matrei commented on code in PR #15206:
URL: https://github.com/apache/grails-core/pull/15206#discussion_r2491791550
##########
.github/workflows/release.yml:
##########
@@ -21,267 +21,220 @@ permissions: { }
env:
# to prevent throttling of the github api, include the github token in an
environment variable since the build will check for it
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GRAILS_PUBLISH_RELEASE: true
+ JAVA_DISTRIBUTION: liberica
+ JAVA_VERSION: 17.0.17 # this must be a specific version for reproducible
builds, keep it synced with .sdkmanrc
+ PROJECT_DESC: >
+ Grails is a powerful Groovy-based web application framework for the JVM,
+ built on top of Spring Boot, and supported by a rich ecosystem of plugins
+ that extend its functionality.
+ PROJECT_NAME: Apache Grails
+ REPO_NAME: ${{ github.event.repository.name }}
+ REPO_SLUG: ${{ github.repository }}
+ SVN_FOLDER: core
+ TAG: ${{ github.event.release.tag_name }}
+ TARGET_BRANCH: ${{ github.event.release.target_commitish }}
+ VERSION: will be computed in each job
jobs:
publish:
name: "Stage Jar Files"
permissions:
contents: write # to create release & upload wrapper
issues: write # to modify milestones
runs-on: ubuntu-24.04
- outputs:
- release_version: ${{ steps.release_version.outputs.value }}
- commit_hash: ${{ steps.commit_hash.outputs.value }}
- target_branch: ${{ steps.extract_branch.outputs.value }}
- extract_repository_name: ${{
steps.extract_repository_name.outputs.repository_name }}
steps:
- - name: "Output Agent IP" # in the event RAO blocks this agent, this can
be used to debug it
+ - name: "📝 Establish release version"
+ run: echo "VERSION=${TAG#v}" >> "$GITHUB_ENV"
+ - name: "🌐 Output Agent IP" # in the event RAO blocks this agent, this
can be used to debug it
run: curl -s https://api.ipify.org
- - name: "Extract repository name"
- id: extract_repository_name
- run: |
- echo "repository_name=${GITHUB_REPOSITORY##*/}" >> $GITHUB_OUTPUT
- name: "📥 Checkout repository"
- uses: actions/checkout@v4
+ uses: actions/checkout@v5
with:
+ ref: ${{ env.TAG }}
token: ${{ secrets.GITHUB_TOKEN }}
- ref: ${{ github.ref }}
- fetch-depth: 1
- fetch-tags: true
- - name: 'Ensure Common Build Date' # to ensure a reproducible build
+ - name: "📅 Store common build date" # to ensure a reproducible build
run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >>
"$GITHUB_ENV"
- - name: "Ensure source files use common date"
- run: |
- find . -depth \( -type f -o -type d \) -exec touch -d
"@${SOURCE_DATE_EPOCH}" {} +
+ - name: "📅 Ensure source files use common date"
+ run: find . -depth \( -type f -o -type d \) -exec touch -d
"@${SOURCE_DATE_EPOCH}" {} +
- name: '🔐 Set up GPG'
run: |
echo "${{ secrets.GRAILS_GPG_KEY }}" | gpg --batch --import
gpg --list-keys
- env:
- GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
- name: "☕️ Setup JDK"
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
- distribution: liberica
- java-version: '17.0.14' # this must be a specific version for
reproducible builds
+ distribution: ${{ env.JAVA_DISTRIBUTION }}
+ java-version: ${{ env.JAVA_VERSION }}
- name: "🐘 Setup Gradle"
- uses: gradle/actions/setup-gradle@v4
+ uses: gradle/actions/setup-gradle@v5
with:
- develocity-access-key: ${{ secrets.GRAILS_DEVELOCITY_ACCESS_KEY }}
- - name: "📝 Store the target branch"
- id: extract_branch
- run: |
- echo "Determining Target Branch"
- TARGET_BRANCH=`cat $GITHUB_EVENT_PATH | jq
'.release.target_commitish' | sed -e 's/^"\(.*\)"$/\1/g'`
- echo $TARGET_BRANCH
- echo "value=${TARGET_BRANCH}" >> $GITHUB_OUTPUT
- - name: "📝 Store the current release version"
- id: release_version
- run: echo "value=${GITHUB_REF:11}" >> $GITHUB_OUTPUT
- - name: '⚙️ Run pre-release'
+ develocity-access-key: ${{ secrets.GRAILS_DEVELOCITY_ACCESS_KEY }}
+ - name: "⚙️ Run pre-release"
uses: apache/grails-github-actions/pre-release@asf
env:
- RELEASE_VERSION: ${{ steps.release_version.outputs.value }}
+ RELEASE_VERSION: ${{ env.VERSION }}
RELEASE_SCRIPT_PATH: '.github/scripts/setReleasedGrailsVersion.sh'
- - name: 'Fetch release Commit Hash'
- id: commit_hash
- env:
- OWNER: ${{ github.repository_owner }}
- REPO: ${{ steps.extract_repository_name.outputs.repository_name }}
- TAG: 'v${{ steps.release_version.outputs.value }}'
- run: |
- ref_json=$(gh api "repos/$OWNER/$REPO/git/ref/tags/$TAG")
-
- type=$(jq -r '.object.type' <<<"$ref_json")
- sha=$(jq -r '.object.sha' <<<"$ref_json")
-
- if [ "$type" = "tag" ]; then
- sha=$(gh api "repos/$OWNER/$REPO/git/tags/$sha" --jq '.object.sha')
- fi
-
- echo "Found Commit Sha: $sha"
-
- echo "value=$sha" >>"$GITHUB_OUTPUT"
- - name: "🧩 Run grails-core Assemble"
- run: ./gradlew assemble -PgithubBranch=${{
steps.extract_branch.outputs.value }}
- env:
- GRAILS_PUBLISH_RELEASE: "true"
