pingtimeout commented on code in PR #2383: URL: https://github.com/apache/polaris/pull/2383#discussion_r2502402117
########## .github/workflows/release-3-build-and-publish-artifacts.yml: ########## @@ -0,0 +1,357 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +name: Release - 3 - Build and Publish Release Artifacts + +on: + workflow_dispatch: + inputs: + dry_run: + description: 'Dry run mode (check to enable, uncheck to perform actual operations)' + required: false + type: boolean + default: true + +jobs: + prerequisite-checks: + name: Prerequisite Checks + runs-on: ubuntu-latest + permissions: + contents: read + outputs: + dry_run: ${{ steps.set-outputs.outputs.dry_run }} + git_tag: ${{ steps.validate-tag.outputs.git_tag }} + version_without_rc: ${{ steps.validate-tag.outputs.version_without_rc }} + rc_number: ${{ steps.validate-tag.outputs.rc_number }} + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + fetch-depth: 0 + + - name: Set up environment variables + id: set-outputs + run: | + echo "RELEASEY_DIR=$(pwd)/releasey" >> $GITHUB_ENV + echo "LIBS_DIR=$(pwd)/releasey/libs" >> $GITHUB_ENV + + echo "## Mode" >> $GITHUB_STEP_SUMMARY + if [[ "${{ github.event.inputs.dry_run }}" == "true" ]]; then + echo "DRY_RUN=1" >> $GITHUB_ENV + echo "dry_run=1" >> $GITHUB_OUTPUT + echo "‼️ DRY_RUN mode enabled - No actual changes will be made" >> $GITHUB_STEP_SUMMARY + else + echo "DRY_RUN=0" >> $GITHUB_ENV + echo "dry_run=0" >> $GITHUB_OUTPUT + echo "DRY_RUN mode disabled - Performing actual operations" >> $GITHUB_STEP_SUMMARY + fi + + - name: Validate release candidate tag + id: validate-tag + run: | + source "${LIBS_DIR}/_version.sh" + + echo "## Parameters" >> $GITHUB_STEP_SUMMARY + + if ! git_tag=$(git describe --tags --exact-match HEAD 2>/dev/null); then + echo "❌ Current HEAD is not on a release candidate tag. Please checkout a release candidate tag first." >> $GITHUB_STEP_SUMMARY + exit 1 + fi + + # Validate git tag format and extract version components + if ! validate_and_extract_git_tag_version "${git_tag}"; then + echo "❌ Invalid git tag format: \`${git_tag}\`. Expected format: apache-polaris-x.y.z-incubating-rcN." >> $GITHUB_STEP_SUMMARY + exit 1 + fi + + # Export variables for next steps and job outputs + echo "git_tag=${git_tag}" >> $GITHUB_ENV + echo "version_without_rc=${version_without_rc}" >> $GITHUB_ENV + echo "rc_number=${rc_number}" >> $GITHUB_ENV + + echo "git_tag=${git_tag}" >> $GITHUB_OUTPUT + echo "version_without_rc=${version_without_rc}" >> $GITHUB_OUTPUT + echo "rc_number=${rc_number}" >> $GITHUB_OUTPUT + + cat <<EOT >> $GITHUB_STEP_SUMMARY + | Parameter | Value | + | --- | --- | + | Git tag | \`${git_tag}\` | + | Version | \`${version_without_rc}\` | + | RC number | \`${rc_number}\` | + EOT + + build-and-publish-artifacts: + name: Build and Publish Release Artifacts + runs-on: ubuntu-latest + needs: prerequisite-checks + permissions: + contents: read + env: + DRY_RUN: ${{ needs.prerequisite-checks.outputs.dry_run }} + git_tag: ${{ needs.prerequisite-checks.outputs.git_tag }} + version_without_rc: ${{ needs.prerequisite-checks.outputs.version_without_rc }} + rc_number: ${{ needs.prerequisite-checks.outputs.rc_number }} + + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + with: + fetch-depth: 0 + + - name: Set up environment variables + run: | + echo "RELEASEY_DIR=$(pwd)/releasey" >> $GITHUB_ENV + echo "LIBS_DIR=$(pwd)/releasey/libs" >> $GITHUB_ENV + + - name: Set up Java + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4 + with: + distribution: 'temurin' + java-version: '21' + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Build source and binary distributions + run: | + source "${LIBS_DIR}/_exec.sh" + + exec_process ./gradlew assemble sourceTarball -Prelease -PuseGpgAgent + + cat <<EOT >> $GITHUB_STEP_SUMMARY + ## Build + Source and binary distributions built successfully + EOT + + - name: Stage artifacts to Apache dist dev repository + env: + SVN_USERNAME: ${{ secrets.APACHE_USERNAME }} + SVN_PASSWORD: ${{ secrets.APACHE_PASSWORD }} + run: | + source "${LIBS_DIR}/_constants.sh" + source "${LIBS_DIR}/_exec.sh" + + dist_dev_dir=${RELEASEY_DIR}/polaris-dist-dev + exec_process svn checkout --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive "${APACHE_DIST_URL}${APACHE_DIST_PATH}" "${dist_dev_dir}" + + version_dir="${dist_dev_dir}/${version_without_rc}" + exec_process mkdir -p "${version_dir}" + exec_process cp build/distributions/* "${version_dir}/" + exec_process cp runtime/distribution/build/distributions/* "${version_dir}/" + + exec_process cd "${dist_dev_dir}" + exec_process svn add "${version_without_rc}" + + exec_process svn commit --username "$SVN_USERNAME" --password "$SVN_PASSWORD" --non-interactive -m "Stage Apache Polaris ${version_without_rc} RC${rc_number}" + + cat <<EOT >> $GITHUB_STEP_SUMMARY + ## Staging to dist dev + Artifacts staged to Apache dist dev repository + EOT + + - name: Publish and close Apache Nexus staging repository + env: + ORG_GRADLE_PROJECT_apacheUsername: ${{ secrets.APACHE_USERNAME }} + ORG_GRADLE_PROJECT_apachePassword: ${{ secrets.APACHE_PASSWORD }} + run: | + source "${LIBS_DIR}/_exec.sh" + + # Publish artifacts to staging repository + exec_process ./gradlew publishToApache closeApacheStagingRepository -Prelease -PuseGpgAgent --info > gradle_publish_output.txt 2>&1 Review Comment: I am not certain that it would work. The `grep` commands that extract the staging repo id assume that there is only one matching line. Did you verify locally that with the `2>&1 | tee` part, this is still valid? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
