Release #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
workflow_dispatch: | |
inputs: | |
releaseVersion: | |
description: "Default version to use when preparing a release." | |
required: true | |
default: "X.Y.Z" | |
developmentVersion: | |
description: "Default version to use for new local working copy." | |
required: true | |
default: "X.Y.Z-SNAPSHOT" | |
jobs: | |
release-maven: | |
runs-on: 'ubuntu-latest' | |
steps: | |
- name: Print github context | |
env: | |
GITHUB_CONTEXT: ${{ toJSON(github) }} | |
run: echo "$GITHUB_CONTEXT" | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: recursive | |
- name: Set up Java for publishing to Maven Central Repository OSS | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '8' | |
distribution: 'temurin' | |
server-id: ossrh | |
server-username: MAVEN_USERNAME | |
server-password: MAVEN_PASSWORD | |
- name: Cache Maven packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-m2-repository-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2-repository | |
- name: Install gpg secret key | |
env: | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
if: ${{ env.GPG_PRIVATE_KEY!=''}} | |
run: | | |
cat <(echo -e "${{ secrets.GPG_PRIVATE_KEY }}") | gpg --batch --import | |
gpg --list-secret-keys --keyid-format LONG | |
git config --global user.signingkey B02611B009E5302EB58D102D6C2EDF3C90D33841 | |
- name: Configure Git User | |
run: | | |
git config --global user.name "Open Identity Platform Community" | |
git config --global user.email "[email protected]" | |
- name: Release and publish to the Maven Central Repository | |
env: | |
GITHUB_ACTOR: ${{ github.actor }} | |
GITHUB_TOKEN: ${{ github.token }} | |
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} | |
MAVEN_OPTS: -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120 -Dmaven.wagon.http.retryHandler.requestSentEnabled=true -Dmaven.wagon.http.retryHandler.count=10 | |
if: ${{ env.MAVEN_USERNAME!='' && env.MAVEN_PASSWORD!='' }} | |
run: mvn --batch-mode -Darguments="-Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}" -DsignTag=true -DtagNameFormat="${{ github.event.inputs.releaseVersion }}" -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }} release:prepare release:perform --file pom.xml | |
- name: Release on GitHub | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: ${{ github.event.inputs.releaseVersion }} | |
tag_name: ${{ github.event.inputs.releaseVersion }} | |
draft: false | |
prerelease: false | |
fail_on_unmatched_files: false | |
generate_release_notes: true | |
files: | | |
openidm-zip/target/*.zip | |
release-docker: | |
name: Docker release | |
runs-on: 'ubuntu-latest' | |
needs: | |
- release-maven | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.inputs.releaseVersion }} | |
fetch-depth: 1 | |
submodules: recursive | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ github.repository }} | |
ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} | |
tags: | | |
type=raw,value=latest | |
type=raw,value=${{ github.event.inputs.releaseVersion }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push image | |
uses: docker/build-push-action@v5 | |
continue-on-error: true | |
with: | |
context: . | |
file: ./Dockerfile | |
build-args: | | |
VERSION=${{ github.event.inputs.releaseVersion }} | |
platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le , linux/s390x | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
release-docker-alpine: | |
name: Docker release | |
runs-on: 'ubuntu-latest' | |
needs: | |
- release-maven | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.inputs.releaseVersion }} | |
fetch-depth: 1 | |
submodules: recursive | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ github.repository }} | |
ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} | |
tags: | | |
type=raw,value=alpine | |
type=raw,value=${{ github.event.inputs.releaseVersion }}-alpine | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push image | |
continue-on-error: true | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./Dockerfile-alpine | |
build-args: | | |
VERSION=${{ github.event.inputs.releaseVersion }} | |
platforms: linux/amd64, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le ,linux/arm64/8 | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |