Skip to content

Commit

Permalink
Merge pull request #198 from ForgeRock/develop
Browse files Browse the repository at this point in the history 
ForgeRock Android SDK 3.4.0 Release
  • Loading branch information
@spetrov
spetrov authored Sep 29, 2022
2 parents 84fa289 + 586d31a commit aa8b9b1
Show file tree
Hide file tree
Showing 70 changed files with 2,362 additions and 489 deletions.
141 changes: 141 additions & 0 deletions .github/workflows/check-release-version.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
name: Check version number
on:
workflow_call:
inputs:
version:
description: Version number to check
type: string
required: true

outputs:
version:
description: The validated version number
value: ${{ jobs.check-release-number.outputs.version }}

secrets:
SLACK_WEBHOOK:
description: Slack Notifier Incoming Webhook
required: true

jobs:
# Check release number
check-release-number:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version_id.outputs.version }}
steps:
- name: Clone the repository
uses: actions/checkout@v3

- name: Get the latest tag
uses: actions-ecosystem/action-get-latest-tag@v1
with:
with_initial_version: true
initial_version: "0.0.0"
id: get-latest-tag

- run: |
version=${{ inputs.version }}
is_snapshot=false
shopt -s nocasematch
if [[ $version =~ snapshot ]];
then
echo "This is a SNAPSHOT release!"
# Make all letters capital
version=$(echo $version | tr '[a-z]' '[A-Z]')
is_snapshot=true
fi
# unset nocasematch option
shopt -u nocasematch
# If we want a snapshot release, make sure that the version format is correct
if $is_snapshot;
then
if [[ $version =~ ^[0-9]+\.[0-9]+\.[0-9]+(-SNAPSHOT)$ ]];
then
echo "SNAPSHOT version format is correct"
else
echo "This is supposed to be a SNAPSHOT version, but the format is NOT correct. Aborting!"
echo "ERROR_MESSAGE=SNAPSHOT version format is NOT correct! ($version)" >> $GITHUB_ENV
exit 1
fi
fi
echo "LATEST_TAG=${{ steps.get-latest-tag.outputs.tag }}" >> $GITHUB_ENV
echo "CHANGELOG_VERSION=$(echo $(awk '/[[0-9]+\.[0-9]+\.[0-9]]/{print;exit}' CHANGELOG.md | sed -E 's/(version)|[:,\",#]//gi' | tr -d '[[:space:]]'))" >> $GITHUB_ENV
echo "NEW_VERSION=$version" >> $GITHUB_ENV
echo "IS_SNAPSHOT=$is_snapshot" >> $GITHUB_ENV
- name: Print versions
run: |
echo "Checking if version ${{ env.NEW_VERSION }} is good."
echo "LATEST_TAG: ${{ env.LATEST_TAG }}"
echo "CHANGELOG_VERSION: ${{ env.CHANGELOG_VERSION }}"
echo "NEW_VERSION: ${{ env.NEW_VERSION }}"
echo "IS_SNAPSHOT: ${{ env.IS_SNAPSHOT }}"
# Make sure that the version entered is in the expected format
- name: Ensure that the new version is in the expected format
run: |
if [[ ${{ env.NEW_VERSION }} =~ ^[0-9]+\.[0-9]+\.[0-9]+([-][a-zA-Z0-9\.]+)?$ ]];
then
echo "Version number is in the expected format."
exit 0
else
echo "Version format is NOT good! Aborting!"
echo "ERROR_MESSAGE=Version format is NOT good! (${{ env.NEW_VERSION }})" >> $GITHUB_ENV
exit 1
fi
# The new version should be bigger than the previous release version
- name: Ensure the new version is bigger than the last one
run: |
if [[ ${{ env.NEW_VERSION }} > ${{ env.LATEST_TAG }} ]];
then
echo "The new version is bigger than the last one (good)!"
exit 0
else
echo "The new version needs to be bigger than the last one! Aborting!"
echo "ERROR_MESSAGE=The new version needs to be bigger than the last one!\nNEW_VERSION: ${{ env.NEW_VERSION }}\nLATEST_TAG: ${{ env.LATEST_TAG }}" >> $GITHUB_ENV
exit 1
fi
# Check if the version in the CHANGELOG.md is the same as the new release version
# This check does NOT apply to SNAPSHOT release
- name: Ensure that the new version matches the one in CHANGELOG.md
run: |
if ! ${{ env.IS_SNAPSHOT }};
then
if [[ ${{ env.NEW_VERSION }} == ${{ env.CHANGELOG_VERSION }} ]];
then
echo "The version in CHANGELOG.md is OK!"
exit 0
else
echo "The version in CHANGELOG.md does not match the version to be published. Aborting!"
echo "ERROR_MESSAGE=The version in CHANGELOG.md does not match the version to be published.\nNEW_VERSION: ${{ env.NEW_VERSION }}\nCHANGELOG_VERSION: ${{ env.CHANGELOG_VERSION }}" >> $GITHUB_ENV
exit 1
fi
fi
# Set version as output of the workflow. This is needed for the next workflow to continue.
- name: Set the version output
id: version_id
run: echo "::set-output name=version::${{ env.NEW_VERSION }}"

