From a3bb74deadb383b174028469ac22c78c81ede810 Mon Sep 17 00:00:00 2001 From: skyflow-shravan Date: Tue, 26 Nov 2024 12:38:47 +0530 Subject: [PATCH 1/2] SK-1786 common workflow for internal and public release --- .github/workflows/internal-release.yml | 63 +---------- .github/workflows/release.yml | 33 +----- .github/workflows/shared-build-and-deploy.yml | 104 ++++++++++++++++++ pom.xml | 26 +++-- 4 files changed, 129 insertions(+), 97 deletions(-) create mode 100644 .github/workflows/shared-build-and-deploy.yml diff --git a/.github/workflows/internal-release.yml b/.github/workflows/internal-release.yml index 5d82fda1..8219984e 100644 --- a/.github/workflows/internal-release.yml +++ b/.github/workflows/internal-release.yml @@ -9,61 +9,8 @@ on: - release/* jobs: - publish: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - ref: ${{ github.ref_name }} - fetch-depth: 0 - - - name: Set up Jfrog artifactory - uses: actions/setup-java@v1 - with: - java-version: '1.8' - distribution: 'adopt' - server-id: central - server-username: JFROG_USERNAME - server-password: JFROG_PASSWORD - gpg-private-key: ${{ secrets.JFROG_GPG_KEY }} # Value of the GPG private key to import - gpg-passphrase: JFROG_GPG_PASSPHRASE # env variable for GPG private key passphrase - - - name: Get Previous tag - id: previoustag - uses: WyriHaximus/github-action-get-previous-tag@v1 - with: - fallback: 1.0.0 - - - name: Bump Version - run: | - chmod +x ./scripts/bump_version.sh - ./scripts/bump_version.sh "${{ steps.previoustag.outputs.tag }}" "$(git rev-parse --short "$GITHUB_SHA")" - - - name: Commit changes - run: | - git config user.name ${{ github.actor }} - git config user.email ${{ github.actor }}@users.noreply.github.com - git add pom.xml - git commit -m "[AUTOMATED] Private Release ${{ steps.previoustag.outputs.tag }}-dev.$(git rev-parse --short $GITHUB_SHA)" - git push origin -f - - - name: Create env - id: create-env - run: | - touch .env - echo SKYFLOW_CREDENTIALS=${{ secrets.SKYFLOW_CREDENTIALS }} >> .env - echo TEST_EXPIRED_TOKEN=${{ secrets.TEST_EXPIRED_TOKEN }} >> .env - - - name: Create credentials json - id: create-json - uses: jsdaniell/create-json@1.1.2 - with: - name: "credentials.json" - json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }} - - - name: Publish package to Jfrog Artifactory - run: mvn clean deploy -P jfrog - env: - JFROG_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - JFROG_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - JFROG_GPG_PASSPHRASE: ${{ secrets.JFROG_GPG_PASSPHRASE }} \ No newline at end of file + build-and-deploy: + uses: ./.github/workflows/shared-build-and-deploy.yml + with: + ref: ${{ github.ref_name }} + is-internal: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f30dda26..c2fb42d5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,31 +3,8 @@ on: push: tags: '*.*.*' jobs: - publish: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Set up Maven Central Repository - uses: actions/setup-java@v1 - with: - java-version: '1.8' - distribution: 'adopt' - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import - gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase - - - name: create-json - id: create-json - uses: jsdaniell/create-json@1.1.2 - with: - name: "credentials.json" - json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }} - - - name: Publish package to Maven Central - run: mvn --batch-mode deploy -P maven-central - env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} \ No newline at end of file + build-and-deploy: + uses: ./.github/workflows/shared-build-and-deploy.yml + with: + ref: ${{ github.ref_name }} + is-internal: false diff --git a/.github/workflows/shared-build-and-deploy.yml b/.github/workflows/shared-build-and-deploy.yml new file mode 100644 index 00000000..9dc71d5e --- /dev/null +++ b/.github/workflows/shared-build-and-deploy.yml @@ -0,0 +1,104 @@ +name: Shared Build and Deploy +on: + workflow_call: + inputs: + ref: + description: 'Git reference to use (e.g., main or branch name)' + required: true + type: string + + is-internal: + description: 'Flag for internal release' + required: true + type: boolean + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + ref: ${{ inputs.ref }} + fetch-depth: 0 + + - name: Set up Jfrog artifactory + if: ${{ inputs.is-internal }} + uses: actions/setup-java@v1 + with: + java-version: '1.8' + distribution: 'adopt' + server-id: central + server-username: JFROG_USERNAME + server-password: JFROG_PASSWORD + gpg-private-key: ${{ secrets.JFROG_GPG_KEY }} # Value of the GPG private key to import + gpg-passphrase: JFROG_GPG_PASSPHRASE # env variable for GPG private key passphrase + + - name: Set up Maven Central Repository + if: ${{ !inputs.is-internal }} + uses: actions/setup-java@v1 + with: + java-version: '1.8' + distribution: 'adopt' + server-id: ossrh + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD + gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import + gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase + + - name: Get Previous tag + id: previoustag + uses: WyriHaximus/github-action-get-previous-tag@v1 + with: + fallback: 1.0.0 + + - name: Bump Version + run: | + chmod +x ./ci-scripts/bump_version.sh + if ${{ inputs.is-internal }}; then + ./ci-scripts/bump_version.sh "${{ steps.previoustag.outputs.tag }}" "$(git rev-parse --short "$GITHUB_SHA")" + else + ./ci-scripts/bump_version.sh "${{ steps.previoustag.outputs.tag }}" + fi + + - name: Commit changes + run: | + git config user.name ${{ github.actor }} + git config user.email ${{ github.actor }}@users.noreply.github.com + git add pom.xml + if ${{ inputs.is-internal }}; then + git commit -m "[AUTOMATED] Private Release ${{ steps.previoustag.outputs.tag }}-dev-$(git rev-parse --short $GITHUB_SHA)" + git push origin ${{ github.ref_name }} -f + else + git commit -m "[AUTOMATED] Public Release - ${{ steps.previoustag.outputs.tag }}" + git push origin + + - name: Create env + if: ${{ inputs.is-internal }} + id: create-env + run: | + touch .env + echo SKYFLOW_CREDENTIALS=${{ secrets.SKYFLOW_CREDENTIALS }} >> .env + echo TEST_EXPIRED_TOKEN=${{ secrets.TEST_EXPIRED_TOKEN }} >> .env + + - name: Create credentials json + id: create-json + uses: jsdaniell/create-json@1.1.2 + with: + name: "credentials.json" + json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }} + + - name: Publish package to Jfrog Artifactory + if: ${{ inputs.is-internal }} + run: mvn clean deploy -P jfrog + env: + JFROG_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} + JFROG_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} + JFROG_GPG_PASSPHRASE: ${{ secrets.JFROG_GPG_PASSPHRASE }} + + - name: Publish package to Maven Central + if: ${{ !inputs.is-internal }} + run: mvn --batch-mode deploy -P maven-central + env: + MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} \ No newline at end of file diff --git a/pom.xml b/pom.xml index 08afca20..c36c539b 100644 --- a/pom.xml +++ b/pom.xml @@ -121,17 +121,6 @@ - - - - - - - - - - - org.apache.maven.plugins maven-source-plugin @@ -255,6 +244,21 @@ https://s01.oss.sonatype.org/content/repositories/snapshots + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.7 + true + + ossrh + https://s01.oss.sonatype.org/ + true + + + + jfrog From 525bbb8c6501bb03fac41196c5f902a73e274bc5 Mon Sep 17 00:00:00 2001 From: skyflow-shravan Date: Tue, 26 Nov 2024 17:52:18 +0530 Subject: [PATCH 2/2] SK-1789 common workflow for public and internal release v2 --- .github/workflows/internal-release.yml | 6 ++ .github/workflows/release.yml | 6 ++ .github/workflows/shared-build-and-deploy.yml | 75 +++++++++++-------- 3 files changed, 54 insertions(+), 33 deletions(-) diff --git a/.github/workflows/internal-release.yml b/.github/workflows/internal-release.yml index 