Release PDS-Tools #13
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-License-Identifier: MIT | |
| name: Release PDS-Tools | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| actor-email: | |
| description: Insert your email address here. It will be used in the generated pull requests | |
| required: true | |
| pds-tools-version: | |
| description: PDS-Tools Version (e.g. 0.1.0) | |
| required: true | |
| pds-tools-milestone-number: | |
| description: PDS-Tools Milestone number (e.g. 70) | |
| required: true | |
| jobs: | |
| release-version: | |
| name: Create PDS-Tools release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Show Inputs" | |
| run: | | |
| echo "actor-email: '${{ inputs.actor-email }}'" | |
| echo "PDS-Tools '${{ inputs.pds-tools-version }}' - Milestone '${{ inputs.pds-tools-milestone-number }}'" | |
| # Check inputs if a milestone number is provided for each version to be released: | |
| - name: "Verify Input: PDS-Tools" | |
| if: (inputs.pds-tools-version != '') && (inputs.pds-tools-milestone-number == '') | |
| run: | | |
| echo "For PDS-Tools release, pds-tools-milestone-number must be provided!" | |
| exit 1 | |
| - name: Checkout master | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| with: | |
| ref: master | |
| # Create temporary local tags, so we build documentation for this tag... | |
| # The final tag on git server side will be done by the release when the draft is saved as "real" release | |
| # automatically. | |
| - name: "Temporary tag server version: v${{ inputs.pds-tools-version }}-pds-tools" | |
| run: git tag v${{ inputs.pds-tools-version }}-pds-tools | |
| # ---------------------- | |
| # Setup + Caching | |
| # ---------------------- | |
| - name: Install required packages | |
| run: sudo apt-get -y install hub | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b | |
| with: | |
| java-version: 17 | |
| distribution: temurin | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 | |
| with: | |
| cache-read-only: false | |
| # ---------------------- | |
| # Create pull request if license headers are missing | |
| # ---------------------- | |
| - name: run apply-headers.sh | |
| id: apply-headers | |
| run: | | |
| git config user.name "$GITHUB_TRIGGERING_ACTOR (via github-actions)" | |
| git config user.email "${{ inputs.actor-email }}" | |
| ./apply-headers.sh | |
| git commit -am "SPDX headers added by SecHub release job @github-actions" || true | |
| COMMITS=`git log --oneline --branches --not --remotes` | |
| echo "commits=$COMMITS" >> $GITHUB_OUTPUT | |
| - name: Create pull request for SPDX license headers | |
| id: pr_spdx_headers | |
| if: steps.apply-headers.outputs.commits != '' | |
| uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f | |
| with: | |
| branch: release-spdx-headers | |
| branch-suffix: short-commit-hash | |
| delete-branch: true | |
| title: '0 - Before pds-tools release: Add missing SPDX license headers [auto-generated]' | |
| body: | | |
| Auto-generated by Github Actions pds-tools release job. | |
| -> Please review and merge **before** publishing the pds-tools release. | |
| - name: Print PR infos | |
| if: steps.apply-headers.outputs.commits != '' | |
| run: | | |
| echo "Pull Request Number - ${{ steps.pr_spdx_headers.outputs.pull-request-number }}" | |
| echo "Pull Request URL - ${{ steps.pr_spdx_headers.outputs.pull-request-url }}" | |
| # ---------------------- | |
| # Build SecHub PDS-Tools | |
| # ---------------------- | |
| - name: Build Server, DAUI and generate OpenAPI file | |
| run: ./gradlew ensureLocalhostCertificate build generateOpenapi buildDeveloperAdminUI -x :sechub-integrationtest:test -x :sechub-cli:build | |
| - name: Generate and build Java projects related to SecHub Java API | |
| run: ./gradlew :sechub-api-java:build :sechub-systemtest:build :sechub-pds-tools:buildPDSToolsCLI -Dsechub.build.stage=api-necessary | |
| # To identifiy parts not in git history and leading to "-dirty-$commitId" markern in documentation | |
| - name: Collect GIT status | |
| if: always() | |
| run: | | |
| # restore reduced-openapi3.json | |
| git restore sechub-api-java/src/main/resources/reduced-openapi3.json | |
| mkdir -p build/reports | |
| git status > build/reports/git-status.txt | |
