-
Notifications
You must be signed in to change notification settings - Fork 0
120 lines (103 loc) · 3.39 KB
/
Copy pathrelease.yml
File metadata and controls
120 lines (103 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Release to Maven Central
on:
push:
tags:
- 'v*'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Verify tag matches pom version
run: |
TAG_VERSION="${GITHUB_REF#refs/tags/v}"
POM_VERSION=$(mvn -f oid4vp-java/pom.xml help:evaluate -Dexpression=project.version -q -DforceStdout)
if [ "$TAG_VERSION" != "$POM_VERSION" ]; then
echo "Tag version v${TAG_VERSION} does not match pom.xml version ${POM_VERSION}"
exit 1
fi
echo "Version $POM_VERSION verified"
- name: Set up Java 25
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: '25'
cache: maven
- name: Import GPG key
run: echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import
- name: Create Maven settings.xml
run: |
mkdir -p ~/.m2
cat > ~/.m2/settings.xml <<'SETTINGS'
<settings>
<servers>
<server>
<id>central</id>
<username>${env.CENTRAL_USERNAME}</username>
<password>${env.CENTRAL_TOKEN}</password>
</server>
</servers>
</settings>
SETTINGS
- name: Publish to Maven Central
run: mvn --batch-mode deploy -P release -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}
working-directory: oid4vp-java
env:
CENTRAL_USERNAME: ${{ secrets.CENTRAL_USERNAME }}
CENTRAL_TOKEN: ${{ secrets.CENTRAL_TOKEN }}
- name: Upload release artifacts
uses: actions/upload-artifact@v4
with:
name: release-artifacts
path: |
oid4vp-java/target/*.jar
oid4vp-java/target/*.asc
create-release:
runs-on: ubuntu-latest
needs: publish
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Extract version from tag
id: version
run: |
VERSION=${GITHUB_REF#refs/tags/v}
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Version: $VERSION"
- name: Extract changelog for this version
id: changelog
run: |
VERSION="${{ steps.version.outputs.version }}"
CHANGELOG_CONTENT=$(awk -v version="$VERSION" '
/^## \[/ {
if (found) exit;
if ($0 ~ "\\[" version "\\]") {
found=1;
next;
}
}
found && /^## \[/ { exit }
found { print }
' CHANGELOG.md | sed '/^$/d' | head -c 65000)
if [ -z "$CHANGELOG_CONTENT" ]; then
CHANGELOG_CONTENT="Release version $VERSION"
fi
echo "content<<EOF" >> $GITHUB_OUTPUT
echo "$CHANGELOG_CONTENT" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Download release artifacts
uses: actions/download-artifact@v4
with:
name: release-artifacts
path: artifacts
- name: Create GitHub Release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ github.ref_name }}
name: Release v${{ steps.version.outputs.version }}
body: ${{ steps.changelog.outputs.content }}
draft: false
prerelease: false
files: artifacts/*