Fix deployment config [skip ci]

ascopes · Nov 23, 2023 · e85fa0d · e85fa0d
1 parent 124b55e
commit e85fa0d
Show file tree

Hide file tree

Showing 3 changed files with 123 additions and 110 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -20,31 +20,31 @@ jobs:
         java-version: [11, 21]
 
     steps:
-    - name: Checkout
-      uses: actions/checkout@v4
+      - name: Checkout
+        uses: actions/checkout@v4
 
-    - name: Set up JDK ${{ matrix.java-version }}
-      uses: actions/setup-java@v3
-      with:
-        java-version: ${{ matrix.java-version }}
-        distribution: 'temurin'
-        cache: maven
+      - name: Set up JDK ${{ matrix.java-version }}
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ matrix.java-version }}
+          distribution: 'temurin'
+          cache: maven
 
-    - name: Build with Maven
-      shell: bash
-      run: ./mvnw -B verify site
+      - name: Build with Maven
+        shell: bash
+        run: ./mvnw -B verify
 
-    - name: Publish to codecov
-      continue-on-error: true
-      if: matrix.os-name == 'ubuntu-latest' && always()
-      shell: bash
-      run: |-
-        curl --fail https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring \
-            --keyring trustedkeys.gpg --import
-        curl --fail -Os https://uploader.codecov.io/latest/linux/codecov
-        curl --fail -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
-        curl --fail -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig
-        gpgv codecov.SHA256SUM.sig codecov.SHA256SUM
-        shasum -a 256 -c codecov.SHA256SUM
-        chmod -v +x codecov
-        ./codecov -v
+      - name: Publish to codecov
+        continue-on-error: true
+        if: matrix.os-name == 'ubuntu-latest' && always()
+        shell: bash
+        run: |-
+          curl --fail https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring \
+              --keyring trustedkeys.gpg --import
+          curl --fail -Os https://uploader.codecov.io/latest/linux/codecov
+          curl --fail -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
+          curl --fail -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig
+          gpgv codecov.SHA256SUM.sig codecov.SHA256SUM
+          shasum -a 256 -c codecov.SHA256SUM
+          chmod -v +x codecov
+          ./codecov -v
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -1,4 +1,4 @@
-name: Deploy
+name: Release
 
 on:
   workflow_dispatch:
@@ -21,93 +21,105 @@ jobs:
     permissions:
       contents: write
       id-token: write
-      pages: write
 
     environment:
       name: maven-central
       url: https://repo1.maven.org/maven2/io/github/ascopes/protobuf-maven-plugin
 
