PremotePublication=true -Pandroid=true ${{ env.PUB_MODE }} + run: ./gradlew publishAndroidReleasePublicationToMavenCentralRepository -PremotePublication=true -Pandroid=true ${{ env.PUB_MODE }} ${{ env.DEBUG }} env: ORG_OSSRH_USERNAME: ${{ secrets.ORG_OSSRH_USERNAME }} ORG_OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }} diff --git a/.github/workflows/publish-jvm.yml b/.github/workflows/publish-jvm.yml index 68c833b3..53fe3f4d 100644 --- a/.github/workflows/publish-jvm.yml +++ b/.github/workflows/publish-jvm.yml @@ -12,6 +12,10 @@ on: description: Target branch type: string required: false + debug: + description: "Pass --debug to gradle" + type: boolean + required: false workflow_dispatch: env: @@ -175,17 +179,26 @@ jobs: echo "PUB_MODE=-PSNAPSHOT" >> $GITHUB_ENV fi + - name: Set debug env var + run: | + if [[ "${{ inputs.debug }}" == "true" ]]; then + echo "DEBUG=--debug" >> $GITHUB_ENV + fi + - name: Gradle Publish JVM Package to GitHub packages repository - run: ./gradlew publishJvmPublicationToGithubPackagesRepository -PremotePublication=true ${{ env.PUB_MODE }} + run: ./gradlew publishJvmPublicationToGithubPackagesRepository -PremotePublication=true ${{ env.PUB_MODE }} ${{ env.DEBUG }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + ORG_GPG_KEY_ID: ${{ secrets.ORG_GPG_KEY_ID }} ORG_GPG_PRIVATE_KEY: ${{ secrets.ORG_GPG_PRIVATE_KEY }} ORG_GPG_PASSPHRASE: ${{ secrets.ORG_GPG_PASSPHRASE }} + - name: Gradle Publish JVM Package to Maven Central repository - run: ./gradlew publishJvmPublicationToMavenCentralRepository -PremotePublication=true ${{ env.PUB_MODE }} + run: ./gradlew publishJvmPublicationToMavenCentralRepository -PremotePublication=true ${{ env.PUB_MODE }} ${{ env.DEBUG }} env: ORG_OSSRH_USERNAME: ${{ secrets.ORG_OSSRH_USERNAME }} ORG_OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }} + ORG_GPG_KEY_ID: ${{ secrets.ORG_GPG_KEY_ID }} ORG_GPG_PRIVATE_KEY: ${{ secrets.ORG_GPG_PRIVATE_KEY }} ORG_GPG_PASSPHRASE: ${{ secrets.ORG_GPG_PASSPHRASE }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bca02dc5..a4fb5f22 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,6 +34,10 @@ on: type: string description: Release branch required: false + debug: + type: boolean + description: Pass --debug flag to gradle + required: false jobs: tag: @@ -75,6 +79,7 @@ jobs: with: snapshot: ${{ !(inputs.live-run || false) }} branch: ${{ needs.tag.outputs.branch }} + debug: ${{ inputs.debug || false }} permissions: contents: read packages: write @@ -87,6 +92,7 @@ jobs: with: snapshot: ${{ !(inputs.live-run || false) }} branch: ${{ needs.tag.outputs.branch }} + debug: ${{ inputs.debug || false }} permissions: contents: read packages: write diff --git a/zenoh-kotlin/build.gradle.kts b/zenoh-kotlin/build.gradle.kts index 4b11620a..74828211 100644 --- a/zenoh-kotlin/build.gradle.kts +++ b/zenoh-kotlin/build.gradle.kts @@ -175,7 +175,7 @@ kotlin { signing { isRequired = isRemotePublication - useInMemoryPgpKeys(System.getenv("ORG_GPG_PRIVATE_KEY"), System.getenv("ORG_GPG_PASSPHRASE")) + useInMemoryPgpKeys(System.getenv("ORG_GPG_KEY_ID"), System.getenv("ORG_GPG_PRIVATE_KEY"), System.getenv("ORG_GPG_PASSPHRASE")) sign(publishing.publications) }