Release Creation #129
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Creation | |
| on: | |
| workflow_call: | |
| inputs: | |
| tag: | |
| description: 'Next release tag' | |
| required: true | |
| type: string | |
| rbranch: | |
| description: 'Branch to publish development releases' | |
| required: false | |
| type: string | |
| jira_ticket: | |
| description: 'Jira ticket ID (e.g. AST-12345)' | |
| required: true | |
| type: string | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Next release tag' | |
| required: true | |
| type: string | |
| rbranch: | |
| description: 'Branch to publish development releases' | |
| required: false | |
| type: string | |
| jira_ticket: | |
| description: 'Jira ticket ID (e.g. AST-12345)' | |
| required: true | |
| type: string | |
| jobs: | |
| deleteDevReleases: | |
| uses: Checkmarx/ast-eclipse-plugin/.github/workflows/delete-dev-releases.yml@main | |
| with: | |
| tag: ${{ inputs.rbranch }} | |
| secrets: inherit | |
| if: inputs.rbranch | |
| release: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| TAG_NAME: ${{ steps.generate_tag_name.outputs.TAG_NAME }} | |
| CLI_VERSION: ${{ steps.set_outputs.outputs.CLI_VERSION }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd | |
| with: | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| lfs: true | |
| - name: Checkout LFS objects | |
| run: git lfs checkout | |
| - name: Create Release Name | |
| id: generate_tag_name | |
| run: | | |
| echo "Creating release name" | |
| if [ -z "${{ inputs.rbranch }}" ]; then | |
| export GH_RELEASE_TAG_NAME="${{ inputs.tag }}" | |
| export GH_BRANCH_NAME="main" | |
| else | |
| export GH_RELEASE_TAG_NAME="${{ inputs.tag }}-${{ inputs.rbranch }}" | |
| export GH_BRANCH_NAME="nightly" | |
| fi | |
| echo "Generated TAG_NAME: $GH_RELEASE_TAG_NAME" | |
| # Persist the variables | |
| echo "GH_RELEASE_TAG_NAME=$GH_RELEASE_TAG_NAME" >> $GITHUB_ENV | |
| echo "GH_BRANCH_NAME=$GH_BRANCH_NAME" >> $GITHUB_ENV | |
| # Set outputs for future steps | |
| echo "TAG_NAME=$GH_RELEASE_TAG_NAME" >> $GITHUB_OUTPUT | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: Cache local Maven repository | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven- | |
| - name: Update the POM version. | |
| run: mvn -B org.eclipse.tycho:tycho-versions-plugin:set-version -DnewVersion='${{ inputs.tag }}' --file pom.xml | |
| - name: Create release | |
| run: mvn -B clean install --file pom.xml -DskipTests -pl "!checkmarx-ast-eclipse-plugin-tests" | |
| - name: Extract CLI version | |
| id: extract_cli_version | |
| run: | | |
| chmod +x ./.github/scripts/extract_cli_version.sh | |
| ./.github/scripts/extract_cli_version.sh cx-linux | |
| - name: Echo CLI version to outputs | |
| id: set_outputs | |
| run: | | |
| echo "::set-output name=CLI_VERSION::${{ env.CLI_VERSION }}" | |
| - name: Release | |
| uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 | |
| with: | |
| tag_name: ${{ env.GH_RELEASE_TAG_NAME }} | |
| generate_release_notes: true | |
| files: ./com.checkmarx.eclipse.site/target/com.checkmarx.eclipse.site-*.zip | |
| prerelease: ${{ inputs.rbranch != '' && inputs.rbranch != null }} | |
| - name: Git configuration | |
| run: | | |
| git config --global safe.directory "/tmp/**/*/" | |
| git config --global http.postBuffer 2097152000 | |
| git config --global https.postBuffer 2097152000 | |
| - name: Ensure Git LFS is enabled | |
| run: | | |
| git lfs install | |
| git lfs track "plugins/*.jar" # Ensure large JARs are tracked | |
| git add .gitattributes | |
