-
Notifications
You must be signed in to change notification settings - Fork 9
104 lines (93 loc) · 3.44 KB
/
clojure_release.yml
File metadata and controls
104 lines (93 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
---
name: Publish package to clojars.org
on:
workflow_call:
secrets:
github_pat:
# Provide a fine-grained token with the following repository permissions:
# * Contents: Read and write
# * Metadata: Read-only (mandatory, default)
# * Pull requests: Read and write
description: 'The token used to interact with GitHub'
required: true
ssh_private_key:
description: 'The SSH private key used to sign commits and tags.'
required: true
clojars_username:
description: 'The username for clojars.org'
required: true
clojars_password:
description: 'The password for clojars.org'
required: true
env:
GIT_AUTHOR_NAME: OpenVoxProjectBot
GIT_AUTHOR_EMAIL: 215568489+OpenVoxProjectBot@users.noreply.github.com
GIT_COMMITTER_NAME: OpenVoxProjectBot
GIT_COMMITTER_EMAIL: 215568489+OpenVoxProjectBot@users.noreply.github.com
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
jobs:
release:
runs-on: ubuntu-24.04
if: github.repository_owner == 'OpenVoxProject'
permissions:
contents: write
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
ref: ${{ inputs.base-branch }}
fetch-depth: 0
token: ${{ secrets.github_pat }}
- name: Setup java
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: temurin
- name: Install clojure tools
uses: DeLaGuardo/setup-clojure@13.5
with:
lein: 'latest'
- name: Get release version
id: version
run: echo "version=$(lein update-in :plugins conj '[lein-pprint "1.3.2"]' -- pprint :version | tr -d '\"' | sed 's/-SNAPSHOT$//')" >> $GITHUB_OUTPUT
- name: Check tag doesn't already exist
run: |
if git rev-parse "${{ steps.version.outputs.version }}" >/dev/null 2>&1; then
echo "::error::Tag '${{ steps.version.outputs.version }}' already exists!"
exit 1
fi
- name: Add SSH key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.ssh_private_key }}" > ~/.ssh/github_actions
chmod 600 ~/.ssh/github_actions
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add ~/.ssh/github_actions
- name: Setup git
run: |
git config --global user.email "$GIT_AUTHOR_EMAIL"
git config --global user.name "$GIT_AUTHOR_NAME"
git config --global gpg.format ssh
git config --global user.signingkey ~/.ssh/github_actions
git config --global commit.gpgsign true
git config --global tag.gpgsign true
# The steps in 'lein release' are:
# 1. Ensure no uncommitted changes
# 2. Drop -SNAPSHOT from version in project.clj
# 3. Commit version change
# 4. Tag release
# 5. Deploy to repositories (clojars.org in our case)
# 6. Bump version to next SNAPSHOT
# 7. Commit version change
# 8. Push commits and tags
- name: Release and publish to clojars.org
run: lein release
env:
CLOJARS_USERNAME: ${{ secrets.clojars_username }}
CLOJARS_PASSWORD: ${{ secrets.clojars_password }}
- name: Create Release Page
shell: bash
env:
GH_TOKEN: ${{ secrets.github_pat }}
run: gh release create --repo ${{ github.repository }} ${{ steps.version.outputs.version }} --generate-notes