| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 |
- name: Release
- # This workflow is triggered when publishing a GitHub release
- on:
- release:
- types:
- - published
-
- env:
- PYTHONUNBUFFERED: 1
-
- jobs:
- run_release:
- runs-on: ubuntu-latest
- name: Start release process
- timeout-minutes: 60
- steps:
- - name: Configure AWS Credentials
- uses: aws-actions/configure-aws-credentials@v1
- with:
- aws-access-key-id: ${{ secrets.BINARIES_AWS_ACCESS_KEY_ID }}
- aws-secret-access-key: ${{ secrets.BINARIES_AWS_SECRET_ACCESS_KEY }}
- aws-region: ${{ secrets.BINARIES_AWS_REGION }}
- - name: Run release action
- id: run_release
- uses: SonarSource/gh-action_release/main@v4
- with:
- distribute: true
- publish_to_binaries: true
- attach_artifacts_to_github_release: true
- run_rules_cov: false
- slack_channel: sonarqube-build
- env:
- ARTIFACTORY_API_KEY: ${{ secrets.ARTIFACTORY_API_KEY }}
- BURGRX_USER: ${{ secrets.BURGRX_USER }}
- BURGRX_PASSWORD: ${{ secrets.BURGRX_PASSWORD }}
- CIRRUS_TOKEN: ${{ secrets.CIRRUS_TOKEN }}
- PATH_PREFIX: ${{ secrets.BINARIES_PATH_PREFIX }}
- GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN }}
- RELEASE_SSH_USER: ${{ secrets.RELEASE_SSH_USER }}
- RELEASE_SSH_KEY: ${{ secrets.RELEASE_SSH_KEY }}
- SLACK_API_TOKEN: ${{secrets.SLACK_API_TOKEN }}
- - name: Log outputs
- if: always()
- run: |
- echo "${{ steps.run_release.outputs.releasability }}"
- echo "${{ steps.run_release.outputs.release }}"
- echo "${{ steps.run_release.outputs.distribute_release }}"
- - name: Notify success on Slack
- uses: Ilshidur/action-slack@2.0.0
- env:
- SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
- with:
- args: "Release successful for {{ GITHUB_REPOSITORY }} by {{ GITHUB_ACTOR }}"
- - name: Create Release for Docker Image
- id: create_release
- uses: softprops/action-gh-release@v1
- env:
- GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN }}
- GITHUB_REPOSITORY: SonarSource/sonar-scanner-cli-docker
- with:
- tag_name: ${{ github.event.release.tag_name }}
- body: Release containing ScannerCLI version ${{ github.event.release.tag_name }}
- draft: false
- prerelease: false
- - name: Notify failures on Slack
- uses: Ilshidur/action-slack@2.0.0
- if: failure()
- env:
- SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
- with:
- args: "Release failed, see the logs at https://github.com/{{ GITHUB_REPOSITORY }}/actions by {{ GITHUB_ACTOR }}"
- maven-central-sync:
- runs-on: ubuntu-latest
- needs:
- - run_release
- steps:
- - name: Setup JFrog CLI
- uses: jfrog/setup-jfrog-cli@v1
- - name: JFrog config
- run: jfrog rt config repox --url https://repox.jfrog.io/artifactory/ --apikey $ARTIFACTORY_API_KEY --basic-auth-only
- env:
- ARTIFACTORY_API_KEY: ${{ secrets.ARTIFACTORY_API_KEY }}
- - name: Get the version
- id: get_version
- run: |
- IFS=. read major minor patch build <<< "${{ github.event.release.tag_name }}"
- echo ::set-output name=build::"${build}"
- - name: Create local repository directory
- id: local_repo
- run: echo ::set-output name=dir::"$(mktemp -d repo.XXXXXXXX)"
- - name: Download Artifacts
- uses: SonarSource/gh-action_release/download-build@v4
- with:
- build-number: ${{ steps.get_version.outputs.build }}
- local-repo-dir: ${{ steps.local_repo.outputs.dir }}
- - name: Maven Central Sync
- id: maven-central-sync
- continue-on-error: true
- uses: SonarSource/gh-action_release/maven-central-sync@v4
- with:
- local-repo-dir: ${{ steps.local_repo.outputs.dir }}
- env:
- OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
- OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
- - name: Notify on failure
- if: ${{ failure() || steps.maven-central-sync.outcome == 'failure' }}
- uses: 8398a7/action-slack@v3
- with:
- status: failure
- fields: repo,author,eventName
- env:
- SLACK_WEBHOOK_URL: ${{ secrets.SLACK_BUILD_WEBHOOK }}
|
