From dc895efbe98bbecb9f25b21799c7fc0d73fbab11 Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:10:16 -0400 Subject: [PATCH 01/10] Add a release GitHub workflow --- .github/workflows/release.yml | 88 +++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..23100fc --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,88 @@ +on: + workflow_dispatch: + inputs: + version_bump: + description: 'Version Bump Type' + required: true + default: 'minor' + type: choice + options: + - patch + - minor + - major + +permissions: + contents: write + packages: write + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Java 8 + uses: actions/setup-java@v4 + with: + java-version: '8' + distribution: 'temurin' + + - name: Bump Version + id: bump_version + run: | + current_version=$(grep 'pyroscope_version=' gradle.properties | cut -d'=' -f2) + + case "${{ inputs.version_bump }}" in + "patch") + new_version=$(echo $current_version | awk -F. '{$NF = $NF + 1;} 1' OFS=.) + ;; + "minor") + new_version=$(echo $current_version | awk -F. '{$(NF-1) = $(NF-1) + 1; $NF = 0;} 1' OFS=.) + ;; + "major") + new_version=$(echo $current_version | awk -F. '{$(1) = $(1) + 1; $(NF-1) = 0; $NF = 0;} 1' OFS=.) + ;; + esac + + sed -i "s/pyroscope_version=.*/pyroscope_version=$new_version/" gradle.properties + echo "version=$new_version" >> $GITHUB_OUTPUT + + - name: Get secrets + uses: grafana/shared-workflows/actions/get-vault-secrets@main + with: + repo_secrets: | + NEXUS_USERNAME=publishing:nexus_username + NEXUS_PASSWORD=publishing:nexus_password + NEXUS_GPG_KEY_ID=publishing:nexus_gpg_key_id + NEXUS_GPG_PASSWORD=publishing:nexus_gpg_key_id + NEXUS_GPG_SECRING_FILE_BASE64=publishing:nexus_gpg_secring_file + + - name: Decode GPG Keyring + run: | + mkdir -p ${{ github.workspace }}/gpg + echo "$NEXUS_GPG_SECRING_FILE_BASE64" | base64 -d > ${{ github.workspace }}/gpg/secring.gpg + chmod 600 ${{ github.workspace }}/gpg/secring.gpg + export NEXUS_GPG_SECRING_FILE=${{ github.workspace }}/gpg/secring.gpg + + - name: Build and Publish + run: | + make publish + + - name: Commit and Push Changes + run: | + git add gradle.properties + git commit -m "version ${{ steps.bump_version.outputs.version }}" + git tag "v${{ steps.bump_version.outputs.version }}" + git push --atomic origin "refs/heads/main" "refs/tags/v${{ steps.bump_version.outputs.version }}" + + - name: Create GitHub Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh release create "v${{ steps.bump_version.outputs.version }}" \ + agent/build/libs/pyroscope.jar \ + --title "Release v${{ steps.bump_version.outputs.version }}" \ + --notes "Automated release" From a502c2fdf305300b3f9959748938aac55a9c57ab Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:10:48 -0400 Subject: [PATCH 02/10] Switch automated artifact release off temporarily --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index e208d2c..582141e 100644 --- a/Makefile +++ b/Makefile @@ -9,13 +9,13 @@ build: .PHONY: publish publish: @echo "./gradlew clean :agent:shadowJar publishToSonatype closeAndReleaseSonatypeStagingRepository" - @./gradlew clean :agent:shadowJar publishToSonatype closeAndReleaseSonatypeStagingRepository \ + @./gradlew clean :agent:shadowJar publishToSonatype \ -PsonatypeUsername="$(NEXUS_USERNAME)" \ -PsonatypePassword="$(NEXUS_PASSWORD)" \ -Psigning.secretKeyRingFile="$(NEXUS_GPG_SECRING_FILE)" \ -Psigning.password="$(NEXUS_GPG_PASSWORD)" \ -Psigning.keyId="$(NEXUS_GPG_KEY_ID)" - @echo "Now you go https://s01.oss.sonatype.org, close the temporarly created staging repository and release it" + @echo "Now you go https://s01.oss.sonatype.org, close the temporarily created staging repository and release it" @echo "https://central.sonatype.org/publish/release/#locate-and-examine-your-staging-repository" .PHONY: test From eed2f279679cc761ee7472bf4fda165d223b212f Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:14:00 -0400 Subject: [PATCH 03/10] Add name --- .github/workflows/release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 23100fc..64c69fb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,5 @@ +name: Release + on: workflow_dispatch: inputs: From 7986779ae300249bf97808d53211d1c453417982 Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:17:07 -0400 Subject: [PATCH 04/10] Force workflow to become available --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 64c69fb..83e5a8c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,6 +12,7 @@ on: - patch - minor - major + pull_request: permissions: contents: write From 282c7701448b9f14c1e8921cfa6ad5a3d8fcf1ae Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:23:40 -0400 