Release PDS-Tools #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-License-Identifier: MIT | |
name: Release PDS-Tools | |
on: | |
workflow_dispatch: | |
inputs: | |
pds-tools-version: | |
description: PDS-Tools Version (e.g. 0.1.0) | |
required: true | |
pds-tools-milestone-number: | |
description: PDS-Tools Milestone number (e.g. 70) | |
required: true | |
jobs: | |
release-version: | |
name: Create PDS-Tools release | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Show Inputs" | |
run: | | |
echo "PDS-Tools '${{ inputs.pds-tools-version }}' - Milestone '${{ inputs.pds-tools-milestone-number }}'" | |
# Check inputs if a milestone number is provided for each version to be released: | |
- name: "Verify Input: PDS-Tools" | |
if: (inputs.pds-tools-version != '') && (inputs.pds-tools-milestone-number == '') | |
run: | | |
echo "For PDS-Tools release, pds-tools-milestone-number must be provided!" | |
exit 1 | |
- name: Checkout master | |
uses: actions/checkout@v4 | |
with: | |
ref: master | |
# Create temporary local tags, so we build documentation for this tag... | |
# The final tag on git server side will be done by the release when the draft is saved as "real" release | |
# automatically. | |
- name: "Temporary tag server version: v${{ inputs.pds-tools-version }}-pds-tools - if defined" | |
if: inputs.pds-tools-version != '' | |
run: git tag v${{ inputs.pds-tools-version }}-pds-tools | |
# ---------------------- | |
# Setup + Caching | |
# ---------------------- | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 17 | |
distribution: temurin | |
cache: gradle | |
# ---------------------- | |
# Create pull request if license headers are missing | |
# ---------------------- | |
- name: run apply-headers.sh | |
id: apply-headers | |
run: | | |
git config user.name "SecHub release job (github-actions)" | |
git config user.email [email protected] | |
./apply-headers.sh | |
git commit -am "SPDX headers added by SecHub release job @github-actions" || true | |
COMMITS=`git log --oneline --branches --not --remotes` | |
echo "commits=$COMMITS" >> $GITHUB_OUTPUT | |
- name: Create pull request for SPDX license headers | |
id: pr_spdx_headers | |
if: steps.apply-headers.outputs.commits != '' | |
uses: peter-evans/[email protected] | |
with: | |
branch: release-spdx-headers | |
branch-suffix: short-commit-hash | |
delete-branch: true | |
title: '0 - Before pds-tools release: Add missing SPDX license headers [auto-generated]' | |
body: | | |
Auto-generated by Github Actions pds-tools release job. | |
-> Please review and merge **before** publishing the pds-tools release. | |
- name: Print PR infos | |
if: steps.apply-headers.outputs.commits != '' | |
run: | | |
echo "Pull Request Number - ${{ steps.pr_spdx_headers.outputs.pull-request-number }}" | |
echo "Pull Request URL - ${{ steps.pr_spdx_headers.outputs.pull-request-url }}" | |
# ---------------------- | |
# SecHub PDS-Tools | |
# ---------------------- | |
- name: Build Server, DAUI and generate OpenAPI file | |
run: ./gradlew ensureLocalhostCertificate build generateOpenapi buildDeveloperAdminUI -x :sechub-integrationtest:test -x :sechub-cli:build | |
- name: Generate and build Java projects related to SecHub Java API | |
run: ./gradlew :sechub-api-java:build :sechub-systemtest:build :sechub-pds-tools:buildPDSToolsCLI -Dsechub.build.stage=api-necessary | |
# To identifiy parts not in git history and leading to "-dirty-$commitId" markern in documentation | |
- name: Collect GIT status | |
if: always() | |
run: | | |
# restore reduced-openapi3.json | |
git restore sechub-api-java/src/main/resources/reduced-openapi3.json | |
mkdir -p build/reports | |
git status > build/reports/git-status.txt | |
echo "--- git tags:" >> build/reports/git-status.txt | |
git tag --points-at HEAD >> build/reports/git-status.txt | |
- name: Archive GIT status | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: git-status.txt | |
path: build/reports/git-status.txt | |
retention-days: 14 | |
