-
Notifications
You must be signed in to change notification settings - Fork 41
102 lines (84 loc) · 3.56 KB
/
deploy_and_release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
name: Deploy and Release CryptoAnalysis
on: [workflow_dispatch]
jobs:
deployment:
runs-on: ubuntu-latest
environment: Deploy
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-package: 'jdk'
java-version: '17'
server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin
server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name
server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret
gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase
- name: Build & Deploy CryptoAnalysis
run: mvn -B -U clean deploy -Pdeployment -DskipTests
env:
SIGN_KEY_PASS: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
OSSRH_USERNAME: ${{ secrets.SONATYPE_USER }}
OSSRH_PASSWORD: ${{ secrets.SONATYPE_PW }}
synchronize:
runs-on: ubuntu-latest
needs: deployment
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Synchronize master and develop
run: |
gh pr create -B develop -H master -t "Synchronize version in master and develop" -b "Update the version in `develop` from `master`"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
release:
runs-on: ubuntu-latest
needs: deployment
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Fetch all tags
run: git fetch --tags
- name: Extract Version from pom.xml
id: extract_version
run: |
VERSION=$(sed -n 's/.*<version>\(.*\)<\/version>.*/\1/p' pom.xml | head -n 1)
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Generate Release Notes
id: generate_notes
run: |
LATEST_TAG=$(git tag --sort=-creatordate | head -n 1)
git log $LATEST_TAG..HEAD --merges --pretty=format:"%h" > merged_prs.txt
RELEASE_NOTES="Release Notes:\n\n"
while IFS= read -r commit_hash; do
if git log -1 --pretty=format:"%s" $commit_hash | grep -iq "dependabot"; then
continue
fi
PR_NUMBER=$(git log -1 --pretty=format:"%s" $commit_hash | grep -oE "([Pp][Rr]|pull request) #[0-9]+" | grep -oE "[0-9]+" | head -n 1)
FIRST_COMMENT=$(gh pr view $PR_NUMBER --json body --jq '.body')
if [ -n "$FIRST_COMMENT" ]; then
RELEASE_NOTES+="- PR #$PR_NUMBER: $FIRST_COMMENT\n"
fi
done < merged_prs.txt
echo -e "$RELEASE_NOTES" > release_notes.txt
cat release_notes.txt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Zip JavaCryptographicArchitecture folder
run: |
echo "Zipping the JavaCryptographicArchitecture folder..."
zip -r JavaCryptographicArchitecture.zip CryptoAnalysis/src/test/resources/rules/JavaCryptographicArchitecture
- name: Create GitHub Release
run: |
gh release create "$VERSION" ./apps/* "CryptoAnalysisTargets/CogniCryptDemoExample/Examples.jar" "JavaCryptographicArchitecture.zip" \
--title "$VERSION" --notes-file release_notes.txt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}