Skip to content

Commit e83328c

Browse files
committed
chore(ci): add/update release workflows
1 parent 9f3c4da commit e83328c

2 files changed

Lines changed: 212 additions & 0 deletions

File tree

Lines changed: 154 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,154 @@
1+
# Licensed to the Apache Software Foundation (ASF) under one
2+
# or more contributor license agreements. See the NOTICE file
3+
# distributed with this work for additional information
4+
# regarding copyright ownership. The ASF licenses this file
5+
# to you under the Apache License, Version 2.0 (the
6+
# "License"); you may not use this file except in compliance
7+
# with the License. You may obtain a copy of the License at
8+
#
9+
# http://www.apache.org/licenses/LICENSE-2.0
10+
#
11+
# Unless required by applicable law or agreed to in writing,
12+
# software distributed under the License is distributed on an
13+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14+
# KIND, either express or implied. See the License for the
15+
# specific language governing permissions and limitations
16+
# under the License.
17+
18+
name: Draft Release
19+
20+
on:
21+
push:
22+
tags:
23+
- 'draft/**'
24+
25+
permissions:
26+
contents: read
27+
id-token: write
28+
29+
jobs:
30+
upload-to-atr:
31+
runs-on: ubuntu-latest
32+
33+
steps:
34+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
35+
with:
36+
persist-credentials: false
37+
fetch-depth: 1
38+
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
39+
with:
40+
node-version: 24
41+
package-manager-cache: false
42+
cache: ''
43+
44+
- name: Setup environment variables
45+
run: |
46+
REPO_NAME="${GITHUB_REPOSITORY#*/}"
47+
TAG_NAME="${GITHUB_REF#refs/tags/}"
48+
TARGET_RELEASE_VERSION="${TAG_NAME#draft/}"
49+
SRC_PACKAGE_NAME=${REPO_NAME}-source-${TARGET_RELEASE_VERSION}
50+
SRC_PACKAGE_TAR=${SRC_PACKAGE_NAME}.tar
51+
SRC_PACKAGE_TAR_GZ=${SRC_PACKAGE_NAME}.tar.gz
52+
SRC_PACKAGE_ZIP=${SRC_PACKAGE_NAME}.zip
53+
NPM_PACKAGE_NAME=${REPO_NAME}-npm-${TARGET_RELEASE_VERSION}
54+
55+
echo "REPO_NAME=$REPO_NAME" >> $GITHUB_ENV
56+
echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV
57+
echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION" >> $GITHUB_ENV
58+
echo "SRC_PACKAGE_NAME=$SRC_PACKAGE_NAME" >> $GITHUB_ENV
59+
echo "SRC_PACKAGE_TAR=$SRC_PACKAGE_TAR" >> $GITHUB_ENV
60+
echo "SRC_PACKAGE_TAR_GZ=$SRC_PACKAGE_TAR_GZ" >> $GITHUB_ENV
61+
echo "SRC_PACKAGE_ZIP=$SRC_PACKAGE_ZIP" >> $GITHUB_ENV
62+
echo "NPM_PACKAGE_NAME=$NPM_PACKAGE_NAME" >> $GITHUB_ENV
63+
64+
echo "REPO_NAME=$REPO_NAME"
65+
echo "TAG_NAME=$TAG_NAME"
66+
echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION"
67+
echo "SRC_PACKAGE_NAME=$SRC_PACKAGE_NAME"
68+
echo "SRC_PACKAGE_TAR=$SRC_PACKAGE_TAR"
69+
echo "SRC_PACKAGE_TAR_GZ=$SRC_PACKAGE_TAR_GZ"
70+
echo "SRC_PACKAGE_ZIP=$SRC_PACKAGE_ZIP"
71+
echo "NPM_PACKAGE_NAME=$NPM_PACKAGE_NAME"
72+
73+
- name: Verify Target Release Version
74+
run: |
75+
PACKAGE_VERSION=$(jq -r '.version' package.json)
76+
if [ "$PACKAGE_VERSION" != "$TARGET_RELEASE_VERSION" ]; then
77+
echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and package version ($PACKAGE_VERSION)"
78+
exit 1
79+
fi
80+
81+
if [ -f "plugin.xml" ]; then
82+
PLUGIN_VERSION=$(yq -p=xml -o=json '.plugin.+@version' plugin.xml | jq -r .)
83+
if [ "$PLUGIN_VERSION" != "$TARGET_RELEASE_VERSION" ]; then
84+
echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and plugin version ($PLUGIN_VERSION)"
85+
exit 1
86+
fi
87+
fi
88+
89+
- name: Generate "tgz" npm convenience package
90+
run: |-
91+
npm ci
92+
NPM_PKG_NAME=$(npm pack --json | jq -r '.[0].filename')
93+
