Add release script that reacts on tags like v2.0.0 (#336)

* Add release script that reacts on tags like v2.0.0 * Review: Use signing credentials from GitHub * Allow release to be triggered from actions tab for each branch
andregasser · Nov 29, 2023 · 8d8da41 · 8d8da41
1 parent 6d118be
commit 8d8da41
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 2 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,67 @@
+name: Release
+
+on:
+  push:
+    tags:
+      # Run on any pushed tag like v2.0.0
+      - 'v*.*.*'
+  workflow_dispatch:
+
+# Cancel any already running builds with that git reference
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  publish-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout project sources
+        uses: actions/checkout@v4
+
+      - name: Ensure that all required checks pass
+        uses: gradle/gradle-build-action@v2
+        with:
+          arguments: check
+
+      - name: Assemble the library for use in GitHub release
+        uses: gradle/gradle-build-action@v2
+        with:
+          arguments: assemble generatePomFileForBigbonePublication
+
+      - name: Publish the library
+        uses: gradle/gradle-build-action@v2
+        with:
+          arguments: publish
+        env:
+          SONATYPE_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }}
+          SONATYPE_PASSWORD: ${{ secrets.OSS_SONATYPE_PASSWORD }}
+          ORG_GRADLE_PROJECT_signingKeyId: ${{ secrets.SIGNING_KEY_ID }}
+          ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SIGNING_PRIVATE_KEY }}
+          ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SIGNING_PASSWORD }}
+
+      - name: ZIP files
+        id: zip-files
+        run: |
+          tagName=${{ github.ref_name }}
+          
+          # Format the current date like 20231105.180259
+          formattedDate=date +%Y%m%d.%H%M%S
+          archiveName=BigBone-$tagName-$formattedDate.zip
+          
+          # Get all JARs and POM files and zip them into an archive with archiveName
+          find bigbone/build/libs bigbone/build/publications -type f \( -name "*.jar" -o -name "*pom*.xml" \) -print | zip $archiveName -@
+          
+          # Save archive name for reuse in later action steps
+          echo "zipArchive=$archiveName" >> $GITHUB_OUTPUT
+
+      - name: Create a GitHub release
+        uses: softprops/action-gh-release@v1
+        with:
+          tag_name: ${{ github.ref_name }}
+          name: ${{ github.ref_name }}
+          prerelease: true
+          draft: true
+          fail_on_unmatched_files: true
+          files: ./${{ steps.zip-files.outputs.zipArchive }}
+          generate_release_notes: true
diff --git a/buildSrc/src/main/groovy/bigbone.library-conventions.gradle b/buildSrc/src/main/groovy/bigbone.library-conventions.gradle
@@ -19,8 +19,8 @@ publishing {
             def snapshotsRepoUrl = "https://s01.oss.sonatype.org/content/repositories/snapshots/"
             url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl
             credentials {
-                username = project.properties.containsKey("sonatypeUsername") ? sonatypeUsername : ""
-                password = project.properties.containsKey("sonatypePassword") ? sonatypePassword : ""
+                username = System.getenv("SONATYPE_USERNAME") ?: ""
+                password = System.getenv("SONATYPE_PASSWORD") ?: ""
             }
         }
 
@@ -56,6 +56,10 @@ publishing {
 }
 
 signing {
+    def signingKeyId = findProperty("signingKeyId")
+    def signingKey = findProperty("signingKey")
+    def signingPassword = findProperty("signingPassword")
+    useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
     sign publishing.publications.bigbone
 }