Merge pull request #33 from braintrustdata/ark/vcr-otel #18

Workflow file for this run

.github/workflows/publish-release-from-tag.yml at 1a2b623

	# This workflow is triggered when a new tag is pushed to main.
	# It can also be run manually to re-publish a release in case it failed for some reason.
	name: Publish Release From Tag

	on:
	push:
	tags:
	- 'v*'
	workflow_dispatch:
	inputs:
	tag:
	description: 'Tag to publish (e.g., v1.0.0)'
	required: true
	type: string

	permissions:
	contents: write

	jobs:
	validate-and-publish:
	name: Validate Tag and Publish Release
	# we want to run ubuntu-latest but we'll pin to a specific version so workflow is reproducable
	runs-on: ubuntu-24.04
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Determine tag
	id: determine-tag
	run: \|
	if [[ "${{ github.event_name }}" == "push" ]]; then
	TAG_NAME="${{ github.ref_name }}"
	else
	TAG_NAME="${{ inputs.tag }}"
	fi
	echo "tag=$TAG_NAME" >> $GITHUB_OUTPUT
	echo "Using tag: $TAG_NAME"

	- name: Validate tag format
	run: \|
	TAG="${{ steps.determine-tag.outputs.tag }}"

	# Check if tag starts with 'v'
	if [[ ! "$TAG" =~ ^v ]]; then
	echo "Error: Tag '$TAG' must start with 'v'"
	exit 1
	fi

	# Extract version without 'v' prefix
	VERSION="${TAG#v}"

	# Check if version is valid semver (x.y.z)
	if [[ ! "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
	echo "Error: Tag '$TAG' is not valid semver format (vx.y.z)"
	exit 1
	fi

	# Check that version does not end with -SNAPSHOT
	if [[ "$VERSION" =~ -SNAPSHOT$ ]]; then
	echo "Error: Tag '$TAG' cannot end with '-SNAPSHOT'"
	exit 1
	fi

	echo "Tag '$TAG' is valid"

	- name: Verify tag exists
	run: \|
	TAG="${{ steps.determine-tag.outputs.tag }}"
	if ! git tag -l \| grep -q "^$TAG$"; then
	echo "Error: Tag '$TAG' does not exist"
	exit 1
	fi
	echo "Tag '$TAG' exists"

	- name: Checkout tag
	run: \|
	git checkout ${{ steps.determine-tag.outputs.tag }}

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'temurin'

	- name: Setup Gradle
	uses: gradle/gradle-build-action@v2

	- name: Run CI
	run: ./gradlew check

	- name: Build release artifacts
	run: ./gradlew build publishToMavenLocal

	- name: Find built artifacts
	id: find-artifacts
	run: \|
	TAG="${{ steps.determine-tag.outputs.tag }}"
	# Strip 'v' prefix to get the actual version used by Gradle
	VERSION="${TAG#v}"

	# Find the built JAR files (version does NOT include 'v' prefix)
	MAIN_JAR=$(find build/libs -name "-${VERSION}.jar" ! -name "-sources.jar" ! -name "*-javadoc.jar" \| head -1)
	SOURCES_JAR=$(find build/libs -name "*-${VERSION}-sources.jar" \| head -1)
	JAVADOC_JAR=$(find build/libs -name "*-${VERSION}-javadoc.jar" \| head -1)

	echo "main-jar=$MAIN_JAR" >> $GITHUB_OUTPUT
	echo "sources-jar=$SOURCES_JAR" >> $GITHUB_OUTPUT
	echo "javadoc-jar=$JAVADOC_JAR" >> $GITHUB_OUTPUT

	echo "Found artifacts:"
	echo " Main JAR: $MAIN_JAR"
	echo " Sources JAR: $SOURCES_JAR"
	echo " Javadoc JAR: $JAVADOC_JAR"

	- name: Create GitHub Release
	run: \|
	TAG="${{ steps.determine-tag.outputs.tag }}"

	# Create the release
	gh release create "$TAG" \
	--generate-notes \
	--title "Release $TAG"

	# Upload artifacts if they exist
	if [[ -n "${{ steps.find-artifacts.outputs.main-jar }}" && -f "${{ steps.find-artifacts.outputs.main-jar }}" ]]; then
	gh release upload "$TAG" "${{ steps.find-artifacts.outputs.main-jar }}"
	fi

	if [[ -n "${{ steps.find-artifacts.outputs.sources-jar }}" && -f "${{ steps.find-artifacts.outputs.sources-jar }}" ]]; then
	gh release upload "$TAG" "${{ steps.find-artifacts.outputs.sources-jar }}"
	fi

	if [[ -n "${{ steps.find-artifacts.outputs.javadoc-jar }}" && -f "${{ steps.find-artifacts.outputs.javadoc-jar }}" ]]; then
	gh release upload "$TAG" "${{ steps.find-artifacts.outputs.javadoc-jar }}"
	fi
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Publish to Sonatype
	run: \|-
	if [ -z "$SONATYPE_USERNAME" ]; then
	echo "Error: SONATYPE_USERNAME is not set"
	exit 1
	fi
	if [ -z "$SONATYPE_PASSWORD" ]; then
	echo "Error: SONATYPE_PASSWORD is not set"
	exit 1
	fi
	if [ -z "$GPG_SIGNING_KEY" ]; then
	echo "Error: GPG_SIGNING_KEY is not set"
	exit 1
	fi
	if [ -z "$GPG_SIGNING_PASSWORD" ]; then
	echo "Error: GPG_SIGNING_PASSWORD is not set"
	exit 1
	fi
	echo "All required credentials are set"
	export -- GPG_SIGNING_KEY_ID
	printenv -- GPG_SIGNING_KEY \| gpg --batch --passphrase-fd 3 --import 3<<< "$GPG_SIGNING_PASSWORD"
	GPG_SIGNING_KEY_ID="$(gpg --with-colons --list-keys \| awk -F : -- '/^pub:/ { getline; print "0x" substr($10, length($10) - 7) }')"
	./gradlew publishAndReleaseToMavenCentral --stacktrace -PmavenCentralUsername="$SONATYPE_USERNAME" -PmavenCentralPassword="$SONATYPE_PASSWORD" --no-configuration-cache
	env:
	SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
	SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
	GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
	GPG_SIGNING_PASSWORD: ${{ secrets.GPG_SIGNING_PASSWORD }}

	- name: Wait for Maven Central sync
	run: \|
	TAG="${{ steps.determine-tag.outputs.tag }}"
	# Strip 'v' prefix to get the Maven version
	VERSION="${TAG#v}"
	echo "Waiting for version $VERSION to sync to Maven Central. THIS CAN TAKE MANY HOURS! Godspeed"
	./scripts/wait-for-maven.sh "$VERSION"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #33 from braintrustdata/ark/vcr-otel #18

Workflow file

Merge pull request #33 from braintrustdata/ark/vcr-otel #18

Uh oh!

Workflow file for this run