Skip to content

Release

Release #104

Workflow file for this run

name: Release
on:
release:
types: [ published ]
workflow_dispatch:
inputs:
versionTag:
type: string
description: Version tag to use for the Docker image and Maven JAR
required: true
tagAsLatest:
type: boolean
description: Tag the Docker image as latest
required: true
default: false
publishToMaven:
type: boolean
description: Publish the JAR to Maven Central
required: true
default: false
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: 11
distribution: 'temurin'
- name: Add Homebrew to PATH
run: echo "/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin" >> $GITHUB_PATH
- name: Setup Vault Container
run: |-
brew tap hashicorp/tap
brew install hashicorp/tap/vault
- name: Build with Gradle
run: ./gradlew clean build --refresh-dependencies
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Set Image Details
id: ci-release-create-outputs
run: |
DOCKER_IMAGE=provenanceio/p8e-cee-api
VERSION=$( echo ${{ github.event.release.tag_name }} | sed -e 's/^v//' )
if [ "$VERSION" == "" ] ; then
VERSION=$( echo ${{ github.event.inputs.versionTag }} | sed -e 's/^v//' )
fi
TAGS="${DOCKER_IMAGE}:${VERSION}"
if [ ${{ github.event.inputs.tagAsLatest }} == 'true' ] ; then
TAGS="${TAGS},${DOCKER_IMAGE}:latest"
fi
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
echo "created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and Push Docker Image
uses: docker/build-push-action@v3
with:
file: service/docker/Dockerfile
context: .
push: true
tags: ${{ steps.ci-release-create-outputs.outputs.tags }}
- name: Install gpg secret key
if: inputs.publishToMaven || github.event_name == 'release'
run: |
export GPG_TTY=$(tty)
echo -n "${{ secrets.OSSRH_GPG_SECRET_KEY }}" | base64 --decode | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
echo -n "${{ secrets.OSSRH_GPG_SECRET_KEY }}" | base64 --decode > $GITHUB_WORKSPACE/release.gpg
- name: Publish to Maven Central
if: inputs.publishToMaven || github.event_name == 'release'
run: |
./gradlew publishToSonatype -Pversion=${{ steps.ci-release-create-outputs.outputs.version }} $(if [ "${{github.event.release.prerelease}}" = "true" ]; then echo 'closeSonatypeStagingRepository'; else echo 'closeAndReleaseSonatypeStagingRepository'; fi) \
-Psigning.keyId=B7D30ABE -Psigning.password="${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}" -Psigning.secretKeyRingFile=$GITHUB_WORKSPACE/release.gpg \
--info
env:
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}