diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 97737a0c..3bb8c971 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,9 +1,11 @@ name: "Create release and publish packages to Sonatype" -on: - push: - branches: - - main +on: push + +#on: +# push: +# branches: +# - main permissions: id-token: write @@ -44,18 +46,21 @@ jobs: LATEST_TAG=$(git describe --tags $(git rev-list --tags --max-count=1)) python3 .github/scripts/create_release.py ${LATEST_TAG} $(pwd) - name: Commit and push changes - env: - GITHUB_TOKEN: ${{ secrets.FULL_REPO_PRIVILEGES_PAT }} run: | NEW_TAG=$(cat CHANGELOG.md | grep -m1 -o 'v[0-9]\+\.[0-9]\+\.[0-9]\+') git config --global user.name "GitHub on behalf of Wellcome Collection" git config --global user.email "wellcomedigitalplatform@wellcome.ac.uk" + + git remote set-url origin https://x-access-token:${{ secrets.FULL_REPO_PRIVILEGES_PAT }}@github.com/${{ github.repository }}.git + git checkout main git pull + git add CHANGELOG.md build.sbt git rm RELEASE.md git commit -m "$(printf "Release: Bump version to ${NEW_TAG}\n\n[skip ci]")" git tag ${NEW_TAG} + git push origin main git push origin --tags @@ -65,47 +70,47 @@ jobs: # - Configuring Sonatype credentials # - Publishing the packages to a local staging repository using the sbt-sonatype plugin # - Releasing the published bundle to Sonatype - publish: - runs-on: ubuntu-latest - needs: create-release - strategy: - matrix: - service: - - fixtures - - http - - json - - typesafe_app - - monitoring - - monitoring_typesafe - - messaging - - messaging_typesafe - - storage - - storage_typesafe - - elasticsearch - - elasticsearch_typesafe - - sierra - steps: - - uses: actions/checkout@v4 - with: - # Checkout the latest version, which includes the changes pushed by the previous step! - # If we didn't do this, we would be publishing using the previous version tag. - ref: main - - name: Set up GPG - run: | - echo "${{ secrets.BASE64_GPG_KEY }}" | base64 -d > secret-keys.gpg - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --passphrase-fd 0 --import secret-keys.gpg - rm secret-keys.gpg - - name: Set up Sonatype credentials - run: | - mkdir ~/.sbt - echo "${{ secrets.SONATYPE_CREDENTIALS }}" > ~/.sbt/sonatype.credentials - - name: Setup JDK - uses: actions/setup-java@v3 - with: - distribution: temurin - java-version: 17 - cache: sbt - - name: Publish to Sonatype - run: | - PGP_PASSPHRASE=${{ secrets.GPG_PASSPHRASE }} sbt "project ${{ matrix.service }}" publishSigned - sbt "project ${{ matrix.service }}" sonatypeBundleRelease +# publish: +# runs-on: ubuntu-latest +# needs: create-release +# strategy: +# matrix: +# service: +# - fixtures +# - http +# - json +# - typesafe_app +# - monitoring +# - monitoring_typesafe +# - messaging +# - messaging_typesafe +# - storage +# - storage_typesafe +# - elasticsearch +# - elasticsearch_typesafe +# - sierra +# steps: +# - uses: actions/checkout@v4 +# with: +# # Checkout the latest version, which includes the changes pushed by the previous step! +# # If we didn't do this, we would be publishing using the previous version tag. +# ref: main +# - name: Set up GPG +# run: | +# echo "${{ secrets.BASE64_GPG_KEY }}" | base64 -d > secret-keys.gpg +# echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --passphrase-fd 0 --import secret-keys.gpg +# rm secret-keys.gpg +# - name: Set up Sonatype credentials +# run: | +# mkdir ~/.sbt +# echo "${{ secrets.SONATYPE_CREDENTIALS }}" > ~/.sbt/sonatype.credentials +# - name: Setup JDK +# uses: actions/setup-java@v3 +# with: +# distribution: temurin +# java-version: 17 +# cache: sbt +# - name: Publish to Sonatype +# run: | +# PGP_PASSPHRASE=${{ secrets.GPG_PASSPHRASE }} sbt "project ${{ matrix.service }}" publishSigned +# sbt "project ${{ matrix.service }}" sonatypeBundleRelease