v1.11.2 #10
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow runs when a GitHub release is published. | |
| # | |
| # It validates that the tag correctly matches the library version, and then publishes | |
| # artifacts for the release. Currently, this includes uploading the compiled Jar to | |
| # the GitHub release. However, it should be extended to also include PGP signing and | |
| # uploading to Maven Central. | |
| # | |
| # This workflow is almost a reusable workflow that can be used by any of our Gradle/JVM | |
| # libraries. In order to make it reusable, we need to move it to a separate repo, update | |
| # the workflow trigger ('on') to be 'workflow_call', and define inputs for any context | |
| # that needs to be passed in. | |
| # | |
| # See https://docs.github.com/en/actions/using-workflows/reusing-workflows | |
| # | |
| # TODO: Consider whether we should merge this with the "prepare-release" workflow rather | |
| # than having separate workflows. | |
| name: Publish Artifacts for Release | |
| on: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: read | |
| jobs: | |
| check-tag: | |
| # First, a sanity check to ensure that the library version matches the release version | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.6.0 | |
| - name: Validate project version matches tag | |
| shell: bash | |
| run: | | |
| RELEASE_TAG=${GITHUB_REF#refs/tags/} | |
| # the tag should start with `v`, so prepend `v` to the contents of project.version | |
| PROJECT_VERSION="v$(<project.version)" | |
| echo "Project Version: $PROJECT_VERSION" | |
| echo "Release Tag: $RELEASE_TAG" | |
| [ "$PROJECT_VERSION" = "$RELEASE_TAG" ] || exit 1 | |
| publish-to-github-release: | |
| # only run if `check-tag` completes successfully | |
| needs: check-tag | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| # TODO: replace with artifact upload/download -- make sure there's no race condition with other builds also | |
| # uploading an artifact. | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.6.0 | |
| with: | |
| submodules: recursive | |
| - uses: gradle/gradle-build-action@3b1b3b9a2104c2b47fbae53f3938079c00c9bb87 # v3.0.0 | |
| with: | |
| arguments: build cyclonedxBom | |
| - name: Upload Jar to GitHub release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # TODO - reusability | |
| # the location of the library(s) should be configurable as an input | |
| # parameter rather than being hard coded as `build/libs/ion-java...` | |
| # It may also need to be able to upload more than one file. | |
| run: | | |
| gh release upload "v$(<project.version)" "build/libs/ion-java-$(<project.version).jar" | |
| gh release upload "v$(<project.version)" "build/reports/bom.json" | |
| # TODO: Add `publish-to-maven-central` job |