chore: release version 0.4.2 #6
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release to Maven Central | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Verify tag matches pom version | |
| run: | | |
| TAG_VERSION="${GITHUB_REF#refs/tags/v}" | |
| POM_VERSION=$(mvn -f oid4vp-java/pom.xml help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| if [ "$TAG_VERSION" != "$POM_VERSION" ]; then | |
| echo "Tag version v${TAG_VERSION} does not match pom.xml version ${POM_VERSION}" | |
| exit 1 | |
| fi | |
| echo "Version $POM_VERSION verified" | |
| - name: Set up Java 25 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: '25' | |
| cache: maven | |
| - name: Import GPG key | |
| run: echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import | |
| - name: Create Maven settings.xml | |
| run: | | |
| mkdir -p ~/.m2 | |
| cat > ~/.m2/settings.xml <<'SETTINGS' | |
| <settings> | |
| <servers> | |
| <server> | |
| <id>central</id> | |
| <username>${env.CENTRAL_USERNAME}</username> | |
| <password>${env.CENTRAL_TOKEN}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| SETTINGS | |
| - name: Publish to Maven Central | |
| run: mvn --batch-mode deploy -P release -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} | |
| working-directory: oid4vp-java | |
| env: | |
| CENTRAL_USERNAME: ${{ secrets.CENTRAL_USERNAME }} | |
| CENTRAL_TOKEN: ${{ secrets.CENTRAL_TOKEN }} | |
| - name: Upload release artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-artifacts | |
| path: | | |
| oid4vp-java/target/*.jar | |
| oid4vp-java/target/*.asc | |
| create-release: | |
| runs-on: ubuntu-latest | |
| needs: publish | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Extract version from tag | |
| id: version | |
| run: | | |
| VERSION=${GITHUB_REF#refs/tags/v} | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "Version: $VERSION" | |
| - name: Extract changelog for this version | |
| id: changelog | |
| run: | | |
| VERSION="${{ steps.version.outputs.version }}" | |
| CHANGELOG_CONTENT=$(awk -v version="$VERSION" ' | |
| /^## \[/ { | |
| if (found) exit; | |
| if ($0 ~ "\\[" version "\\]") { | |
| found=1; | |
| next; | |
| } | |
| } | |
| found && /^## \[/ { exit } | |
| found { print } | |
| ' CHANGELOG.md | sed '/^$/d' | head -c 65000) | |
| if [ -z "$CHANGELOG_CONTENT" ]; then | |
| CHANGELOG_CONTENT="Release version $VERSION" | |
| fi | |
| echo "content<<EOF" >> $GITHUB_OUTPUT | |
| echo "$CHANGELOG_CONTENT" >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| - name: Download release artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: release-artifacts | |
| path: artifacts | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{ github.ref_name }} | |
| name: Release v${{ steps.version.outputs.version }} | |
| body: ${{ steps.changelog.outputs.content }} | |
| draft: false | |
| prerelease: false | |
| files: artifacts/* |