Skip to content

Release

Release #2

Workflow file for this run

name: Release
on:
# run manually on default branch
workflow_dispatch:
inputs:
dryRun:
type: boolean
description: "Dry-Run"
default: false
includeTests:
type: boolean
description: Include tests
default: true
concurrency:
# only run one publishing at a time to avoid conflicts
group: publish-${{ github.ref }}
env:
# instead of embedded Maven use local Maven CLI
# HALE_BUILD_MAVEN_EMBEDDED: 'false'
# renovate: datasource=npm depName=@semantic-release/changelog
SEMANTIC_RELEASE_CHANGELOG_VERSION: 6.0.3
# renovate: datasource=npm depName=@semantic-release/exec
SEMANTIC_RELEASE_EXEC_VERSION: 6.0.3
# renovate: datasource=npm depName=@semantic-release/git
SEMANTIC_RELEASE_GIT_VERSION: 10.0.1
# renovate: datasource=npm depName=conventional-changelog-conventionalcommits
CONVENTIONAL_CHANGELOG_CONVENTIONALCOMMITS_VERSION: 7.0.2
jobs:
release:
# Only on main repository (don't release on forks)
if: github.repository_owner == 'halestudio'
name: Release
runs-on: ubuntu-latest
outputs:
release-published: ${{ steps.release.outputs.new_release_published }}
release-version: ${{ steps.release.outputs.new_release_version }}
steps:
- name: Determine app token for release
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
id: app-token
with:
app-id: ${{ secrets.WE_RELEASE_GITHUB_APP_ID }}
private-key: "${{ secrets.WE_RELEASE_GITHUB_PRIVATE_KEY }}"
- name: Setup Maven
uses: s4u/setup-maven-action@489441643219d2b93ee2a127b2402eb640a1b947 # v1.13.0
# uses: stempler/setup-maven-action@feat/cache-save-always
with:
java-version: 17
java-distribution: temurin
maven-version: 3.9.6
checkout-fetch-depth: 0 # make sure to check out all tags
checkout-token: ${{ steps.app-token.outputs.token }}
checkout-persist-credentials: true # token and persisted credentials required for push (to protected branch)
# Note: currently not working because of https://github.com/actions/cache/issues/1315
# Fix in https://github.com/actions/cache/pull/1325 not merged yet
# cache-save-always: true
- name: Install genisoimage # required for Mac build
run: sudo apt-get install -y genisoimage
- name: Clean
run: ./build.sh clean
working-directory: ./build
- name: Create hale-docker.conf file
run: |
mkdir -p ~/.hale
cat <<EOF > ~/.hale/hale-docker.conf
global {
dockerHost="unix:///var/run/docker.sock"
}
EOF
- name: Login to Docker Hub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Test
if: ${{ inputs.includeTests }}
run: ./build.sh integrationStage
working-directory: ./build
- name: Publish Test Report
uses: mikepenz/action-junit-report@ac30be7acb0a361e5492575ab42e47fcadec4928 # v4.2.2
if: ${{ always() && inputs.includeTests }}
with:
# fail if there are no test results
require_tests: true
# Workaround for check that is additionally created being associated
# to the wrong workflow/run. Instead no additional check is created.
# See https://github.com/mikepenz/action-junit-report/issues/40
annotate_only: true
detailed_summary: true
report_paths: 'build/target/testReports/*.xml'
- name: Install NodeJs
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: 20
- name: Install AWS CLI # Required for uploading update site
uses: unfor19/install-aws-cli-action@e8b481e524a99f37fbd39fdc1dcb3341ab091367 # v1.0.7
with:
version: 1
- name: Release
id: release
uses: cycjimmy/semantic-release-action@cb425203a562475bca039ba4dbf90c7f9ac790f4 # v4.1.0
env:
# Permissions needed
# contents: write
# issues: write
# pull-requests: write
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GIT_AUTHOR_NAME: wetransform Bot
GIT_AUTHOR_EMAIL: [email protected]
GIT_COMMITTER_NAME: wetransform Bot
GIT_COMMITTER_EMAIL: [email protected]
RUNNER_DEBUG: 1
# For release commands execution
# Upload update site
# AWS_ACCESS_KEY_ID: ${{ secrets.BUILD_ARCHIVE_ACCESS_KEY }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.BUILD_ARCHIVE_SECRET_KEY }}
# Deploy artifacts
# WETF_ARTIFACTORY_USER: ${{ secrets.WETF_ARTIFACTORY_USER }}
# WETF_ARTIFACTORY_PASSWORD: ${{ secrets.WETF_ARTIFACTORY_PASSWORD }}
JAVA_TOOL_OPTIONS: '-Dmaven.wagon.httpconnectionManager.ttlSeconds=120'
with:
dry_run: ${{ inputs.dryRun }}
semantic_version: 23.1.1
extra_plugins:
"@semantic-release/changelog@\
${{ env.SEMANTIC_RELEASE_CHANGELOG_VERSION }} \
@semantic-release/exec@\
${{ env.SEMANTIC_RELEASE_EXEC_VERSION }} \
@semantic-release/git@\
${{ env.SEMANTIC_RELEASE_GIT_VERSION }} \
conventional-changelog-conventionalcommits@\
${{ env.CONVENTIONAL_CHANGELOG_CONVENTIONALCOMMITS_VERSION }} \
"
# https://github.com/marketplace/actions/slack-notify-build
- name: Notify failure to Slack
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/github-action-slack-notify-build@3665186a8c1a022b28a1dbe0954e73aa9081ea9e # v1.6.0
with:
channel: build-failures
status: FAILED