- - name: "🧩 Run grails-forge Assemble"
+ - name: "🧩 Run grails-core assemble"
+ run: ./gradlew assemble -PgithubBranch=${TARGET_BRANCH}
+ - name: "🧩 Run grails-forge assemble"
working-directory: grails-forge
- run: ./gradlew assemble -PgithubBranch=${{
steps.extract_branch.outputs.value }}
- env:
- GRAILS_PUBLISH_RELEASE: "true"
+ run: ./gradlew assemble -PgithubBranch=${TARGET_BRANCH}
- name: "📦 Generate grails-core docs"
- run: ./gradlew grails-doc:build -PgithubBranch=${{
steps.extract_branch.outputs.value }}
- env:
- GRAILS_PUBLISH_RELEASE: "true"
- - name: "🔏 Sign wrapper ZIP"
- env:
- GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
- run: |
- gpg --default-key "${GPG_KEY_ID}" --batch --yes --pinentry-mode
loopback --armor --detach-sign
grails-wrapper/build/distributions/apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip
- - name: "📦 Create wrapper checksum"
+ run: ./gradlew grails-doc:build -PgithubBranch=${TARGET_BRANCH}
+ - name: "🔏 Sign grails-wrapper ZIP"
+ run: >
+ gpg
+ --default-key "${{ secrets.GPG_KEY_ID }}"
+ --batch
+ --yes
+ --pinentry-mode loopback
+ --armor
+ --detach-sign
+
grails-wrapper/build/distributions/apache-grails-wrapper-${VERSION}-bin.zip
+ - name: "📦 Create grails-wrapper checksum"
run: |
cd grails-wrapper/build/distributions
ls
- sha512sum apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip > "apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip.sha512"
+ sha512sum apache-grails-wrapper-${VERSION}-bin.zip >
apache-grails-wrapper-${VERSION}-bin.zip.sha512
echo "Generated checksum for grails wrapper ZIP:"
- cat apache-grails-wrapper-${{ steps.release_version.outputs.value
}}-bin.zip.sha512
- - name: "📤 Upload grails wrapper ZIP"
+ cat apache-grails-wrapper-${VERSION}-bin.zip.sha512
+ - name: "📤 Upload grails-wrapper ZIP"
uses: softprops/action-gh-release@v2
with:
- tag_name: ${{ github.event.release.tag_name }}
+ tag_name: ${{ env.TAG }}
files: |
- grails-wrapper/build/distributions/apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip
- grails-wrapper/build/distributions/apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip.sha512
- grails-wrapper/build/distributions/apache-grails-wrapper-${{
steps.release_version.outputs.value }}-bin.zip.asc
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: "🔏 Sign CLI ZIP"
- env:
- GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
- run: |
- gpg --default-key "${GPG_KEY_ID}" --batch --yes --pinentry-mode
loopback --armor --detach-sign
grails-forge/grails-cli/build/distributions/apache-grails-${{
steps.release_version.outputs.value }}-bin.zip
- - name: "📦 Create CLI checksum"
+ grails-wrapper/build/distributions/apache-grails-wrapper-${{
env.VERSION }}-bin.zip
+ grails-wrapper/build/distributions/apache-grails-wrapper-${{
env.VERSION }}-bin.zip.sha512
+ grails-wrapper/build/distributions/apache-grails-wrapper-${{
env.VERSION }}-bin.zip.asc
+ - name: "🔏 Sign grails-cli ZIP"
+ run: >
+ gpg
+ --default-key "${{ secrets.GPG_KEY_ID }}"
+ --batch
+ --yes
+ --pinentry-mode loopback
+ --armor
+ --detach-sign
+
grails-forge/grails-cli/build/distributions/apache-grails-${VERSION}-bin.zip
+ - name: "📦 Create grails-cli checksum"
run: |
cd grails-forge/grails-cli/build/distributions
ls
- sha512sum apache-grails-${{ steps.release_version.outputs.value
}}-bin.zip > "apache-grails-${{ steps.release_version.outputs.value
}}-bin.zip.sha512"
+ sha512sum apache-grails-${VERSION}-bin.zip >
apache-grails-${VERSION}-bin.zip.sha512
echo "Generated checksum for grails cli ZIP:"
- cat apache-grails-${{ steps.release_version.outputs.value
}}-bin.zip.sha512
- - name: "📤 Upload CLI ZIP"
+ cat apache-grails-${VERSION}-bin.zip.sha512
+ - name: "📤 Upload grails-cli ZIP"
uses: softprops/action-gh-release@v2
with:
- tag_name: ${{ github.event.release.tag_name }}
+ tag_name: ${{ env.TAG }}
files: |
- grails-forge/grails-cli/build/distributions/apache-grails-${{
steps.release_version.outputs.value }}-bin.zip
- grails-forge/grails-cli/build/distributions/apache-grails-${{
steps.release_version.outputs.value }}-bin.zip.sha512
- grails-forge/grails-cli/build/distributions/apache-grails-${{
steps.release_version.outputs.value }}-bin.zip.asc
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- - name: "Create Staging Repository"
+ grails-forge/grails-cli/build/distributions/apache-grails-${{
env.VERSION }}-bin.zip
+ grails-forge/grails-cli/build/distributions/apache-grails-${{
env.VERSION }}-bin.zip.sha512
+ grails-forge/grails-cli/build/distributions/apache-grails-${{
env.VERSION }}-bin.zip.asc
+ - name: "✨ Create Staging Repository"
env:
- GRAILS_PUBLISH_RELEASE: "true"
Review Comment:
It is! At the workflow level.
But, I should probably change to `true` with quotes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
