Skip to content

Commit

Permalink
adding github automation
Browse files Browse the repository at this point in the history
  • Loading branch information
tanya732 committed Oct 31, 2024
1 parent 5e00891 commit 26c645c
Show file tree
Hide file tree
Showing 11 changed files with 345 additions and 8 deletions.
30 changes: 30 additions & 0 deletions .github/actions/get-prerelease/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Return a boolean indicating if the version contains prerelease identifiers

#
# Returns a simple true/false boolean indicating whether the version indicates it's a prerelease or not.
#
# TODO: Remove once the common repo is public.
#

inputs:
version:
required: true

outputs:
prerelease:
value: ${{ steps.get_prerelease.outputs.PRERELEASE }}

runs:
using: composite

steps:
- id: get_prerelease
shell: bash
run: |
if [[ "${VERSION}" == *"beta"* || "${VERSION}" == *"alpha"* ]]; then
echo "PRERELEASE=true" >> $GITHUB_OUTPUT
else
echo "PRERELEASE=false" >> $GITHUB_OUTPUT
fi
env:
VERSION: ${{ inputs.version }}
42 changes: 42 additions & 0 deletions .github/actions/get-release-notes/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Return the release notes extracted from the body of the PR associated with the release.

#
# Returns the release notes from the content of a pull request linked to a release branch. It expects the branch name to be in the format release/vX.Y.Z, release/X.Y.Z, release/vX.Y.Z-beta.N. etc.
#
# TODO: Remove once the common repo is public.
#
inputs:
version:
required: true
repo_name:
required: false
repo_owner:
required: true
token:
required: true

outputs:
release-notes:
value: ${{ steps.get_release_notes.outputs.RELEASE_NOTES }}

runs:
using: composite

steps:
- uses: actions/github-script@v7
id: get_release_notes
with:
result-encoding: string
script: |
const { data: pulls } = await github.rest.pulls.list({
owner: process.env.REPO_OWNER,
repo: process.env.REPO_NAME,
state: 'all',
head: `${process.env.REPO_OWNER}:release/${process.env.VERSION}`,
});
core.setOutput('RELEASE_NOTES', pulls[0].body);
env:
GITHUB_TOKEN: ${{ inputs.token }}
REPO_OWNER: ${{ inputs.repo_owner }}
REPO_NAME: ${{ inputs.repo_name }}
VERSION: ${{ inputs.version }}
21 changes: 21 additions & 0 deletions .github/actions/get-version/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: Return the version extracted from the branch name

#
# Returns the version from the .version file.
#
# TODO: Remove once the common repo is public.
#

outputs:
version:
value: ${{ steps.get_version.outputs.VERSION }}

runs:
using: composite

steps:
- id: get_version
shell: bash
run: |
VERSION=$(head -1 .version)
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
44 changes: 44 additions & 0 deletions .github/actions/maven-publish/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
name: Publish release to Java

inputs:
ossr-username:
required: true
ossr-password:
required: true
signing-key:
required: true
signing-password:
required: true
java-version:
required: true
is-android:
required: true
version:
required: true

runs:
using: composite

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Setup Java
shell: bash
run: |
curl -s "https://get.sdkman.io" | bash
source "/home/runner/.sdkman/bin/sdkman-init.sh"
sdk list java
sdk install java ${{ inputs.java-version }} && sdk default java ${{ inputs.java-version }}
- uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # [email protected]

- name: Publish Java
shell: bash
if: inputs.is-android == 'false'
run: ./gradlew clean assemble sign publishMavenJavaPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"

- name: Publish Android
shell: bash
if: inputs.is-android == 'true'
run: ./gradlew clean assemble sign publishAndroidLibraryPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
47 changes: 47 additions & 0 deletions .github/actions/release-create/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: Create a GitHub release

#
# Creates a GitHub release with the given version.
#
# TODO: Remove once the common repo is public.
#

inputs:
token:
required: true
files:
required: false
name:
required: true
body:
required: true
tag:
required: true
commit:
required: true
draft:
default: false
required: false
prerelease:
default: false
required: false
fail_on_unmatched_files:
default: true
required: false

runs:
using: composite

steps:
- uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
with:
body: ${{ inputs.body }}
name: ${{ inputs.name }}
tag_name: ${{ inputs.tag }}
target_commitish: ${{ inputs.commit }}
draft: ${{ inputs.draft }}
prerelease: ${{ inputs.prerelease }}
fail_on_unmatched_files: ${{ inputs.fail_on_unmatched_files }}
files: ${{ inputs.files }}
env:
GITHUB_TOKEN: ${{ inputs.token }}
36 changes: 36 additions & 0 deletions .github/actions/tag-exists/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Return a boolean indicating if a tag already exists for the repository

#
# Returns a simple true/false boolean indicating whether the tag exists or not.
#
# TODO: Remove once the common repo is public.
#

inputs:
token:
required: true
tag:
required: true

outputs:
exists:
description: 'Whether the tag exists or not'
value: ${{ steps.tag-exists.outputs.EXISTS }}

runs:
using: composite

steps:
- id: tag-exists
shell: bash
run: |
GET_API_URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/git/ref/tags/${TAG_NAME}"
http_status_code=$(curl -LI $GET_API_URL -o /dev/null -w '%{http_code}\n' -s -H "Authorization: token ${GITHUB_TOKEN}")
if [ "$http_status_code" -ne "404" ] ; then
echo "EXISTS=true" >> $GITHUB_OUTPUT
else
echo "EXISTS=false" >> $GITHUB_OUTPUT
fi
env:
TAG_NAME: ${{ inputs.tag }}
GITHUB_TOKEN: ${{ inputs.token }}
88 changes: 88 additions & 0 deletions .github/workflows/java-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
name: Create Java and GitHub Release

on:
workflow_call:
inputs:
java-version:
required: true
type: string
is-android:
required: true
type: string
secrets:
ossr-username:
required: true
ossr-password:
required: true
signing-key:
required: true
signing-password:
required: true
github-token:
required: true

