(incubator-baremaps) 03/03: Adapt the release workflow

bchapuis Thu, 14 Mar 2024 03:03:23 -0700

This is an automated email from the ASF dual-hosted git repository.

bchapuis pushed a commit to branch 752-release-automation
in repository https://gitbox.apache.org/repos/asf/incubator-baremaps.git


commit bc76ab9b7cf2d5633ad3f122d63501e3e7e288b2
Author: Bertil Chapuis <[email protected]>
AuthorDate: Thu Mar 14 11:02:03 2024 +0100

    Adapt the release workflow
---
 .github/workflows/release.yml | 100 ++++++++++++++++++++++++++++++------------
 1 file changed, 72 insertions(+), 28 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1d6a02f8..6f6aa7dd 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -11,6 +11,7 @@ jobs:
     name: Release on GitHub
     runs-on: ubuntu-latest
     steps:
+      # Checkout code, set up Java 17, build project, and extract version
       - name: Checkout code
         uses: actions/checkout@v3
       - name: Set up Java 17
@@ -19,23 +20,36 @@ jobs:
           java-version: 17
           distribution: temurin
           cache: maven
-      - name: Build with maven
-        run: mvn install -B
+          server-id: apache
+          server-username: ${{ secrets.SERVER_USERNAME }}
+          server-password: ${{ secrets.SERVER_PASSWORD }}
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
       - name: Extract version
         run: echo ::set-output name=value::$(mvn -q -Dexec.executable=echo 
-Dexec.args='${project.version}' --non-recursive exec:exec)
         id: version
-      - name: Show extracted Maven project version
-        run: echo ${{ steps.version.outputs.value }}
-      - name: Create Release
+      - name: Build project
+        run: mvn install -P release -B
+
+      # Create a GitHub release draft
+      - name: Create GitHub Release
         id: create_release
         uses: actions/create-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag_name: ${{ github.ref }}
-          release_name: Baremaps ${{ steps.version.outputs.value }}
+          release_name: Apache Baremaps ${{ steps.version.outputs.value }} 
(incubating)
           draft: true
           prerelease: true
+
+      # Sign, hash, and upload source release
+      - name: Sign and hash source release
+        shell: bash
+        run: |
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" | base64 --decode | gpg 
--import
+          shasum -a 512 "./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-src.tar.gz" > 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz.sha512"
+          gpg --no-tty --quiet --pinentry-mode loopback --default-key 
"$GPG_KEY_ID" --batch --yes --passphrase "$GPG_PASSPHRASE" --output 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz.asc" --detach-sign --armor 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz"
       - name: Upload source release
         id: upload-source-release
         uses: actions/upload-release-asset@v1
@@ -46,6 +60,34 @@ jobs:
           asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-src.tar.gz
           asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz
           asset_content_type: application/x-gzip
+      - name: Upload source release sha512
+        id: upload-source-release-sha512
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-src.tar.gz.sha512
+          asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz.sha512
+          asset_content_type: text/plain
+      - name: Upload source release asc
+        id: upload-source-release-asc
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-src.tar.gz.asc
+          asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-src.tar.gz.asc
+          asset_content_type: text/plain
+
+      # Sign, hash, and upload binary release
+      - name: Sign and hash source release
+        shell: bash
+        run: |
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" | base64 --decode | gpg 
--import
+          shasum -a 512 "./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-bin.tar.gz" > 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz.sha512"
+          gpg --no-tty --quiet --pinentry-mode loopback --default-key 
"$GPG_KEY_ID" --batch --yes --passphrase "$GPG_PASSPHRASE" --output 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz.asc" --detach-sign --armor 
"./baremaps-cli/target/apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz"
       - name: Upload binary release
         id: upload-binary-release
         uses: actions/upload-release-asset@v1
@@ -56,29 +98,31 @@ jobs:
           asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-bin.tar.gz
           asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz
           asset_content_type: application/x-gzip
+      - name: Upload binary release sha512
+        id: upload-binary-release-sha512
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-bin.tar.gz.sha512
+          asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz.sha512
+          asset_content_type: text/plain
+      - name: Upload binary release asc
+        id: upload-binary-release-asc
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./baremaps-cli/target/apache-baremaps-${{ 
steps.version.outputs.value }}-incubating-bin.tar.gz.asc
+          asset_name: apache-baremaps-${{ steps.version.outputs.value 
}}-incubating-bin.tar.gz.asc
+          asset_content_type: text/plain
+
+
 
-#  release-maven:
-#    name: Release on Maven Central
-#    runs-on: ubuntu-latest
-#    steps:
-#      - name: Checkout code
-#        uses: actions/checkout@v2
-#        with:
-#          submodules: true
-#      - name: Set up Java 11
-#        uses: actions/setup-java@v2
-#        with:
-#          java-version: 11
-#          distribution: 'adopt'
-#          server-id: maven
-#          server-username: MAVEN_USERNAME
-#          server-password: MAVEN_CENTRAL_TOKEN
-#          gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
-#          gpg-passphrase: MAVEN_GPG_PASSPHRASE
-#      - name: Build with maven
-#        run: mvn package --file pom.xml -P maputnik,release -B
-#      - name: Deploy artifacts
-#        run: mvn deploy -P maputnik,release -B
+#      - name: Publish artifacts
+#        run: mvn deploy -P release -B
 #        env:
 #          MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
 #          MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}

(incubator-baremaps) 03/03: Adapt the release workflow

Reply via email to