| git commit -m "Ensure LFS tracking for large JAR files" || echo "No changes to commit" | |
| - name: Clone target repository and push changes via PR | |
| env: | |
| GH_TOKEN: ${{ secrets.ECLIPSE_SITE_TOKEN }} | |
| run: | | |
| # Clone the repository | |
| git clone https://x-access-token:${{ secrets.ECLIPSE_SITE_TOKEN }}@github.com/CheckmarxDev/ast-eclipse-plugin-update-site.git update-site | |
| cd update-site | |
| # Ensure Git LFS is installed | |
| git lfs install | |
| # Configure Git user to prevent commit errors | |
| git config --global user.email "cylon-bot@checkmarx.com" | |
| git config --global user.name "cylon-bot" | |
| # Fetch all branches | |
| git fetch --all | |
| # Ensure the branch exists and check it out | |
| if git show-ref --verify --quiet refs/remotes/origin/${{ env.GH_BRANCH_NAME }}; then | |
| echo "Branch ${{ env.GH_BRANCH_NAME }} exists remotely." | |
| git checkout -B ${{ env.GH_BRANCH_NAME }} origin/${{ env.GH_BRANCH_NAME }} | |
| else | |
| echo "Branch ${{ env.GH_BRANCH_NAME }} does not exist remotely." | |
| exit 1 | |
| fi | |
| # Create a feature branch | |
| FEATURE_BRANCH="update-site/${{ env.GH_RELEASE_TAG_NAME }}" | |
| git checkout -b "$FEATURE_BRANCH" | |
| echo "===== Files BEFORE COPY =====" | |
| ls -lh ../com.checkmarx.eclipse.site/target/repository/ | |
| # Copy new files without deleting .git directory | |
| rsync -av --delete --exclude='.git' ../com.checkmarx.eclipse.site/target/repository/ ./ | |
| # Debugging: List files in repository after copying | |
| echo "===== Files AFTER COPY =====" | |
| ls -lh . | |
| # Dynamically track all .jar files in the plugins/ and features/ directories | |
| find plugins -name "*.jar" -exec git lfs track {} + | |
| find features -name "*.jar" -exec git lfs track {} + | |
| # Ensure .gitattributes is added | |
| git add .gitattributes | |
| git add . | |
| # Debugging: Show LFS-tracked files | |
| echo "===== Git LFS-tracked files =====" | |
| git lfs ls-files | |
| git commit -m "Update Eclipse update site for ${{ env.GH_RELEASE_TAG_NAME }} (${{ inputs.jira_ticket }})" || echo "No changes to commit" | |
| # Ensure the correct remote URL | |
| git remote set-url origin https://x-access-token:${{ secrets.ECLIPSE_SITE_TOKEN }}@github.com/CheckmarxDev/ast-eclipse-plugin-update-site.git | |
| # Push the feature branch | |
| git push origin "$FEATURE_BRANCH" | |
| # Create PR with Jira ID at the end of the title | |
| PR_URL=$(gh pr create \ | |
| --repo CheckmarxDev/ast-eclipse-plugin-update-site \ | |
| --base "${{ env.GH_BRANCH_NAME }}" \ | |
| --head "$FEATURE_BRANCH" \ | |
| --title "Update Eclipse update site for ${{ env.GH_RELEASE_TAG_NAME }} (${{ inputs.jira_ticket }})" \ | |
| --body "Automated update of Eclipse update site for release ${{ env.GH_RELEASE_TAG_NAME }}.") | |
| echo "PR created: $PR_URL" | |
| # Squash and merge the PR, then delete the branch | |
| gh pr merge "$PR_URL" \ | |
| --repo CheckmarxDev/ast-eclipse-plugin-update-site \ | |
| --squash \ | |
| --auto \ | |
| --delete-branch | |
| notify: | |
| if: ${{ inputs.rbranch == '' || inputs.rbranch == null }} | |
| needs: release | |
| uses: Checkmarx/plugins-release-workflow/.github/workflows/release-notify.yml@main | |
| with: | |
| product_name: Eclipse | |
| release_version: ${{ needs.release.outputs.TAG_NAME }} | |
| cli_release_version: ${{ needs.release.outputs.CLI_VERSION }} | |
| release_author: "Phoenix Team" | |
| release_url: https://github.com/Checkmarx/ast-eclipse-plugin/releases/tag/${{ needs.release.outputs.TAG_NAME }} | |
| jira_product_name: ECLIPSE | |
| secrets: inherit | |