### TODO: Replace instances of './.github/actions/' w/ `auth0/dx-sdk-actions/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
### TODO: Also remove `get-prerelease`, `get-version`, `release-create`, `tag-create` and `tag-exists` actions from this repo's .github/actions folder once the repo is public.

jobs:
release:
if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
runs-on: ubuntu-latest
environment: release

steps:
# Checkout the code
- uses: actions/checkout@v4
with:
fetch-depth: 0

# Get the version from the branch name
- id: get_version
uses: ./.github/actions/get-version

# Get the prerelease flag from the branch name
- id: get_prerelease
uses: ./.github/actions/get-prerelease
with:
version: ${{ steps.get_version.outputs.version }}

# Get the release notes
- id: get_release_notes
uses: ./.github/actions/get-release-notes
with:
token: ${{ secrets.github-token }}
version: ${{ steps.get_version.outputs.version }}
repo_owner: ${{ github.repository_owner }}
repo_name: ${{ github.event.repository.name }}

# Check if the tag already exists
- id: tag_exists
uses: ./.github/actions/tag-exists
with:
tag: ${{ steps.get_version.outputs.version }}
token: ${{ secrets.github-token }}

# If the tag already exists, exit with an error
- if: steps.tag_exists.outputs.exists == 'true'
run: exit 1

# Publish the release to Maven
- uses: ./.github/actions/maven-publish
with:
java-version: ${{ inputs.java-version }}
is-android: ${{ inputs.is-android }}
version: ${{ steps.get_version.outputs.version }}
ossr-username: ${{ secrets.ossr-username }}
ossr-password: ${{ secrets.ossr-password }}
signing-key: ${{ secrets.signing-key }}
signing-password: ${{ secrets.signing-password }}

# Create a release for the tag
- uses: ./.github/actions/release-create
with:
token: ${{ secrets.github-token }}
name: ${{ steps.get_version.outputs.version }}
body: ${{ steps.get_release_notes.outputs.release-notes }}
tag: ${{ steps.get_version.outputs.version }}
commit: ${{ github.sha }}
prerelease: ${{ steps.get_prerelease.outputs.prerelease }}
27 changes: 27 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
name: Create GitHub Release

on:
pull_request:
types:
- closed
workflow_dispatch:

permissions:
contents: write

### TODO: Replace instances of './.github/workflows/' w/ `auth0/dx-sdk-actions/workflows/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
### TODO: Also remove `get-prerelease`, `get-release-notes`, `get-version`, `maven-publish`, `release-create`, and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
### TODO: Also remove `java-release` workflow from this repo's .github/workflows folder once the repo is public.

jobs:
release:
uses: ./.github/workflows/java-release.yml
with:
java-version: 8.0.382-tem
is-android: false
secrets:
ossr-username: ${{ secrets.OSSR_USERNAME }}
ossr-password: ${{ secrets.OSSR_PASSWORD }}
signing-key: ${{ secrets.SIGNING_KEY }}
signing-password: ${{ secrets.SIGNING_PASSWORD }}
github-token: ${{ secrets.GITHUB_TOKEN }}
1 change: 1 addition & 0 deletions .shiprc
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
"files": {
"README.md": [],
".version": [],
"build.gradle": ["version = \"{MAJOR}.{MINOR}.{PATCH}\""]
},
"prefixVersion": false
Expand Down
1 change: 1 addition & 0 deletions .version
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
0.22.1
16 changes: 8 additions & 8 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,16 @@ group = 'com.auth0'

logger.lifecycle("Using version ${version} for ${name} group $group")

def signingKey = findProperty('signingKey')
def signingKeyPwd = findProperty('signingPassword')

oss {
name 'jwks-rsa'
repository 'jwks-rsa-java'
organization 'auth0'
description 'JSON Web Key Set parser library'
baselineCompareVersion '0.15.0'
skipAssertSigningConfiguration true

developers {
auth0 {
Expand All @@ -31,6 +35,10 @@ oss {
}
}

signing {
useInMemoryPgpKeys(signingKey, signingKeyPwd)
}

jacocoTestReport {
reports {
xml.enabled = true
Expand Down Expand Up @@ -71,14 +79,6 @@ dependencies {
testImplementation group: 'org.hamcrest', name: 'hamcrest-library', version:'1.3'
}

// Creates a version.txt file containing the current version of the SDK.
// This file is picked up and parsed by our Ship Orb to determine the version.
task exportVersion() {
doLast {
new File(rootDir, "version.txt").text = "$version"
}
}

// See https://github.com/google/guava/releases/tag/v32.1.0 for why this is required
sourceSets.all {
configurations.getByName(runtimeClasspathConfigurationName) {
Expand Down

0 comments on commit 26c645c

Please sign in to comment.