mirror of
https://github.com/octoleo/plantuml.git
synced 2025-01-05 08:02:11 +00:00
3c53361064
Adding `signingKey` and `signingPassword`properties when calling gradle publication tasks from the CI workflow fix the bug. Fixes: #1313
225 lines
8.2 KiB
YAML
225 lines
8.2 KiB
YAML
name: CI
|
|
|
|
on:
|
|
create:
|
|
pull_request:
|
|
types: [ opened, synchronize, reopened ]
|
|
paths-ignore:
|
|
- '*.md'
|
|
- 'docs/**'
|
|
push:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '*.md'
|
|
- 'docs/**'
|
|
workflow_dispatch:
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
workflow_config:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
do_release: ${{ steps.config.outputs.do_release }}
|
|
do_snapshot_release: ${{ steps.config.outputs.do_snapshot_release }}
|
|
pom_version: ${{ steps.config.outputs.pom_version }}
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Configure workflow
|
|
id: config
|
|
env:
|
|
ACTOR: ${{ github.actor }}
|
|
EVENT_ACTION: ${{ github.event.action }}
|
|
REF_TYPE: ${{ github.event.ref_type }}
|
|
REF: ${{ github.event.ref }}
|
|
run: |
|
|
cat <<-EOF
|
|
::group::Debug Info
|
|
GITHUB_EVENT_NAME : '${GITHUB_EVENT_NAME}'
|
|
EVENT_ACTION : '${EVENT_ACTION}'
|
|
REF_TYPE : '${REF_TYPE}'
|
|
REF : '${REF}'
|
|
ACTOR : '${ACTOR}'
|
|
GITHUB_REPOSITORY_OWNER : '${GITHUB_REPOSITORY_OWNER}'
|
|
::endgroup::
|
|
EOF
|
|
|
|
# Do a release when a git tag starting with 'v' has been created by a suitable user.
|
|
# (We match against github.repository_owner as a kludge so that forked repos can release themselves when testing the workflow)
|
|
|
|
if [[ "${GITHUB_EVENT_NAME}" == "create" && "${REF_TYPE}" == "tag" && "${REF}" == v* && \
|
|
( "${ACTOR}" == "arnaudroques" || "${ACTOR}" == "${GITHUB_REPOSITORY_OWNER}" ) \
|
|
]]; then
|
|
echo "::notice title=::This run will release '${REF}'"
|
|
echo "do_release=true" >> $GITHUB_OUTPUT
|
|
echo "pom_version=${REF#v}" >> $GITHUB_OUTPUT # pom_version is the tag without the 'v' prefix
|
|
|
|
elif [[ "${GITHUB_EVENT_NAME}" =~ push|workflow_dispatch && "${REF}" == "refs/heads/master" && "${ACTOR}" == "arnaudroques" ]]; then
|
|
echo "::notice title=::This run will release a snapshot"
|
|
echo "do_snapshot_release=true" >> $GITHUB_OUTPUT
|
|
V=$(perl -ne 'if (/return (\d{6,7});/) {$v=$1} if (/final int beta = (\d+);/) {$b=$1} END{print(substr($v, 0, 1),".", substr($v, 1, 4),"."); if ($b) {print(int(substr($v+1, 5)), "beta", $b);} else {print(int(substr($v, 5)))}}' src/net/sourceforge/plantuml/version/Version.java)
|
|
echo "pom_version=$V-SNAPSHOT" >> $GITHUB_OUTPUT # pom_version is taken from Version.java
|
|
|
|
else
|
|
echo "This run will NOT make a release"
