diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml new file mode 100644 index 0000000..ce2fbe2 --- /dev/null +++ b/.github/actions/publish/action.yml @@ -0,0 +1,39 @@ +name: Publish Package +description: 'Publish the package to Sonatype' +inputs: + dry_run: + description: 'Is this a dry run. If so no package will be published.' + required: true + prerelease: + description: 'Is this a prerelease. If so then it will be published to the staging repository only.' + required: true + signing_key_id: + description: 'Signing key ID' + required: true + signing_key_passphrase: + description: 'Signing key passphrase' + required: true + code_signing_keyring: + description: 'The path of the code signing keyring.' + required: true + sonatype_username: + description: 'Sonatype repo username.' + required: true + sonatype_password: + description: 'Sonatype repo password.' + required: true + +runs: + using: composite + steps: + - name: Publish Library + shell: bash + env: + LD_RELEASE_IS_PRERELEASE: ${{ inputs.prerelease }} + LD_RELEASE_IS_DRYRUN: ${{ inputs.dry_run }} + SIGNING_KEY_ID: ${{ inputs.signing_key_id }} + SIGNING_KEY_PASSPHRASE: ${{ inputs.signing_key_passphrase }} + SIGNING_SECRET_KEY_RING_FILE: ${{ inputs.code_signing_keyring }} + SONATYPE_USER_NAME: ${{ inputs.sonatype_username }} + SONATYPE_PASSWORD: ${{ inputs.sonatype_password }} + run: source $GITHUB_ACTION_PATH/publish.sh diff --git a/.github/actions/publish/publish.sh b/.github/actions/publish/publish.sh new file mode 100755 index 0000000..a954c4e --- /dev/null +++ b/.github/actions/publish/publish.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +set -ue + +if $LD_RELEASE_IS_DRYRUN ; then + echo "Doing a dry run of publishing." +else + echo "Publishing to Sonatype" + if [ "${LD_RELEASE_IS_PRERELEASE}" == "true" ]; then + echo "PRERELEASE" + ./gradlew publishToSonatype -Psigning.keyId="${SIGNING_KEY_ID}" -Psigning.password="${SIGNING_KEY_PASSPHRASE}" -Psigning.secretKeyRingFile="${SIGNING_SECRET_KEY_RING_FILE}" -PsonatypeUsername="${SONATYPE_USER_NAME}" -PsonatypePassword="${SONATYPE_PASSWORD}" || { + echo "Gradle publish/release failed" >&2 + exit 1 + } + else + echo "RELEASE" + ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository -Psigning.keyId="${SIGNING_KEY_ID}" -Psigning.password="${SIGNING_KEY_PASSPHRASE}" -Psigning.secretKeyRingFile="${SIGNING_SECRET_KEY_RING_FILE}" -PsonatypeUsername="${SONATYPE_USER_NAME}" -PsonatypePassword="${SONATYPE_PASSWORD}" || { + echo "Gradle publish/release failed" >&2 + exit 1 + } + fi +fi diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..e67e2a7 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,79 @@ +name: Publish Package +on: + workflow_dispatch: + inputs: + run_tests: + description: 'If true, run unit tests, otherwise skip them.' + type: boolean + default: true + dry_run: + description: 'Is this a dry run. If so no package will be published.' + type: boolean + required: true + prerelease: + description: 'If true, then this is a prerelease and should be published to the staging repository only.' + type: boolean + required: true + workflow_call: + inputs: + run_tests: + description: 'If true, run unit tests, otherwise skip them.' + required: false + type: boolean + default: true + dry_run: + description: 'Is this a dry run. If so no package will be published.' + type: boolean + required: true + prerelease: + description: 'If true, then this is a prerelease and should be published to the staging repository only.' + type: boolean + required: true + +jobs: + build-and-publish: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: write # For publishing documentation. + steps: + # https://github.com/actions/checkout/releases/tag/v4.3.1 + - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + + # https://github.com/launchdarkly/gh-actions/releases/tag/release-secrets-v1.1.0 + - uses: launchdarkly/gh-actions/actions/release-secrets@dfe04d7415f4bb5f7529c9208abb0a9c13cfaa4e # release-secrets-v1.1.0 + name: Get secrets + with: + aws_assume_role: ${{ vars.AWS_ROLE_ARN }} + ssm_parameter_pairs: '/production/common/releasing/sonatype/username = SONATYPE_USER_NAME, + /production/common/releasing/sonatype/password = SONATYPE_PASSWORD, + /production/common/releasing/java/keyId = SIGNING_KEY_ID' + s3_path_pairs: 'launchdarkly-releaser/java/code-signing-keyring.gpg = code-signing-keyring.gpg' + + - name: Publish + uses: ./.github/actions/publish + with: + dry_run: ${{ inputs.dry_run }} + prerelease: ${{ inputs.prerelease }} + signing_key_id: ${{ env.SIGNING_KEY_ID }} + signing_key_passphrase: '' + code_signing_keyring: 'code-signing-keyring.gpg' + sonatype_username: ${{ env.SONATYPE_USER_NAME }} + sonatype_password: ${{ env.SONATYPE_PASSWORD }} + + - name: Build Documentation + shell: bash + run: ./gradlew javadoc + + # https://github.com/launchdarkly/gh-actions/releases/tag/publish-pages-v1.0.1 + - uses: launchdarkly/gh-actions/actions/publish-pages@d73db5e96be542144389c8c4b094844ab0f373bc # publish-pages-v1.0.1 + name: 'Publish to Github pages' + if: ${{ inputs.dry_run == false }} + with: + docs_path: build/docs/javadoc + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Dry Run Publish Docs + shell: bash + if: ${{ inputs.dry_run == true }} + run: echo "Dry run. Not publishing docs." diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 0000000..6a12a7d --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,35 @@ +name: Run Release Please + +on: + push: + branches: + - main + +jobs: + release-please: + runs-on: ubuntu-latest + + permissions: + id-token: write # Needed for OIDC to get release secrets. + contents: write # Contents and pull-requests are for release-please to make releases. + pull-requests: write + + outputs: + releases_created: ${{ steps.release.outputs.releases_created }} + + steps: + # https://github.com/google-github-actions/release-please-action/releases/tag/v4.1.1 + - uses: google-github-actions/release-please-action@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee # v4.1.1 + id: release + with: + token: ${{ secrets.GITHUB_TOKEN }} + target-branch: ${{ github.ref_name }} + + call-workflow-publish: + needs: release-please + uses: ./.github/workflows/publish.yml + if: ${{ needs.release-please.outputs.releases_created == 'true' }} + with: + run_tests: true + dry_run: false + prerelease: false diff --git a/.ldrelease/config.yml b/.ldrelease/config.yml deleted file mode 100644 index 210fbba..0000000 --- a/.ldrelease/config.yml +++ /dev/null @@ -1,21 +0,0 @@ -version: 2 - -jobs: - - docker: - image: gradle:7.6-jdk11 - template: - name: gradle - -branches: - - name: main - - name: 2.x - - name: 1.x - -publications: - - url: https://oss.sonatype.org/content/groups/public/com/launchdarkly/okhttp-eventsource/ - description: Sonatype - - url: https://javadoc.io/doc/com.launchdarkly/okhttp-eventsource - description: documentation (javadoc.io) - -documentation: - gitHubPages: true diff --git a/.ldrelease/publish.sh b/.ldrelease/publish.sh deleted file mode 100755 index 677f638..0000000 --- a/.ldrelease/publish.