Deploy release #118

Workflow file for this run

.github/workflows/release-deploy.yml at 0a01528

	name: "Deploy release"

	permissions:
	contents: write
	pull-requests: write

	on:
	workflow_dispatch:

	concurrency:
	group: release-deploy-{{ github.head_ref \|\| github.run_id }}
	cancel-in-progress: true

	jobs:
	next-version:
	name: Get Release version
	if: ${{ github.ref == 'refs/heads/main' }}
	uses: semantic-release-action/next-release-version/.github/workflows/next-release-version.yml@v4

	release-perform:
	name: Deploy release
	runs-on: ubuntu-latest
	if: ${{ needs.branch-exists.outputs.exists != 'true' && needs.next-version.outputs.new-release-version != '' }}
	needs:
	- next-version
	env:
	RELEASE_VERSION: ${{ needs.next-version.outputs.new-release-version }}

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Create git user and release branch
	shell: bash
	run: \|
	git config user.name ${{ github.actor }}
	git config user.email ${{ github.actor }}@users.noreply.github.com
	git branch release/v${{ env.RELEASE_VERSION }}
	git checkout release/v${{ env.RELEASE_VERSION }}

	- name: Setup JDK
	uses: actions/setup-java@v3
	with:
	java-version: 17
	distribution: temurin
	cache: maven
	server-id: ossrh
	server-username: MAVEN_USERNAME
	server-password: MAVEN_PASSWORD
	gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
	gpg-passphrase: GPG_PASSPHRASE

	- name: Prepare Maven and GPG
	run: \|
	cat > ~/.m2/settings-security.xml << EOF
	<settingsSecurity>
	<master>${{ secrets.MASTER_MAVEN_PASSWORD }}</master>
	</settingsSecurity>
	EOF
	echo ${{ secrets.GPG_TRUSTVALUES }} > ~/.gnupg/trust-values.txt
	gpg --import-ownertrust ~/.gnupg/trust-values.txt

	- name: Perform Maven release
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
	MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
	GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
	GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
	run: \|
	arice_version=$(mvn help:evaluate -pl pl.com.labaj.autorecord:arice-project -Dexpression=project.version -q -DforceStdout \| grep -v '\[.*\]' \| awk '{$1=$1};1')
	arice_version=${arice_version%-SNAPSHOT}
	echo ARICE version: $arice_version
	mvn -B -U -ntp versions:set -DnewVersion=$RELEASE_VERSION-SNAPSHOT
	echo versions set
	git diff --exit-code \|\| git commit -a -m "[ci skip] preset version $RELEASE_VERSION-SNAPSHOT" \|\| echo versions committed
	mvn -B -U -ntp release:prepare -P release -Darguments=-Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}
	echo release prepared
	commit_hash=$(git rev-list -n 1 v$RELEASE_VERSION)
	git tag v-arice$arice_version $commit_hash
	git push origin v-arice$arice_version
	echo ARICE version tagged
	mvn -B -U -ntp release:perform -P release

	- name: Create and merge pull request
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	pr_url=$(gh pr create --title "PR from release/v${{ env.RELEASE_VERSION }} to main" --body "PR from release/v${{ env.RELEASE_VERSION }} to main" --label ignore-for-release-notes --base main --head release/v${{ env.RELEASE_VERSION }})
	number=${pr_url##*/}
	echo PR number: $number
	gh pr merge $number --admin --delete-branch --rebase

	- name: Move the tag to main branch
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	git tag -d v${{ env.RELEASE_VERSION }}
	git push origin :refs/tags/v${{ env.RELEASE_VERSION }}
	hash=$(git log origin/main --grep="prepare release v${{ env.RELEASE_VERSION }}" \| grep -oE '[a-f0-9]{40}')
	echo commit hash: $hash
	git tag v${{ env.RELEASE_VERSION }} $hash
	git push origin v${{ env.RELEASE_VERSION }}

	- name: Create GH release
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	gh release create v${{ env.RELEASE_VERSION }} --generate-notes --verify-tag

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy release #118

Workflow file

Deploy release #118

Jobs

Run details

Workflow file for this run