|
|
fi
|
|
|
|
# We run the tests on many OS / Java combinations but also the Compile step because some users build
|
|
# their own jars from source, so it is good for CI to check that is working on all combinations.
|
|
test:
|
|
needs: workflow_config
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
java_version: [ 8, 11, 17 ]
|
|
os: [ ubuntu-20.04, ubuntu-22.04, windows-2019, windows-2022 ]
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Set up java
|
|
uses: actions/setup-java@v3.10.0
|
|
with:
|
|
java-version: ${{ matrix.java_version }}
|
|
distribution: temurin
|
|
cache: gradle
|
|
|
|
# Compile / Test / Package are separate steps so the reason for any failure is more obvious in GitHub UI
|
|
- name: Compile
|
|
run: gradle -q compileJava --no-daemon
|
|
|
|
- name: Test
|
|
run: gradle test --no-daemon -i
|
|
|
|
- name: Upload test reports
|
|
uses: actions/upload-artifact@v3
|
|
if: ${{ always() }}
|
|
with:
|
|
# Using github.run_number here to reduce confusion when downloading & comparing from several builds
|
|
name: ${{ github.run_number }}-${{ matrix.os }}-java-${{ matrix.java_version }}-test-reports
|
|
path: build/reports/tests/
|
|
|
|
upload:
|
|
needs: [ workflow_config, test ]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Set up java
|
|
uses: actions/setup-java@v3.5.0
|
|
with:
|
|
java-version: 17
|
|
distribution: temurin
|
|
cache: gradle
|
|
|
|
- name: Set version from tag
|
|
if: env.POM_VERSION
|
|
env:
|
|
POM_VERSION: ${{ needs.workflow_config.outputs.pom_version }}
|
|
run: sed -i "s/version = .*/version = $POM_VERSION/" gradle.properties
|
|
|
|
- name: Build artifacts
|
|
run: |
|
|
gradle -q clean build \
|
|
pdfJar \
|
|
generateMetadataFileForMavenPublication generatePomFileForMavenPublication \
|
|
-x test
|
|
|
|
- name: Sign artifacts
|
|
if: env.ORG_GRADLE_PROJECT_signingKey
|
|
env:
|
|
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }}
|
|
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
|
|
run: |
|
|
gradle -i signMavenPublication signPdfJar
|
|
|
|
- name: Upload artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
# Using github.run_number here to reduce confusion when downloading & comparing artifacts from several builds
|
|
name: ${{ github.run_number }}-artifacts
|
|
path: |
|
|
build/libs/*
|
|
build/publications/maven/*
|
|
|
|
- name: Create snapshot release
|
|
if: needs.workflow_config.outputs.do_snapshot_release == 'true'
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
|
|
OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
|
|
#do not remove signing key and password or signatures will not be published
|
|
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }}
|
|
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
|
|
run: |
|
|
.github/scripts/release-snapshot.sh
|
|
gradle publish
|
|
|
|
- name: Create release in GitHub
|
|
if: needs.workflow_config.outputs.do_release == 'true'
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
TAG: ${{ github.event.ref }}
|
|
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
|
|
OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
|
|
#do not remove signing key and password or signatures will not be published
|
|
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }}
|
|
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
|
|
run: |
|
|
.github/scripts/release.sh
|
|
gradle publish
|
|
|
|
push_to_registry:
|
|
needs: [ workflow_config, test, upload ]
|
|
if: needs.workflow_config.outputs.do_release == 'true'
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out the repo
|
|
uses: actions/checkout@v3
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v2
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
- name: Docker meta
|
|
id: meta
|
|
uses: docker/metadata-action@v4
|
|
with:
|
|
# list of Docker images to use as base name for tags
|
|
images: |
|
|
${{ github.repository }}
|
|
ghcr.io/${{ github.repository }}
|
|
# generate Docker tags based on the following events/attributes
|
|
tags: |
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
type=semver,pattern={{major}}
|
|
type=sha
|
|
- name: Log into Docker Hub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
- name: Log in to GitHub Docker Registry
|
|
uses: docker/login-action@v2
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Build/push container image
|
|
uses: docker/build-push-action@v4
|
|
with:
|
|
context: .
|
|
push: true
|
|
build-args: |
|
|
PLANTUML_VERSION=${{ github.event.ref }}
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
platforms: linux/amd64,linux/arm64
|