-
Notifications
You must be signed in to change notification settings - Fork 5
133 lines (112 loc) · 4.12 KB
/
shared-build-and-deploy.yml
File metadata and controls
133 lines (112 loc) · 4.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Shared Build and Deploy
on:
workflow_call:
inputs:
ref:
description: "Git reference to use (e.g., main or branch name)"
required: true
type: string
server-id:
description: "Id of the repository"
required: true
type: string
profile:
description: "Profile to pick from pom.xml"
required: true
type: string
tag:
description: 'Release Tag'
required: true
type: string
secrets:
server-username:
required: true
server-password:
required: true
gpg-key:
required: true
gpg-passphrase:
required: true
skyflow-credentials:
required: true
test-expired-token:
required: true
test-reusable-token:
required: true
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up maven or jfrog repository
uses: actions/setup-java@v4
with:
java-version: "11"
distribution: "adopt"
server-id: ${{ inputs.server-id }}
server-username: SERVER_USERNAME
server-password: SERVER_PASSWORD
gpg-private-key: ${{ secrets.gpg-key }} # Value of the GPG private key to import
gpg-passphrase: GPG_PASSPHRASE # env variable for GPG private key passphrase
- name: Resolve Branch for the Tagged Commit
id: resolve-branch
if: ${{ inputs.tag == 'beta' || inputs.tag == 'public' }}
run: |
TAG_COMMIT=$(git rev-list -n 1 ${{ github.ref_name }})
BRANCH_NAME=$(git branch -r --contains $TAG_COMMIT | grep -o 'origin/.*' | sed 's|origin/||' | head -n 1)
if [ -z "$BRANCH_NAME" ]; then
echo "Error: Could not resolve branch for the tag."
exit 1
fi
echo "Resolved Branch Name: $BRANCH_NAME"
echo "branch_name=$BRANCH_NAME" >> $GITHUB_ENV
- name: Get Previous tag
id: previoustag
uses: WyriHaximus/github-action-get-previous-tag@v1
with:
fallback: 1.0.0
- name: Bump Version
run: |
chmod +x ./scripts/bump_version.sh
if ${{ inputs.tag == 'internal' }}; then
./scripts/bump_version.sh "${{ steps.previoustag.outputs.tag }}" "$(git rev-parse --short "$GITHUB_SHA")"
else
./scripts/bump_version.sh "${{ steps.previoustag.outputs.tag }}"
fi
- name: Commit changes
run: |
git config user.name ${{ github.actor }}
git config user.email ${{ github.actor }}@users.noreply.github.com
if [[ "${{ inputs.tag }}" == "beta" || "${{ inputs.tag }}" == "public" ]]; then
git checkout ${{ env.branch_name }}
fi
git add pom.xml
if [[ "${{ inputs.tag }}" == "internal" ]]; then
git commit -m "[AUTOMATED] Private Release ${{ steps.previoustag.outputs.tag }}-dev-$(git rev-parse --short $GITHUB_SHA)"
git push origin ${{ github.ref_name }} -f
fi
if [[ "${{ inputs.tag }}" == "beta" || "${{ inputs.tag }}" == "public" ]]; then
git commit -m "[AUTOMATED] Public Release - ${{ steps.previoustag.outputs.tag }}"
git push origin ${{ env.branch_name }}
fi
- name: Create env
id: create-env
run: |
touch .env
echo SKYFLOW_CREDENTIALS=${{ secrets.skyflow-credentials }} >> .env
echo TEST_EXPIRED_TOKEN=${{ secrets.test-expired-token }} >> .env
echo TEST_REUSABLE_TOKEN=${{ secrets.test-reusable-token }} >> .env
- name: Create credentials json
id: create-json
uses: jsdaniell/create-json@1.1.2
with:
name: "credentials.json"
json: ${{ secrets.TEST_CREDENTIALS_FILE_STRING }}
- name: Publish package
run: mvn --batch-mode deploy -P ${{ inputs.profile }}
env:
SERVER_USERNAME: ${{ secrets.server-username }}
SERVER_PASSWORD: ${{ secrets.server-password }}
GPG_PASSPHRASE: ${{ secrets.gpg-passphrase }}