# Send a slack notification if the version check did not pass
- name: Send a slack notification
uses: 8398a7/action-slack@v3
with:
status: custom
fields: all
custom_payload: |
{
attachments: [{
title: ':no_entry: Release version check failed!',
color: 'danger',
text: `\nWorkflow: ${process.env.AS_WORKFLOW} -> ${process.env.AS_JOB}\n\nError message: ${{ env.ERROR_MESSAGE }}`,
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: failure()
9 changes: 9 additions & 0 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,15 @@ jobs:
uses: ./.github/workflows/build-and-test.yaml
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

# Run Sonatype OSS Index Scan
sonatype-ossindex:
name: Scan for open source vulnerabilities (Sonatype OSS Index)
uses: ./.github/workflows/sonatype-ossi-scan.yaml
secrets:
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

# Build and sign BitBar test artifacts (auth-debug-androidTest-signed.apk and forgerock-auth-debug-androidTest-signed.apk)
bitbar-prepare-artifacts:
Expand Down
107 changes: 107 additions & 0 deletions .github/workflows/publish.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
name: Publish to Nexus
on:
workflow_call:
inputs:
version:
description: Version number
type: string
required: true
secrets:
SLACK_WEBHOOK:
description: Slack Notifier Incoming Webhook
required: true
PUBLISHING_SIGNING_KEY_ID:
description: Signing key id
required: true
PUBLISHING_SIGNING_KEY_PASSWORD:
description: Signing key password
required: true
PUBLISHING_SIGNING_KEY_RING_FILE_BASE64:
description: Signing key ring file
required: true
PUBLISHING_USERNAME:
description: Publishing username
required: true
PUBLISHING_PASSWORD:
description: Publishing password
required: true

jobs:
publish-to-nexus:
runs-on: macos-latest

steps:
# Clone the repo
- name: Clone the repository
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{github.event.pull_request.head.repo.full_name}}
fetch-depth: 0

# Setup JDK and cache and restore dependencies.
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'adopt'
java-version: '11'
cache: 'gradle'

# Build the SDK
- name: Build the SDK
run: ./gradlew build -x test --stacktrace --no-daemon

# Prepare secring.gpg file
- name: Prepare secring.gpg file
run: echo -n ${{ secrets.PUBLISHING_SIGNING_KEY_RING_FILE_BASE64 }} | base64 --decode --output $RUNNER_TEMP/secring.gpg

# Prepare credentials for publishing (local.properties)
- name: Prepare local.properties file with publishing credentials
if: success()
run: |
cat <<EOF > local.properties
signing.keyId=${{ secrets.PUBLISHING_SIGNING_KEY_ID }}
signing.password=${{ secrets.PUBLISHING_SIGNING_KEY_PASSWORD }}
signing.secretKeyRingFile=$RUNNER_TEMP/secring.gpg
ossrhUsername=${{ secrets.PUBLISHING_USERNAME }}
ossrhPassword=${{ secrets.PUBLISHING_PASSWORD }}
EOF
- name: Update the version number in the gradle.properties files
if: success()
run: sed -i -e s/^VERSION=.*$/VERSION=${{ inputs.version }}/g gradle.properties

# Publish to Nexus
- name: Publish the SDK to Nexus repository
timeout-minutes: 5
if: success()
run: ./gradlew publishReleasePublicationToSonatypeRepository closeAndReleaseStagingRepository --no-daemon

# Finally, tag the repo, and create a new release
- name: Tag the repo and create a new release
if: success()
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ inputs.version }}
release_name: ${{ inputs.version }} Release
body: ForgeRock Android SDK ${{ inputs.version }} Release

# Send slack notification with result status
- name: Send slack notification
uses: 8398a7/action-slack@v3
with:
status: custom
fields: all
custom_payload: |
{
attachments: [{
title: 'ForgeRock Android SDK Release ${{ inputs.version }}',
color: '${{ job.status }}' === 'success' ? 'good' : '${{ job.status }}' === 'failure' ? 'danger' : 'warning',
text: `\nStatus: ${{ job.status }}\nWorkflow: ${process.env.AS_WORKFLOW} -> ${process.env.AS_JOB}`,
}]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
if: always()
38 changes: 38 additions & 0 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Release Android SDK

on:
workflow_dispatch:
branches:
- master
inputs:
version:
description: |
Enter version number:
To publish a snapshot release add SNAPSHOT suffix to the version number: x.x.x-SNAPSHOT
required: true
type: string

jobs:
# Check release number
check-release-number:
name: Check release number
uses: ./.github/workflows/check-release-version.yaml
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
with:
version: ${{ github.event.inputs.version }}

# Publish to Sonatype Nexus repo
publish:
name: Publish to nexus
uses: ./.github/workflows/publish.yaml
needs: check-release-number
secrets:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
PUBLISHING_SIGNING_KEY_ID: ${{ secrets.PUBLISHING_SIGNING_KEY_ID }}
PUBLISHING_SIGNING_KEY_PASSWORD: ${{ secrets.PUBLISHING_SIGNING_KEY_PASSWORD }}
PUBLISHING_SIGNING_KEY_RING_FILE_BASE64: ${{ secrets.PUBLISHING_SIGNING_KEY_RING_FILE_BASE64 }}
PUBLISHING_USERNAME: ${{ secrets.PUBLISHING_USERNAME }}
PUBLISHING_PASSWORD: ${{ secrets.PUBLISHING_PASSWORD }}
with:
version: ${{ needs.check-release-number.outputs.version }}
Loading

0 comments on commit aa8b9b1

Please sign in to comment.