Skip to content

Publish Artefacts

Publish Artefacts #403

Workflow file for this run

#################################################################################
# Copyright (c) 2023 ZF Friedrichshafen AG
# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH
# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
# Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
#################################################################################
---
name: "Publish Artefacts"
on:
workflow_run:
workflows: [ "Run-All-Tests" ]
branches:
- main
- releases
- release/*
- hotfix/*
types:
- completed
release:
types:
- published
workflow_dispatch:
concurrency:
# cancel only running jobs on pull requests
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
secret-presence:
runs-on: ubuntu-latest
outputs:
DOCKER_HUB_TOKEN: ${{ steps.secret-presence.outputs.DOCKER_HUB_TOKEN }}
HAS_OSSRH: ${{ steps.secret-presence.outputs.HAS_OSSRH }}
HAS_SWAGGER: ${{ steps.secret-presence.outputs.HAS_SWAGGER }}
steps:
- name: Check whether secrets exist
id: secret-presence
run: |
[ ! -z "${{ secrets.DOCKER_HUB_TOKEN }}" ] && echo "DOCKER_HUB_TOKEN=true" >> $GITHUB_OUTPUT
[ ! -z "${{ secrets.ORG_GPG_PASSPHRASE }}" ] &&
[ ! -z "${{ secrets.ORG_GPG_PRIVATE_KEY }}" ] &&
[ ! -z "${{ secrets.ORG_OSSRH_USERNAME }}" ] &&
[ ! -z "${{ secrets.ORG_OSSRH_PASSWORD }}" ] && echo "HAS_OSSRH=true" >> $GITHUB_OUTPUT
[ ! -z "${{ secrets.SWAGGERHUB_API_KEY }}" ] &&
[ ! -z "${{ secrets.SWAGGERHUB_USER }}" ] && echo "HAS_SWAGGER=true" >> $GITHUB_OUTPUT
exit 0
build-docker-images:
name: "Create Docker Images"
runs-on: ubuntu-latest
needs: [ secret-presence ]
if: |
needs.secret-presence.outputs.DOCKER_HUB_TOKEN
strategy:
fail-fast: false
matrix:
variant: [ { dir: edc-controlplane, img: edc-runtime-memory },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-hashicorp-vault } ]
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/publish-docker-image
name: Publish ${{ matrix.variant.img }}
with:
docker_tag: ${{ needs.release-version.outputs.RELEASE_VERSION }}
rootDir: ${{ matrix.variant.dir }}/${{ matrix.variant.img }}
imagename: ${{ matrix.variant.img }}
docker_user: ${{ secrets.DOCKER_HUB_USER }}
docker_token: ${{ secrets.DOCKER_HUB_TOKEN }}
do_push: ${{ github.event_name != 'pull_request' }}
publish-to-sonatype:
name: "Publish artefacts to OSSRH Snapshots / MavenCentral"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
needs: [ secret-presence ]
# do not run on PR branches, do not run on releases
if: |
needs.secret-presence.outputs.HAS_OSSRH && github.event_name != 'pull_request' && github.ref != 'refs/heads/releases'
steps:
# Set-Up
- uses: actions/checkout@v4
# Import GPG Key
- uses: ./.github/actions/import-gpg-key
name: "Import GPG Key"
with:
gpg-private-key: ${{ secrets.ORG_GPG_PRIVATE_KEY }}
- uses: ./.github/actions/setup-java
# publish snapshots or releases
- name: Publish version
env:
OSSRH_PASSWORD: ${{ secrets.ORG_OSSRH_PASSWORD }}
OSSRH_USER: ${{ secrets.ORG_OSSRH_USERNAME }}
run: |-
VERSION=$(./gradlew properties -q | grep "version:" | awk '{print $2}')
cmd=""
if [[ $VERSION != *-SNAPSHOT ]]
then
cmd="closeAndReleaseSonatypeStagingRepository";
fi
echo "Publishing Version $VERSION to Sonatype"
./gradlew publishToSonatype ${cmd} --no-parallel -Pversion=$VERSION -Psigning.gnupg.executable=gpg -Psigning.gnupg.passphrase="${{ secrets.ORG_GPG_PASSPHRASE }}"
publish-to-swaggerhub:
name: "Publish OpenAPI spec to Swaggerhub"
permissions:
contents: read
needs: [ secret-presence ]
if: needs.secret-presence.outputs.HAS_SWAGGER
uses: ./.github/workflows/publish-swaggerhub.yaml
secrets: inherit