-
Notifications
You must be signed in to change notification settings - Fork 3
96 lines (82 loc) · 3.98 KB
/
attach-artifact-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
name: Attach Artifact to Release
on:
workflow_dispatch:
pull_request:
types:
- closed
jobs:
attach-to-release:
name: Attach Artifact to Release
runs-on: ubuntu-latest
steps:
- run: sleep 30
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
- name: Get Reusable Script Files
run: |
curl -o $PWD/.github/get_draft_release.sh https://raw.githubusercontent.com/liquibase/build-logic/v0.4.5/.github/get_draft_release.sh
curl -o $PWD/.github/sign_artifact.sh https://raw.githubusercontent.com/liquibase/build-logic/v0.4.5/.github/sign_artifact.sh
chmod +x $PWD/.github/get_draft_release.sh
chmod +x $PWD/.github/sign_artifact.sh
chmod +x $PWD/.github/upload_asset.sh
- name: Configure Git
run: |
git config user.name "liquibot"
git config user.email "[email protected]"
- name: Build release artifacts
id: build-release-artifacts
run: |
mvn -B release:clean release:prepare -P '!run-proguard' -Dusername=liquibot -Dpassword=$GITHUB_TOKEN -Darguments="-Dmaven.javadoc.skip=true -Dmaven.test.skipTests=true -Dmaven.test.skip=true -Dmaven.deploy.skip=true" -DreleaseVersion=${{ github.event.inputs.liquibaseVersion }} -DpushChanges=false
git reset HEAD~ --hard
mvn -P '!run-proguard' clean install -DskipTests
- name: Get Artifact ID
id: get-artifact-id
run: echo "artifact_id=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)" >> $GITHUB_ENV
- name: Get latest draft release ID
id: get-release
run: |
LATEST_DRAFT_RELEASE=$(curl -X GET -H "Authorization: token ${{ secrets.BOT_TOKEN }}" "https://api.github.com/repos/${{ github.repository }}/releases?per_page=1" | jq -r 'if .[].draft == true then .[].id else empty end')
echo "Latest Draft Release ID: $LATEST_DRAFT_RELEASE"
echo "RELEASE_ID=$LATEST_DRAFT_RELEASE" >> $GITHUB_ENV
- name: List artifacts in release
if: env.RELEASE_ID != '' && env.RELEASE_ID != null
id: list-artifacts
run: |
RELEASE_ID="${{ env.RELEASE_ID }}"
ARTIFACTS=$(curl -X GET -H "Authorization: token ${{ secrets.BOT_TOKEN }}" "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets" | jq -r '.[].id')
echo "Artifacts to delete: $ARTIFACTS"
ARTIFACTS_CLEANED=$(echo "$ARTIFACTS" | tr -s '[:space:]' ',' | sed 's/,$//')
echo "ARTIFACTS_TO_DELETE=$ARTIFACTS_CLEANED" >> $GITHUB_ENV
- name: Delete artifacts
if: env.ARTIFACTS_TO_DELETE != null
run: |
RELEASE_ID="${{ env.RELEASE_ID }}"
ARTIFACTS_TO_DELETE="${{ env.ARTIFACTS_TO_DELETE }}"
IFS=',' read -ra values <<< "$ARTIFACTS_TO_DELETE"
for value in "${values[@]}"; do
curl -X DELETE -H "Authorization: token ${{ secrets.BOT_TOKEN }}" "https://api.github.com/repos/${{ github.repository }}/releases/assets/$value"
echo "Deleted artifact ID: $value"
done
- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPG_SECRET }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Sign Files for Draft Release
run: |
gpg -K
version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
./.github/sign_artifact.sh ./target/${{ env.artifact_id }}-${version}.pom
- name: Attach Files to Draft Release
id: upload-release-asset
run: ./.github/upload_asset.sh $(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
env:
GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }}
ASSET_NAME_PREFIX: "${{ env.artifact_id }}-"
ASSET_DIR: ./target