mv ./.asf-release/$NPM_PKG_NAME ./.asf-release/${NPM_PACKAGE_NAME}.tgz
94+
env:
95+
TZ: UTC
96+
97+
- name: Generate "tar" source package
98+
run: |-
99+
export SRC_LAST_COMMIT_EPOCH=$(git log -1 --format=%ct "$TAG_NAME")
100+
101+
git archive \
102+
--prefix=$SRC_PACKAGE_NAME/ \
103+
--mtime=$SRC_LAST_COMMIT_EPOCH \
104+
-o ./.asf-release/${SRC_PACKAGE_TAR} \
105+
$TAG_NAME
106+
env:
107+
TZ: UTC
108+
109+
- name: Generate "tar.gz" source archive
110+
working-directory: ./.asf-release
111+
run: |-
112+
gzip -n -9 -c "$SRC_PACKAGE_TAR" > "$SRC_PACKAGE_TAR_GZ"
113+
env:
114+
TZ: UTC
115+
116+
- name: Generate "zip" source archive
117+
working-directory: ./.asf-release
118+
run: |-
119+
export ASF_RELEASE_DIR=$(pwd)
120+
export TMP_DIR=$(mktemp -d)
121+
122+
tar -xf "$SRC_PACKAGE_TAR" -C "$TMP_DIR"
123+
(
124+
cd "$TMP_DIR"
125+
find . -type f | LC_ALL=C sort | zip -X -q "$ASF_RELEASE_DIR/$SRC_PACKAGE_ZIP" -@
126+
)
127+
rm -rf $TMP_DIR
128+
env:
129+
TZ: UTC
130+
131+
- name: Cleanup Process
132+
working-directory: ./.asf-release
133+
run: |-
134+
rm -rf $SRC_PACKAGE_TAR
135+
rm -rf .gitkeep
136+
137+
- name: Create Sign and Checksum
138+
working-directory: .asf-release
139+
run: |-
140+
for f in *.tar.gz *.tgz *.zip; do
141+
[ -e "$f" ] || continue
142+
echo "$CORDOVA_GPG_SECRET_KEY" | gpg --batch --import --import-options import-show
143+
gpg --armor --detach-sign "$f"
144+
sha512sum "$f" > "${f}.sha512"
145+
done
146+
env:
147+
CORDOVA_GPG_SECRET_KEY: ${{ secrets.CORDOVA_GPG_SECRET_KEY }}
148+
149+
- name: Upload to Apache Trusted Release (ATR)
150+
uses: apache/tooling-actions/upload-to-atr@f5f4c0e7ddfbde6b1f8288cef36324c6def68051
151+
with:
152+
project: ${{ env.REPO_NAME }}
153+
version: ${{ env.TARGET_RELEASE_VERSION }}
154+
src: .asf-release
Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
# Licensed to the Apache Software Foundation (ASF) under one
2+
# or more contributor license agreements. See the NOTICE file
3+
# distributed with this work for additional information
4+
# regarding copyright ownership. The ASF licenses this file
5+
# to you under the Apache License, Version 2.0 (the
6+
# "License"); you may not use this file except in compliance
7+
# with the License. You may obtain a copy of the License at
8+
#
9+
# http://www.apache.org/licenses/LICENSE-2.0
10+
#
11+
# Unless required by applicable law or agreed to in writing,
12+
# software distributed under the License is distributed on an
13+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14+
# KIND, either express or implied. See the License for the
15+
# specific language governing permissions and limitations
16+
# under the License.
17+
18+
name: Release Auditing
19+
20+
on:
21+
push:
22+
branches-ignore:
23+
- 'dependabot/**'
24+
pull_request:
25+
branches:
26+
- '*'
27+
28+
permissions:
29+
contents: read
30+
31+
jobs:
32+
test:
33+
name: Audit Licenses
34+
runs-on: ubuntu-latest
35+
steps:
36+
# Checkout project
37+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
38+
with:
39+
persist-credentials: false
40+
fetch-depth: 1
41+
42+
# Check license headers (v2.0.0)
43+
- uses: erisu/apache-rat-action@46fb01ce7d8f76bdcd7ab10e7af46e1ea95ca01c
44+
45+
# Setup environment with node
46+
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
47+
with:
48+
node-version: 24
49+
50+
# Install node packages
51+
- name: npm install packages
52+
run: npm ci
53+
54+
# Check node package licenses (v2.0.1)
55+
- uses: erisu/license-checker-action@99cffa11264fe545fd0baa6c13bca5a00ae608f2
56+
with:
57+
license-config: 'licence_checker.yml'
58+
include-asf-category-a: true

0 commit comments

Comments
 (0)