Skip to content

Maven: Release

Maven: Release #43

Workflow file for this run

# This is a release workflow that leverages the maven release plugin specified in
# the pom.xml to perform a release and create a tag of that release version.
---
name: "Maven: Release"
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
release_type:
description: "Choose the release type"
required: true
default: "release"
type: choice
options:
- release
- milestone
- patch
release_suffix:
description: "Add a suffix to the release version (-M1)"
required: false
default: ""
env:
JAVA_VERSION: "11"
JAVA_DISTRIBUTION: "corretto"
MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Djava.awt.headless=true"
jobs:
verify:
runs-on: ubuntu-latest
steps:
- name: Check release is using correct branch
if: ${{ github.event.inputs.release_type == 'release' && github.ref_name != 'main' }}
run: |
echo "Release is not using the correct branch, please target 'main'"
exit 1
- name: Check milestone release type is using correct branch
if: ${{ github.event.inputs.release_type == 'milestone' && github.ref_name != 'main' }}
run: |
echo "Milestone release is not using the correct branch, please target 'main'"
exit 1
- name: Check milestone has release suffix
if: ${{ github.event.inputs.release_type == 'milestone' && github.event.inputs.release_suffix == '' }}
run: |
echo "Milestone release is missing a release suffix, i.e. -M1"
exit 1
- name: Check suffix is not specified for a release or patch
if: ${{ github.event.inputs.release_type != 'milestone' && github.event.inputs.release_suffix != '' }}
run: |
echo "Suffix should only be specified for milestone releases"
exit 1
- name: Check patch release type is using correct branch
if: ${{ github.event.inputs.release_type == 'patch' && !startsWith(github.ref_name, 'patch/') }}
run: |
echo "Patch release is not using the correct branch, please target a branch that starts with 'patch/'"
exit 1
get_version:
needs: verify
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Get the version
run: echo "RELEASE_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout | grep -v '\[.*' | awk -F- '{print ""$1"${{ github.event.inputs.release_suffix }}"}')" >> "$GITHUB_ENV"
outputs:
RELEASE_VERSION: ${{ env.RELEASE_VERSION }}
release:
needs: get_version
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- name: Add RELEASE_VERSION to environment variable
run: echo "RELEASE_VERSION=${{ needs.get_version.outputs.RELEASE_VERSION }}" >> "$GITHUB_ENV"
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up JDK ${{ env.JAVA_VERSION }}
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
cache: "maven"
distribution: ${{ env.JAVA_DISTRIBUTION }}
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
- name: Configure Git user
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
- name: Branch that release
run: git switch -c release/${{ env.RELEASE_VERSION }}
- name: Dry run a release with maven
run: |
mvn -B -V -e -ntp release:prepare -DdryRun -DreleaseVersion=${{ env.RELEASE_VERSION }}
mvn -B -V -e -ntp release:clean
- name: Release that version
run: |
mvn -V -B -e versions:set -DnewVersion=${{ env.RELEASE_VERSION }} -DprocessAllModules -DgenerateBackupPoms=false
mvn -V -B -e versions:set-scm-tag -DnewTag=${{ env.RELEASE_VERSION }} -DgenerateBackupPoms=false
mvn -V -B -e sortpom:sort
git commit -am "[github-actions](${{ github.actor }}) release ${{ env.RELEASE_VERSION }}"
git tag -a ${{ env.RELEASE_VERSION }} -m "${{ env.RELEASE_VERSION }}"
git push origin release/${{ env.RELEASE_VERSION }}
git push origin ${{ env.RELEASE_VERSION }}
- name: Build release artifacts
run: mvn -B -V -e -ntp "-Dstyle.color=always" package
- name: Create Release
id: create_release
uses: actions/create-release@v1
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.RELEASE_VERSION }}
release_name: ${{ env.RELEASE_VERSION }}
draft: false
prerelease: false
- name: Publish to GitHub Packages Apache Maven
run: mvn deploy -Pgithub-publish -DskipTests
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish site to GitHub Pages
run: mvn site site:stage scm-publish:publish-scm -Pcoverage,pmd -DskipTests
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Delete branch
continue-on-error: true
if: ${{ github.event.inputs.release_type == 'patch' && startsWith(github.ref_name, 'patch/') }}
run: git push origin :${{ github.ref_name }}
snapshot-bump:
if: ${{ github.event.inputs.release_type == 'release' && github.ref_name == 'main' }}
needs: release
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DISTRIBUTION }}
cache: "maven"
- name: Configure Git user
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
- name: Get the version and set the name of the branch
run: |
NEXT_DEV_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout | grep -v '\[.*' | awk -F. '{print ""$1"."$2+1"."$3""}')
echo "NEXT_DEV_VERSION=${NEXT_DEV_VERSION}" >> "$GITHUB_ENV"
echo "PR_BRANCH=action/${NEXT_DEV_VERSION}" >> "$GITHUB_ENV"
- name: Create a branch
run: git switch -c ${{ env.PR_BRANCH }}
- name: Set the next snapshot version
run: |
mvn -B -V -e -ntp versions:set -DnewVersion=${{ env.NEXT_DEV_VERSION }} -DgenerateBackupPoms=false
mvn -B -V -e -ntp versions:commit
git add .
git commit -m "[github-actions](${{ github.actor }}) next development iteration ${{ env.NEXT_DEV_VERSION }}"
git push -u origin ${{ env.PR_BRANCH }}
- name: Create pull request
run: gh pr create -B main -H ${{ env.PR_BRANCH }} --title 'next development iteration ${{ env.NEXT_DEV_VERSION }}' --body 'Created by GitHub Action'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
slack-notify-start:
if: ${{ github.repository == 'NationalSecurityAgency/emissary' }}
needs: get_version
runs-on: ubuntu-latest
steps:
- name: Add RELEASE_VERSION to environment variable
run: echo "RELEASE_VERSION=${{ needs.get_version.outputs.RELEASE_VERSION }}" >> "$GITHUB_ENV"
- name: Publish to slack channel via bot token
id: slack
uses: slackapi/slack-github-action@v1.25.0
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
payload: |
{
"unfurl_links": false,
"unfurl_media": false,
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "emissary-release -- Release of version: ${{ env.RELEASE_VERSION }} Started by: ${{ github.actor }}"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
slack-notify-complete:
if: ${{ github.repository == 'NationalSecurityAgency/emissary' }}
needs: [get_version, release]
runs-on: ubuntu-latest
steps:
- name: Add RELEASE_VERSION to environment variable
run: echo "RELEASE_VERSION=${{ needs.get_version.outputs.RELEASE_VERSION }}" >> "$GITHUB_ENV"
- name: Publish to slack channel via bot token
id: slack
uses: slackapi/slack-github-action@v1.25.0
with:
channel-id: ${{ secrets.SLACK_CHANNEL_ID }}
payload: |
{
"unfurl_links": false,
"unfurl_media": false,
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "emissary-release -- Release of version: ${{ env.RELEASE_VERSION }} complete.\nRelease Page: <https://github.com/NationalSecurityAgency/emissary/releases/tag/${{ env.RELEASE_VERSION }}>"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}