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -set -ue - -# Publish to Sonatype -echo "Publishing to Sonatype" -if [[ -n "${LD_RELEASE_IS_PRERELEASE}" ]]; then - ./gradlew publishToSonatype || { echo "Gradle publish/release failed" >&2; exit 1; } -else - ./gradlew publishToSonatype closeAndReleaseRepository || { echo "Gradle publish/release failed" >&2; exit 1; } -fi - diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..9965c41 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "4.1.1" +} diff --git a/build.gradle.kts b/build.gradle.kts index 4c5f75f..b51c1b4 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -3,9 +3,9 @@ import org.gradle.api.tasks.testing.logging.TestExceptionFormat import org.gradle.external.javadoc.CoreJavadocOptions import org.gradle.external.javadoc.StandardJavadocDocletOptions -// These values come from gradle.properties -val ossrhUsername: String by project -val ossrhPassword: String by project +// These values come from gradle.properties or command line +val ossrhUsername: String? by project +val ossrhPassword: String? by project buildscript { repositories { @@ -16,15 +16,14 @@ buildscript { plugins { java - "java-library" + `java-library` checkstyle jacoco signing - "maven-publish" + `maven-publish` idea id("org.jetbrains.kotlin.jvm") version "1.6.10" - id("de.marcphilipp.nexus-publish") version "0.4.0" - id("io.codearte.nexus-staging") version "0.30.0" + id("io.github.gradle-nexus.publish-plugin") version "1.3.0" apply false } // Note about org.jetbrains.kotlin.jvm in the plugins block: @@ -47,6 +46,12 @@ repositories { mavenCentral() } +// Apply nexus-publish plugin only when this is the root project +// (contract tests include this as a subproject, which would fail) +if (project == rootProject) { + apply(plugin = "io.github.gradle-nexus.publish-plugin") +} + base { group = "com.launchdarkly" archivesBaseName = "okhttp-eventsource" @@ -179,11 +184,6 @@ idea { } } -nexusStaging { - packageGroup = "com.launchdarkly" - numberOfRetries = 40 // we've seen extremely long delays in closing repositories -} - publishing { publications { create("mavenJava") { @@ -221,16 +221,17 @@ publishing { } } -nexusPublishing { - clientTimeout.set(Duration.ofMinutes(2)) // we've seen extremely long delays in creating repositories - repositories { - sonatype { - username.set(ossrhUsername) - password.set(ossrhPassword) +// Only configure nexus publishing when this is the root project +if (project == rootProject) { + configure { + clientTimeout.set(Duration.ofMinutes(2)) // we've seen extremely long delays in creating repositories + repositories { + sonatype() } } } signing { + setRequired({ findProperty("skipSigning") != "true" }) sign(publishing.publications["mavenJava"]) } diff --git a/gradle.properties b/gradle.properties index ed90211..a9d4507 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,4 +1,6 @@ +# x-release-please-start-version version=4.1.1 +# x-release-please-end ossrhUsername= ossrhPassword= diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..392c98e --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,14 @@ +{ + "bootstrap-sha": "7cccc52e3859f8884b203fc80b52ad12c2203b08", + "packages": { + ".": { + "release-type": "simple", + "versioning": "default", + "include-v-in-tag": false, + "include-component-in-tag": false, + "extra-files": [ + "gradle.properties" + ] + } + } +} diff --git a/scripts/release.sh b/scripts/release.sh deleted file mode 100755 index 52b6f92..0000000 --- a/scripts/release.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash -# This script updates the version for the okhttp-eventsource library and releases the artifact + javadoc -# It will only work if you have the proper credentials set up in ~/.gradle/gradle.properties - -# It takes exactly one argument: the new version. -# It should be run from the root of this git repo like this: -# ./scripts/release.sh 4.0.9 - -# When done you should commit and push the changes made. - -set -uxe -echo "Starting okhttp-eventsource release." - -VERSION=$1 - -#Update version in gradle.properties file: -sed -i '' "s/^version.*$/version=${VERSION}/" gradle.properties - -./gradlew clean test install sourcesJar javadocJar uploadArchives closeAndReleaseRepository -echo "Finished okhttp-eventsource release."