Release #95

Summary
Jobs
- release
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/release.yaml at 54a94b4

	name: Release
	on:
	workflow_dispatch:
	inputs:
	releaseVersion:
	description: "Default version to use when preparing a release."
	required: true
	default: "X.Y.Z"
	developmentVersion:
	description: "Default version to use for new local working copy."
	required: true
	default: "X.Y.Z-SNAPSHOT"
	jobs:
	release:
	runs-on: ubuntu-latest
	environment: prod

	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Set up JDK 17
	uses: actions/setup-java@v3
	with:
	java-version: 17
	distribution: 'temurin'
	cache: 'maven'
	- name: Pre-Release Check - Version
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	gh api --method GET /repos/${{github.repository}}/releases -f sort=updated -f direction=asc > releases.json
	release_version_exists=$(jq -r --arg RELEASE_VERSION v${{ github.event.inputs.releaseVersion }} '.[].name\|select(.\|test($RELEASE_VERSION))' releases.json)
	if [[ ! -z "$release_version_exists" ]]; then
	echo "Version ${{ github.event.inputs.releaseVersion }} has been previously released. Please change release version."
	exit 1
	else
	echo "New version: ${{ github.event.inputs.releaseVersion }} going to be released!"
	fi
	- name: Set up Python 3.8
	uses: actions/setup-python@v4
	with:
	python-version: 3.8
	cache: 'pip'
	- name: Pre-Release Check - Whitesource vulnurabilities
	env:
	WS_APIKEY: ${{ secrets.WHITESOURCE_API_KEY }}
	WS_PROJECTTOKEN: ${{ secrets.WHITESOURCE_PROJECT_TOKEN }}
	AWS_ACCESS_KEY_ID: ${{ secrets.EMA_AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.EMA_AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: ${{ secrets.EMA_AWS_DEFAULT_REGION }}
	run: \|
	pip install --quiet --upgrade pip
	export VIRTUAL_ENV=./venv
	python3.8 -m venv $VIRTUAL_ENV && source $VIRTUAL_ENV/bin/activate
	cd ./.github/workflows/release_scripts/ && pip install --quiet -r requirements.txt && python3.8 whitesource_vulnurability_checker.py
	- name: Pre-Release Check - SonarQube Hotspots
	env:
	SONARQUBE_HOTSPOTS_API_URL: ${{ secrets.SONARQUBE_HOTSPOTS_API_URL }}
	SONARQUBE_QUERY_TOKEN: ${{ secrets.SONARQUBE_QUERY_TOKEN }}
	run: \|
	export VIRTUAL_ENV=./venv
	python3.8 -m venv $VIRTUAL_ENV && source $VIRTUAL_ENV/bin/activate
	cd ./.github/workflows/release_scripts/ && python3.8 sonarqube_vulnurability_checker.py
	- name: Pre-Release Check - Prisma vulnurabilities
	env:
	PRISMA_ROOT_API_URL: ${{ secrets.PRISMA_ROOT_API_URL }}
	DOCKER_IMAGE_TO_CHECK: ${{ secrets.PRISMA_DOCKER_IMAGE_TO_CHECK }}
	PRISMA_ACCESS_KEY: ${{ secrets.PRISMA_ACCESS_KEY }}
	PRISMA_ACCESS_KEY_SECRET: ${{ secrets.PRISMA_ACCESS_KEY_SECRET }}
	AWS_ACCESS_KEY_ID: ${{ secrets.EMA_AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.EMA_AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: ${{ secrets.EMA_AWS_DEFAULT_REGION }}
	run: \|
	export VIRTUAL_ENV=./venv
	python3.8 -m venv $VIRTUAL_ENV && source $VIRTUAL_ENV/bin/activate
	cd ./.github/workflows/release_scripts/ && python3.8 prisma_vulnurability_checker.py
	- name: Prepare Maven Settings
	env:
	MAVEN_REPO_SERVER_USERNAME: "${{ github.actor }}"
	MAVEN_REPO_SERVER_PASSWORD: "${{ secrets.GITHUB_TOKEN }}"
	MAVEN_REPO_SERVER_PRIVATE_KEY: "~/.ssh/id_rsa"
	SSH_PRIVATE_KEY: "${{ secrets.COMMIT_KEY }}"
	run: cd .github/workflows/release_scripts && ./setup-ssh.sh
	- name: Set Release Configs
	run: \|
	export SKIP_FLAGS_NON_UNIT_TESTS="-Dcheckstyle.skip -Dpmd.skip -Dcpd.skip -Dfindbugs.skip -Dspotbugs.skip"
	echo "SKIP_FLAGS_NON_UNIT_TESTS=$SKIP_FLAGS_NON_UNIT_TESTS" >> $GITHUB_ENV
	echo "SKIP_FLAGS_ALL_TESTS=$SKIP_FLAGS_NON_UNIT_TESTS -Dmaven.test.skip=true" >> $GITHUB_ENV

	- name: Maven Release
	run: mvn release:prepare release:perform -B --file service/pom.xml -DreleaseVersion=${{ github.event.inputs.releaseVersion }} -DdevelopmentVersion=${{ github.event.inputs.developmentVersion }}
	- name: Changelog
	uses: Bullrich/generate-release-changelog@master
	id: Changelog
	env:
	REPO: ${{ github.repository }}
	- name: Create GitHub Release
	uses: ncipollo/release-action@v1
	with:
	tag: "v${{ github.event.inputs.releaseVersion }}"
	artifacts: "*/application/target/.jar"
	generateReleaseNotes: true
	makeLatest: true
	body: ${{ steps.Changelog.outputs.changelog }}
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-access-key-id: ${{ secrets.EMA_AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.EMA_AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.EMA_AWS_DEFAULT_REGION }}
	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/[email protected]
	- name: ECR Docker Image Release
	run: \|
	MANIFEST=$(aws ecr batch-get-image --repository-name ${{ github.event.repository.name }} \
	--image-ids imageTag=main --region ${{ secrets.EMA_AWS_DEFAULT_REGION }} --output json \
	\| jq --raw-output '.images[].imageManifest')

	aws ecr put-image --repository-name ${{ github.event.repository.name }} \
	--image-tag ${{ github.event.inputs.releaseVersion }} \
	--image-manifest "$MANIFEST" --region ${{ secrets.EMA_AWS_DEFAULT_REGION }}
	- name: Update Release Manifest DB
	run: \|
	export squad="event-portal"
	export repository="event-management-agent"
	export release_tag=production
	export version=${{ github.event.inputs.releaseVersion }}
	export release_version=${{ github.event.inputs.releaseVersion }}
	export image_tag=${{ github.event.inputs.releaseVersion }}
	export chart_version="n/a"
	export sha=${{ github.sha }}
	./.github/workflows/release_scripts/update_release_manifest.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release #95

Workflow file

Release #95

Jobs

Run details

Workflow file for this run