color: danger
# Note: one reason deploy artifacts is handled as separate job is that it currently usually fails (connection reset issue)
# and should not impact the main release job
deploy-artifacts:
name: Deploy Maven artifacts
runs-on: ubuntu-latest
needs: [release]
if: ${{ !inputs.dryRun && needs.release.outputs.release-published != 'false' }}
steps:
- name: Setup Maven
uses: s4u/setup-maven-action@489441643219d2b93ee2a127b2402eb640a1b947 # v1.13.0
with:
java-version: 17
java-distribution: temurin
maven-version: 3.9.6
checkout-ref: refs/tags/v${{needs.release.outputs.release-version}} # check out release tag
- name: Deploy Artifacts
env:
WETF_ARTIFACTORY_USER: ${{ secrets.WETF_ARTIFACTORY_USER }}
WETF_ARTIFACTORY_PASSWORD: ${{ secrets.WETF_ARTIFACTORY_PASSWORD }}
JAVA_TOOL_OPTIONS: '-Dmaven.wagon.httpconnectionManager.ttlSeconds=120'
run: ./build.sh deployArtifacts
working-directory: ./build
# https://github.com/marketplace/actions/slack-notify-build
- name: Notify failure to Slack
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/github-action-slack-notify-build@3665186a8c1a022b28a1dbe0954e73aa9081ea9e # v1.6.0
with:
channel: build-failures
status: FAILED
color: danger
publish-products:
name: Publish products and update site
runs-on: ubuntu-latest
needs: [release]
if: ${{ !inputs.dryRun && needs.release.outputs.release-published != 'false' }}
steps:
- name: Setup Maven
uses: s4u/setup-maven-action@489441643219d2b93ee2a127b2402eb640a1b947 # v1.13.0
with:
java-version: 17
java-distribution: temurin
maven-version: 3.9.6
checkout-ref: refs/tags/v${{needs.release.outputs.release-version}} # check out release tag
- name: Install genisoimage # required for Mac build
run: sudo apt-get install -y genisoimage
- name: Login to Docker Hub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Install AWS CLI # Required for uploading update site
uses: unfor19/install-aws-cli-action@e8b481e524a99f37fbd39fdc1dcb3341ab091367 # v1.0.7
with:
version: 1
- name: Clean
run: ./build.sh clean
working-directory: ./build
- name: Build products
run: |
./build.sh product --arch x86_64 --os linux HALE
./build.sh product --arch x86_64 --os windows HALE
./build.sh product --arch x86_64 --os macosx HALE
./build.sh product --arch x86_64 --os linux --publish Infocenter
working-directory: ./build
# use GitHub CLI to upload asset to release
# see https://cli.github.com/manual/gh_release_upload
- name: Add HALE products to release
env:
GH_TOKEN: ${{ github.token }}
run: |
echo "Adding to release assets..."
gh release upload v${{needs.release.outputs.release-version}} build/target/*.tar.gz --repo ${{ github.repository }}
gh release upload v${{needs.release.outputs.release-version}} build/target/*.zip --repo ${{ github.repository }}
gh release upload v${{needs.release.outputs.release-version}} build/target/*.dmg --repo ${{ github.repository }}
shell: bash
- name: Upload update site
env:
AWS_ACCESS_KEY_ID: ${{ secrets.BUILD_ARCHIVE_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.BUILD_ARCHIVE_SECRET_KEY }}
run: ./upload-site.sh
working-directory: ./build
# https://github.com/marketplace/actions/slack-notify-build
- name: Notify failure to Slack
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/github-action-slack-notify-build@3665186a8c1a022b28a1dbe0954e73aa9081ea9e # v1.6.0
with:
channel: build-failures
status: FAILED
color: danger
windows-build:
name: Build Windows installer
runs-on: windows-latest
needs: [release]
if: ${{ !inputs.dryRun && needs.release.outputs.release-published != 'false' }}
steps:
- name: Setup Maven
uses: s4u/setup-maven-action@489441643219d2b93ee2a127b2402eb640a1b947 # v1.13.0
with:
java-version: 17
java-distribution: temurin
maven-version: 3.9.6
checkout-ref: refs/tags/v${{needs.release.outputs.release-version}} # check out release tag
# WiX is already installed on default Windows runner (currently WiX 3.x)
# Note: adding to path not required as our build looks for the installation folder
#
# - name: Add WiX toolkit to PATH
# shell: bash
# run: echo "${WIX}bin" >> $GITHUB_PATH
- name: Build installer
run: |
build.bat product -o windows -a x86_64 HALE
shell: cmd
# use GitHub CLI to upload asset to release
# see https://cli.github.com/manual/gh_release_upload
- name: Add installer to release
env:
GH_TOKEN: ${{ github.token }}
run: |
echo "Adding to release assets..."
gh release upload v${{needs.release.outputs.release-version}} build/target/*.msi --repo ${{ github.repository }}
shell: bash
# https://github.com/marketplace/actions/slack-notify-build
- name: Notify failure to Slack
if: failure()
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }}
uses: voxmedia/github-action-slack-notify-build@3665186a8c1a022b28a1dbe0954e73aa9081ea9e # v1.6.0
with:
channel: build-failures
status: FAILED
color: danger