Checkout main #74
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| - main | |
| paths-ignore: | |
| - '**pom.xml' | |
| - '**README.md' | |
| - '**README_INTERNAL.md' | |
| jobs: | |
| develop_release: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.ref == 'refs/heads/develop' }} | |
| environment: dev | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Verify SNAPSHOT version | |
| run: | | |
| VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| echo "Detected version: $VERSION" | |
| if [[ "$VERSION" != *-SNAPSHOT ]]; then | |
| echo "ERROR: Version is not a SNAPSHOT version! Aborting deploy." | |
| exit 1 | |
| fi | |
| - id: gpg-install | |
| name: Install gpg secret key | |
| run: | | |
| # Install gpg secret key | |
| cat <(echo -e "${{ secrets.MAVEN_GPG_PRIVATE_KEY }}") | gpg --batch --import | |
| # Verify gpg secret key | |
| gpg --list-secret-keys --keyid-format=long || echo "❌ No secret keys found" | |
| - id: ssh-setup | |
| name: Set SSH key | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.TAG_SSH_KEY }} | |
| - id: git-config | |
| name: Set GIT user name and email | |
| uses: fregante/setup-git-user@v2 | |
| - id: jdk-setup | |
| name: Setup JDK | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| settings-path: ${{ github.workspace }} | |
| - id: server-setup | |
| name: Setup deployment server | |
| uses: s4u/[email protected] | |
| with: | |
| servers: | | |
| [{ | |
| "id": "central", | |
| "username": "${{ secrets.DISTRIBUTION_REPOSITORY_RELEASE_USERNAME }}", | |
| "password": "${{ secrets.DISTRIBUTION_REPOSITORY_RELEASE_PASSWORD }}" | |
| }] | |
| properties: '[{"distribution.repository.snapshot.id": "central"}, {"distribution.repository.snapshot.url": "https://central.sonatype.com/repository/maven-snapshots/"}]' | |
| - name: Deploy SNAPSHOT to Maven Repo | |
| run: mvn clean deploy -DskipTests=true -Prelease | |
| production_release: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| environment: dev | |
| permissions: | |
| contents: write | |
| packages: write | |
| steps: | |
| - id: checkout | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 # Required for Maven Release Plugin | |
| persist-credentials: false | |
| - id: gpg-install | |
| name: Install gpg secret key | |
| run: | | |
| # Install gpg secret key | |
| cat <(echo -e "${{ secrets.MAVEN_GPG_PRIVATE_KEY }}") | gpg --batch --import | |
| # Verify gpg secret key | |
| gpg --list-secret-keys --keyid-format=long || echo "❌ No secret keys found" | |
| echo "Installed gpg secret key" | |
| - id: ssh-setup | |
| name: Set SSH key | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.TAG_SSH_KEY }} | |
| - id: git-config | |
| name: Set GIT user name and email | |
| uses: fregante/setup-git-user@v2 | |
| - id: jdk-setup | |
| name: Setup JDK | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| settings-path: ${{ github.workspace }} | |
| - id: server-setup | |
| name: Setup deployment server | |
| uses: s4u/[email protected] | |
| with: | |
| servers: | | |
| [{ | |
| "id": "central", | |
| "username": "${{ secrets.DISTRIBUTION_REPOSITORY_RELEASE_USERNAME }}", | |
| "password": "${{ secrets.DISTRIBUTION_REPOSITORY_RELEASE_PASSWORD }}" | |
| }] | |
| properties: '[{"distribution.repository.release.id": "central"}, {"distribution.repository.release.url": "https://central.sonatype.com"}]' | |
| - id: release | |
| name: Release to production | |
| run: mvn clean release:clean release:prepare release:perform -B -DskipTests=true -DpreparationGoals=install | |
| # run: mvn clean release:clean release:prepare release:perform -B -Darguments="-Ddevelop.api.key=${{ secrets.DEVELOP_SERVER_API_KEY }} -Dprod.eu1.api.key=${{ secrets.PROD_EU1_SERVER_API_KEY }} -Dprod.na1.api.key=${{ secrets.PROD_NA1_SERVER_API_KEY }}" -DskipTests=true -X -DpreparationGoals=install | |
| - id: rollback | |
| name: Rollback | |
| if: failure() | |
| continue-on-error: true | |
| run: mvn clean release:rollback -B && exit 1 |