- name: Archive PDS-Tools cli artifact | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: sechub-pds-tools | |
path: sechub-pds-tools/build/libs | |
retention-days: 14 | |
# ----------------------------------------- | |
# Assert releaseable, so no dirty flags on releases | |
# even when all artifact creation parts are done! | |
# ----------------------------------------- | |
- name: Assert releasable | |
run: | | |
git status | |
./gradlew assertReleaseable | |
- name: Create PDS-Tools release | |
id: create_pds_tools_release | |
if: inputs.pds-tools-version != '' | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
with: | |
tag_name: v${{ inputs.pds-tools-version }}-pds-tools | |
commitish: master | |
release_name: PDS-Tools Version ${{ inputs.pds-tools-version }} | |
body: | | |
Changes in this Release | |
- Some minor changes on PDS-Tools implementation | |
For more details please look at [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1) | |
draft: true | |
prerelease: false | |
- name: Create sha256 checksum file for PDS-Tools cli jar | |
if: inputs.pds-tools-version != '' | |
run: | | |
cd sechub-pds-tools/build/libs | |
sha256sum sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar > sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum | |
- name: Upload PDS-Tools release asset sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar | |
if: inputs.pds-tools-version != '' | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_pds_tools_release.outputs.upload_url }} | |
asset_path: sechub-pds-tools/build/libs/sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar | |
asset_name: sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar | |
asset_content_type: application/zip | |
- name: Upload PDS-Tools release asset sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum | |
if: inputs.pds-tools-version != '' | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_pds_tools_release.outputs.upload_url }} | |
asset_path: sechub-pds-tools/build/libs/sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum | |
asset_name: sechub-pds-tools-cli-${{ inputs.pds-tools-version }}.jar.sha256sum | |
asset_content_type: text/plain | |
# ----------------------------------------- | |
# Create release issue | |
# ----------------------------------------- | |
- name: Create PDS-Tool ${{ inputs.pds-tools-version }} release issue | |
uses: dacbd/create-issue-action@main | |
with: | |
token: ${{ github.token }} | |
title: Release PDS-Tool ${{ inputs.pds-tools-version }} | |
body: | | |
See [Milestone ${{inputs.pds-tools-milestone-number}}]( https://github.com/mercedes-benz/sechub/milestone/${{inputs.pds-tools-milestone-number}}?closed=1) for details. | |
Please close this issue after the release. | |
milestone: ${{ inputs.pds-tools-milestone-number }} | |
# ----------------------------------------- | |
# Create a pull request for merging back `master` into `develop` | |
# ----------------------------------------- | |
- name: pull-request master to develop | |
id: pr_master_to_develop | |
continue-on-error: true | |
uses: repo-sync/pull-request@v2 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
source_branch: "master" | |
destination_branch: "develop" | |
pr_allow_empty: true # should allow an empty PR, but seems not to work | |
pr_title: '2 - After pds-tools release: Merge master back into develop [auto-generated]' | |
pr_body: | | |
After PDS-Tool release | |
- PDS-Tools '${{ inputs.pds-tools-version }}' | |
Merge master branch back into develop | |
-> Please merge **after** the release has been published. | |
- name: Print PR infos if PR was created | |
if: steps.pr_master_to_develop.outcome == 'success' | |
run: | | |
echo "Pull Request Number - ${{ steps.pr_master_to_develop.outputs.pr_number }}" | |
echo "Pull Request URL - ${{ steps.pr_master_to_develop.outputs.pr_url }}" | |
- name: Print info if no PR was created | |
if: steps.pr_master_to_develop.outcome != 'success' | |
run: | | |
echo "Nothing to merge - no pull request necessary." |