     steps:
-    - name: Checkout
-      uses: actions/checkout@v4
-
-    - name: Set up JDK 11
-      uses: actions/setup-java@v3
-      with:
-        java-version: '11'
-        distribution: 'temurin'
-        server-id: ossrh
-        server-username: OSSRH_USERNAME
-        server-password: OSSRH_TOKEN
-        gpg-passphrase: GPG_PASSPHRASE
-        gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
-
-    - name: Determine release version details
-      run: |-
-        group_id="$(./mvnw help:evaluate -q -DforceStdout -Dexpression="project.groupId")"
-        echo "group_id=${group_id}" >> "${GITHUB_ENV}"
-
-        artifact_id="$(./mvnw help:evaluate -q -DforceStdout -Dexpression="project.artifactId")"
-        echo "artifact_id=${artifact_id}" >> "${GITHUB_ENV}"
-
-        if [[ '${{ inputs.version }}' == "" ]]; then
-          echo "No explicit version provided, calculating next non-snapshot build from POM"
-          release_version="$(./mvnw -B help:evaluate -Dexpression=project.version -q -DforceStdout | sed 's/-SNAPSHOT//g')"
-        else
-          release_version='${{ inputs.version }}'
-          ./mvnw -B -e versions:set -DnewVersion="${{ inputs.version }}"
-        fi
-        echo "release_version=${release_version}" >> "${GITHUB_ENV}"
-
-    - name: Configure Git
-      run: |-
-        git config user.name '${{ github.actor }}'
-        git config user.email '${{ github.actor }}@users.noreply.github.com'
-
-    - name: Perform release to staging
-      run: |-
-        ./mvnw -B -e \
-            -DdryRun='${{ inputs.dry-run }}' \
-            -Dpassword='${{ secrets.GITHUB_TOKEN }}' \
-            -DreleaseVersion="${release_version}" \
-            -DsignTag=false \
-            -Dtag="v${release_version}" \
-            clean verify site release:prepare release:perform
-      env:
-        OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-        OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
-        GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-
-    - name: Promote staging release
-      if: ${{ ! inputs.dry-run }}
-      run: |-
-        ./scripts/close-nexus-repository.sh \
-            -u "${OSSRH_USERNAME}" \
-            -p "${OSSRH_TOKEN}" \
-            -g "${group_id}" \
-            -a "${artifact_id}" \
-            -v "${release_version}" \
-            -s "https://s01.oss.sonatype.org/"
-      env:
-        OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-        OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
-
-    - name: Upload site
-      uses: actions/upload-pages-artifact@v2
-      with:
-        path: target/site
-
-    - name: Deploy site
-      if: ${{ ! inputs.dry-run }}
-      id: site
-      uses: actions/deploy-pages@v2
-
-    - name: Create GitHub Release
-      if: ${{ ! inputs.dry-run }}
-      uses: ncipollo/release-action@v1
-      with:
-        tag: v${{ env.release_version }}
-        name: v${{ env.release_version }}
-        generateReleaseNotes: true
-        token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: '11'
+          distribution: 'temurin'
+          server-id: ossrh
+          server-username: OSSRH_USERNAME
+          server-password: OSSRH_TOKEN
+          gpg-passphrase: GPG_PASSPHRASE
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+
+      - name: Determine release version details
+        run: |-
+          group_id="$(./mvnw help:evaluate -q -DforceStdout -Dexpression="project.groupId")"
+          echo "group_id=${group_id}" >> "${GITHUB_ENV}"
+
+          artifact_id="$(./mvnw help:evaluate -q -DforceStdout -Dexpression="project.artifactId")"
+          echo "artifact_id=${artifact_id}" >> "${GITHUB_ENV}"
+
+          if [[ '${{ inputs.version }}' == "" ]]; then
+            echo "No explicit version provided, calculating next non-snapshot build from POM"
+            release_version="$(./mvnw -B help:evaluate -Dexpression=project.version -q -DforceStdout | sed 's/-SNAPSHOT//g')"
+          else
+            release_version='${{ inputs.version }}'
+          fi
+          echo "release_version=${release_version}" >> "${GITHUB_ENV}"
+
+      - name: Configure Git
+        run: |-
+          git config user.name '${{ github.actor }}'
+          git config user.email '${{ github.actor }}@users.noreply.github.com'
+
+      - name: Create staging release
+        run: |-
+          ./mvnw -B -e \
+              -DdryRun='${{ inputs.dry-run }}' \
+              -Dpassword='${{ secrets.GITHUB_TOKEN }}' \
+              -DreleaseVersion="${release_version}" \
+              -DsignTag=false \
+              -Dtag="v${release_version}" \
+              release:prepare release:perform
+        env:
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+
+      - name: Promote staging release
+        if: ${{ ! inputs.dry-run }}
+        run: |-
+          ./scripts/close-nexus-repository.sh \
+              -u "${OSSRH_USERNAME}" \
+              -p "${OSSRH_TOKEN}" \
+              -g "${group_id}" \
+              -a "${artifact_id}" \
+              -v "${release_version}" \
+              -s "https://s01.oss.sonatype.org/"
+        env:
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+
+      - name: Upload site
+        uses: actions/upload-pages-artifact@v2
+        with:
+          path: target/site
+
+      - name: Create GitHub Release
+        if: ${{ ! inputs.dry-run }}
+        uses: ncipollo/release-action@v1
+        with:
+          tag: v${{ env.release_version }}
+          name: v${{ env.release_version }}
+          generateReleaseNotes: true
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+  gh-pages:
+    name: Deploy GitHub Pages
+    runs-on: ubuntu-latest
+
+    needs:
+      - deploy
 
+    permissions:
+      id-token: write
+      pages: write
+
+    environment:
+      name: github-pages
+      url: https://ascopes.github.io/protobuf-maven-plugin
+
+    steps:
+      - name: Deploy site
+        if: ${{ ! inputs.dry-run }}
+        uses: actions/deploy-pages@v2
diff --git a/pom.xml b/pom.xml
@@ -436,7 +436,8 @@
         <configuration>
           <!-- Overridden so we do not run site-deploy, as we manage
               this through GitHub actions instead. -->
-          <goals>deploy</goals>
+          <preparationGoals>clean verify</preparationGoals>
+          <goals>deploy site</goals>
           <releaseProfiles>gpg</releaseProfiles>
         </configuration>
       </plugin>