8219984e..c2cace08 100644 --- a/.github/workflows/internal-release.yml +++ b/.github/workflows/internal-release.yml @@ -14,3 +14,9 @@ jobs: with: ref: ${{ github.ref_name }} is-internal: true + server-id: central + server-username: ${{ secrets.ARTIFACTORY_USERNAME }} + server-password: ${{ secrets.ARTIFACTORY_PASSWORD }} + gpg-key: ${{ secrets.JFROG_GPG_KEY }} + gpg-passphrase: ${{ secrets.JFROG_GPG_PASSPHRASE }} + profile: jfrog diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c2fb42d5..9b6f0aab 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,3 +8,9 @@ jobs: with: ref: ${{ github.ref_name }} is-internal: false + server-id: ossrh + server-username: ${{ secrets.OSSRH_USERNAME }} + server-password: ${{ secrets.OSSRH_PASSWORD }} + gpg-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} + gpg-passphrase: ${{ secrets.MAVEN_GPG_PASSPHRASE }} + profile: maven-central \ No newline at end of file diff --git a/.github/workflows/shared-build-and-deploy.yml b/.github/workflows/shared-build-and-deploy.yml index 9dc71d5e..10b7324c 100644 --- a/.github/workflows/shared-build-and-deploy.yml +++ b/.github/workflows/shared-build-and-deploy.yml @@ -12,6 +12,36 @@ on: required: true type: boolean + server-id: + description: 'Id of the repository' + required: true + type: string + + server-username: + description: 'Username of the repository' + required: true + type: string + + server-password: + description: 'Password of the repository' + required: true + type: string + + gpg-key: + description: 'GPG key to access the repository' + required: true + type: string + + gpg-passphrase: + description: 'GPG passphrase to access the repository' + required: true + type: string + + profile: + description: 'Profile to pick from pom.xml' + required: true + type: string + jobs: publish: runs-on: ubuntu-latest @@ -21,29 +51,16 @@ jobs: ref: ${{ inputs.ref }} fetch-depth: 0 - - name: Set up Jfrog artifactory - if: ${{ inputs.is-internal }} + - name: Set up maven or jfrog repository uses: actions/setup-java@v1 with: java-version: '1.8' distribution: 'adopt' - server-id: central - server-username: JFROG_USERNAME - server-password: JFROG_PASSWORD - gpg-private-key: ${{ secrets.JFROG_GPG_KEY }} # Value of the GPG private key to import - gpg-passphrase: JFROG_GPG_PASSPHRASE # env variable for GPG private key passphrase - - - name: Set up Maven Central Repository - if: ${{ !inputs.is-internal }} - uses: actions/setup-java@v1 - with: - java-version: '1.8' - distribution: 'adopt' - server-id: ossrh - server-username: MAVEN_USERNAME - server-password: MAVEN_PASSWORD - gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import - gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase + server-id: ${{ inputs.server-id }} + server-username: SERVER_USERNAME + server-password: SERVER_PASSWORD + gpg-private-key: ${{ inputs.gpg-key }} # Value of the GPG private key to import + gpg-passphrase: GPG_PASSPHRASE # env variable for GPG private key passphrase - name: Get Previous tag id: previoustag @@ -87,18 +104,10 @@ jobs: name: "credentials.json" json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }} - - name: Publish package to Jfrog Artifactory - if: ${{ inputs.is-internal }} - run: mvn clean deploy -P jfrog - env: - JFROG_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - JFROG_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - JFROG_GPG_PASSPHRASE: ${{ secrets.JFROG_GPG_PASSPHRASE }} - - - name: Publish package to Maven Central - if: ${{ !inputs.is-internal }} - run: mvn --batch-mode deploy -P maven-central + - name: Publish package + run: mvn clean deploy -P ${{ inputs.profile }} env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} \ No newline at end of file + SERVER_USERNAME: ${{ inputs.server-username }} + SERVER_PASSWORD: ${{ inputs.server-password }} + GPG_PASSPHRASE: ${{ inputs.gpg-passphrase }} + \ No newline at end of file