Release PDS-Tools #5

Workflow file for this run

.github/workflows/release-pds-tools.yml at 6b9d82f

	# SPDX-License-Identifier: MIT
	name: Release PDS-Tools

	on:
	workflow_dispatch:
	inputs:
	pds-tools-version:
	description: PDS-Tools Version (e.g. 0.1.0)
	required: true
	pds-tools-milestone-number:
	description: PDS-Tools Milestone number (e.g. 70)
	required: true
	jobs:
	release-version:
	name: Create PDS-Tools release
	runs-on: ubuntu-latest
	steps:

	- name: "Show Inputs"
	run: \|
	echo "PDS-Tools '${{ inputs.pds-tools-version }}' - Milestone '${{ inputs.pds-tools-milestone-number }}'"
	# Check inputs if a milestone number is provided for each version to be released:

	- name: "Verify Input: PDS-Tools"
	if: (inputs.pds-tools-version != '') && (inputs.pds-tools-milestone-number == '')
	run: \|
	echo "For PDS-Tools release, pds-tools-milestone-number must be provided!"
	exit 1

	- name: Checkout master
	uses: actions/checkout@v4
	with:
	ref: master

	# Create temporary local tags, so we build documentation for this tag...
	# The final tag on git server side will be done by the release when the draft is saved as "real" release
	# automatically.
	- name: "Temporary tag server version: v${{ inputs.pds-tools-version }}-pds-tools - if defined"
	if: inputs.pds-tools-version != ''
	run: git tag v${{ inputs.pds-tools-version }}-pds-tools

	# ----------------------
	# Setup + Caching
	# ----------------------
	- name: Set up JDK 17
	uses: actions/setup-java@v3
	with:
	java-version: 17
	distribution: temurin
	cache: gradle

	# ----------------------
	# Create pull request if license headers are missing
	# ----------------------
	- name: run apply-headers.sh
	id: apply-headers
	run: \|
	git config user.name "SecHub release job (github-actions)"
	git config user.email [email protected]
	./apply-headers.sh
	git commit -am "SPDX headers added by SecHub release job @github-actions" \|\| true
	COMMITS=`git log --oneline --branches --not --remotes`
	echo "commits=$COMMITS" >> $GITHUB_OUTPUT

	- name: Create pull request for SPDX license headers
	id: pr_spdx_headers
	if: steps.apply-headers.outputs.commits != ''
	uses: peter-evans/[email protected]
	with:
	branch: release-spdx-headers
	branch-suffix: short-commit-hash
	delete-branch: true
	title: '0 - Before pds-tools release: Add missing SPDX license headers [auto-generated]'
	body: \|
	Auto-generated by Github Actions pds-tools release job.

	-> Please review and merge before publishing the pds-tools release.

	- name: Print PR infos
	if: steps.apply-headers.outputs.commits != ''
	run: \|
	echo "Pull Request Number - ${{ steps.pr_spdx_headers.outputs.pull-request-number }}"
	echo "Pull Request URL - ${{ steps.pr_spdx_headers.outputs.pull-request-url }}"

	# ----------------------
	# SecHub PDS-Tools
	# ----------------------
	- name: Build Server, DAUI and generate OpenAPI file
	run: ./gradlew ensureLocalhostCertificate build generateOpenapi buildDeveloperAdminUI -x :sechub-integrationtest:test -x :sechub-cli:build

	- name: Generate and build Java projects related to SecHub Java API
	run: ./gradlew :sechub-api-java:build :sechub-systemtest:build :sechub-pds-tools:buildPDSToolsCLI -Dsechub.build.stage=api-necessary

	# To identifiy parts not in git history and leading to "-dirty-$commitId" markern in documentation
	- name: Collect GIT status
	if: always()
	run: \|
	# restore reduced-openapi3.json
	git restore sechub-api-java/src/main/resources/reduced-openapi3.json
	mkdir -p build/reports
	git status > build/reports/git-status.txt

	- name: Archive GIT status
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: git-status.txt
	path: build/reports/git-status.txt
	retention-days: 14

	- name: Archive PDS-Tools cli artifact
	if: always()
	uses: actions/upload-artifact@v3
	with:
	name: sechub-pds-tools
	path: sechub-pds-tools/build/libs
	retention-days: 14

	# -----------------------------------------
	# Assert releaseable, so no dirty flags on releases
	# even when all artifact creation parts are done!
	# -----------------------------------------
	- name: Assert releasable
	run: \|
	git status
	./gradlew assertReleaseable

	- name: Create PDS-Tools release
	id: create_pds_tools_release
	if: inputs.pds-tools-version != ''
	uses: actions/create-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
	with:
	tag_name: v${{ inputs.pds-tools-version }}-pds-tools
	commitish: master
	release_name: PDS-Tools Version ${{ inputs.pds-tools-version }}
	body: \|
	Changes in this Release
	- Some minor changes on PDS-Tools implementation

	For more details please look at [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1)
	draft: true
	prerelease: false

	- name: Create sha256 checksum file for PDS-Tools cli jar
	if: inputs.pds-tools-version != ''
	run: \|
	cd sechub-pds-tools/build/libs
	sha256sum sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar > sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum

	- name: Upload PDS-Tools release asset sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar
	if: inputs.pds-tools-version != ''
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_pds_tools_release.outputs.upload_url }}
	asset_path: sechub-pds-tools/build/libs/sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar
	asset_name: sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar
	asset_content_type: application/zip

	- name: Upload PDS-Tools release asset sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum
	if: inputs.pds-tools-version != ''
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_pds_tools_release.outputs.upload_url }}
	asset_path: sechub-pds-tools/build/libs/sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum
	asset_name: sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum
	asset_content_type: text/plain

	# -----------------------------------------
	# Create release issue
	# -----------------------------------------
	- name: Create PDS-Tool ${{ inputs.pds-tools-version }} release issue
	uses: dacbd/create-issue-action@main
	with:
	token: ${{ github.token }}
	title: Release PDS-Tool ${{ inputs.pds-tools-version }}
	body: \|
	See [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1) for details.

	Please close this issue after the release.
	milestone: ${{ inputs.pds-tools-milestone-number }}

	# -----------------------------------------
	# Create a pull request for merging back `master` into `develop`
	# -----------------------------------------
	- name: pull-request master to develop
	id: pr_master_to_develop
	continue-on-error: true
	uses: repo-sync/pull-request@v2
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	source_branch: "master"
	destination_branch: "develop"
	pr_allow_empty: true # should allow an empty PR, but seems not to work
	pr_title: '2 - After pds-tools release: Merge master back into develop [auto-generated]'
	pr_body: \|
	After PDS-Tool release
	- PDS-Tools '${{ inputs.pds-tools-version }}'

	Merge master branch back into develop

	-> Please merge after the release has been published.

	- name: Print PR infos if PR was created
	if: steps.pr_master_to_develop.outcome == 'success'
	run: \|
	echo "Pull Request Number - ${{ steps.pr_master_to_develop.outputs.pr_number }}"
	echo "Pull Request URL - ${{ steps.pr_master_to_develop.outputs.pr_url }}"

	- name: Print info if no PR was created
	if: steps.pr_master_to_develop.outcome != 'success'
	run: \|
	echo "Nothing to merge - no pull request necessary."

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release PDS-Tools #5

Workflow file

Release PDS-Tools #5

Jobs

Run details

Workflow file for this run