| echo "--- git tags:" >> build/reports/git-status.txt | |
| git tag --points-at HEAD >> build/reports/git-status.txt | |
| - name: Archive GIT status | |
| if: always() | |
| uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 | |
| with: | |
| name: git-status.txt | |
| path: build/reports/git-status.txt | |
| retention-days: 14 | |
| - name: Archive PDS-Tools cli artifact | |
| if: always() | |
| uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 | |
| with: | |
| name: sechub-pds-tools | |
| path: sechub-pds-tools/build/libs | |
| retention-days: 14 | |
| # ----------------------------------------- | |
| # Assert releaseable, so no dirty flags on releases | |
| # even when all artifact creation parts are done! | |
| # ----------------------------------------- | |
| - name: Assert releasable | |
| run: | | |
| git status | |
| ./gradlew assertReleaseable | |
| # ****************************************** | |
| # P D S - T o o l s release | |
| # ****************************************** | |
| - name: Prepare PDS-Tools ${{ inputs.pds-tools-version }} release artifacts | |
| shell: bash | |
| run: | | |
| mkdir pds-tools-release-artifacts | |
| # Collect release artifacts | |
| cp sechub-pds-tools/build/libs/sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar \ | |
| pds-tools-release-artifacts/ | |
| # Compute sha256 checksums for .jar files | |
| cd pds-tools-release-artifacts | |
| for i in *.jar ; do | |
| sha256sum "$i" > "$i.sha256sum" | |
| done | |
| - name: Create PDS-Tools ${{ inputs.pds-tools-version }} release draft | |
| shell: bash | |
| run: | | |
| assets=() | |
| echo "# Adding PDS binaries and docs" | |
| cd pds-tools-release-artifacts/ | |
| for asset in * ; do | |
| filename=`basename "$asset"` | |
| echo "# - $filename" | |
| assets+=("-a" "${asset}#${filename}") | |
| done | |
| # Define release data | |
| tag_name="v${{ inputs.pds-tools-version }}-pds-tools" | |
| release_title="PDS-Tools Version ${{ inputs.pds-tools-version }}" | |
| release_message="Changes in this Release | |
| - Some minor changes on PDS-Tools implementation" | |
| release_footer="For more details please look at [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1)" | |
| echo "# Create release draft \"$release_title\" on github" | |
| hub release create --draft "${assets[@]}" -m "$release_title" -m "$release_message" -m "$release_footer" "$tag_name" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # ----------------------------------------- | |
| # Create release issue | |
| # ----------------------------------------- | |
| - name: Create PDS-Tool ${{ inputs.pds-tools-version }} release issue | |
| uses: dacbd/create-issue-action@main | |
| with: | |
| token: ${{ github.token }} | |
| title: Release PDS-Tool ${{ inputs.pds-tools-version }} | |
| body: | | |
| See [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1) for details. | |
| Please close this issue after the release. | |
| milestone: ${{ inputs.pds-tools-milestone-number }} | |
| # ----------------------------------------- | |
| # Create a pull request for merging back `master` into `develop` | |
| # ----------------------------------------- | |
| - name: pull-request master to develop | |
| id: pr_master_to_develop | |
| continue-on-error: true | |
| uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| source_branch: "master" | |
| destination_branch: "develop" | |
| pr_allow_empty: true # should allow an empty PR, but seems not to work | |
| pr_title: '2 - After pds-tools release: Merge master back into develop [auto-generated]' | |
| pr_body: | | |
| After PDS-Tool release | |
| - PDS-Tools '${{ inputs.pds-tools-version }}' | |
| Merge master branch back into develop | |
| -> Please merge **after** the release has been published. | |
| - name: Print PR infos if PR was created | |
| if: steps.pr_master_to_develop.outcome == 'success' | |
| run: | | |
| echo "Pull Request Number - ${{ steps.pr_master_to_develop.outputs.pr_number }}" | |
| echo "Pull Request URL - ${{ steps.pr_master_to_develop.outputs.pr_url }}" | |
| - name: Print info if no PR was created | |
| if: steps.pr_master_to_develop.outcome != 'success' | |
| run: | | |
| echo "Nothing to merge - no pull request necessary." |