Subject: [PATCH 05/10] Make version bump more readable --- .github/workflows/release.yml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 83e5a8c..b4ca2f8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,19 +37,27 @@ jobs: id: bump_version run: | current_version=$(grep 'pyroscope_version=' gradle.properties | cut -d'=' -f2) + echo "Current version: $current_version" + IFS='.' read -r major minor patch <<< "$current_version" case "${{ inputs.version_bump }}" in - "patch") - new_version=$(echo $current_version | awk -F. '{$NF = $NF + 1;} 1' OFS=.) + "major") + major=$((major + 1)) + minor=0 + patch=0 ;; "minor") - new_version=$(echo $current_version | awk -F. '{$(NF-1) = $(NF-1) + 1; $NF = 0;} 1' OFS=.) + minor=$((minor + 1)) + patch=0 ;; - "major") - new_version=$(echo $current_version | awk -F. '{$(1) = $(1) + 1; $(NF-1) = 0; $NF = 0;} 1' OFS=.) + "patch") + patch=$((patch + 1)) ;; esac + new_version="${major}.${minor}.${patch}" + echo "New version: $new_version" + sed -i "s/pyroscope_version=.*/pyroscope_version=$new_version/" gradle.properties echo "version=$new_version" >> $GITHUB_OUTPUT From 1b565935d22e65381e46303737bf556efc60217c Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:29:35 -0400 Subject: [PATCH 06/10] Add id-token permission --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b4ca2f8..604f815 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,11 +12,11 @@ on: - patch - minor - major - pull_request: permissions: contents: write packages: write + id-token: write jobs: release: From 9c12d9dab8116dc9163977a9362a4e0fe182b64d Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:43:40 -0400 Subject: [PATCH 07/10] Try something else --- .github/workflows/release.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 604f815..3908c9b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -71,15 +71,17 @@ jobs: NEXUS_GPG_PASSWORD=publishing:nexus_gpg_key_id NEXUS_GPG_SECRING_FILE_BASE64=publishing:nexus_gpg_secring_file - - name: Decode GPG Keyring + - name: Prepare GPG Keyring + id: prepare_gpg_keyring run: | mkdir -p ${{ github.workspace }}/gpg echo "$NEXUS_GPG_SECRING_FILE_BASE64" | base64 -d > ${{ github.workspace }}/gpg/secring.gpg chmod 600 ${{ github.workspace }}/gpg/secring.gpg - export NEXUS_GPG_SECRING_FILE=${{ github.workspace }}/gpg/secring.gpg + echo "keyring_path=${{ github.workspace }}/gpg/secring.gpg" >> $GITHUB_OUTPUT - name: Build and Publish run: | + export NEXUS_GPG_SECRING_FILE=${{ steps.prepare_gpg_keyring.outputs.keyring_path }} make publish - name: Commit and Push Changes From 877bb5d032838100ab24d5fe3bdb086abf2d704d Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 17:08:11 -0400 Subject: [PATCH 08/10] Fix bad copy paste --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3908c9b..f8435a3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -68,7 +68,7 @@ jobs: NEXUS_USERNAME=publishing:nexus_username NEXUS_PASSWORD=publishing:nexus_password NEXUS_GPG_KEY_ID=publishing:nexus_gpg_key_id - NEXUS_GPG_PASSWORD=publishing:nexus_gpg_key_id + NEXUS_GPG_PASSWORD=publishing:nexus_gpg_password NEXUS_GPG_SECRING_FILE_BASE64=publishing:nexus_gpg_secring_file - name: Prepare GPG Keyring From 971f407cffe489180b716f43d3850d859646562f Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 17:24:08 -0400 Subject: [PATCH 09/10] Fix commit step --- .github/workflows/release.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f8435a3..a309c8c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -85,7 +85,11 @@ jobs: make publish - name: Commit and Push Changes + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" git add gradle.properties git commit -m "version ${{ steps.bump_version.outputs.version }}" git tag "v${{ steps.bump_version.outputs.version }}" From 7cb2daa9665169a8924b6c798a3a5f31a405b891 Mon Sep 17 00:00:00 2001 From: Aleksandar Petrov <8142643+aleks-p@users.noreply.github.com> Date: Wed, 27 Nov 2024 18:19:02 -0400 Subject: [PATCH 10/10] Last tweaks --- .github/workflows/release.yml | 2 -- Makefile | 3 +-- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a309c8c..9314a96 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,8 +24,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 - with: - fetch-depth: 0 - name: Set up Java 8 uses: actions/setup-java@v4 diff --git a/Makefile b/Makefile index 582141e..94aca27 100644 --- a/Makefile +++ b/Makefile @@ -9,13 +9,12 @@ build: .PHONY: publish publish: @echo "./gradlew clean :agent:shadowJar publishToSonatype closeAndReleaseSonatypeStagingRepository" - @./gradlew clean :agent:shadowJar publishToSonatype \ + @./gradlew clean :agent:shadowJar publishToSonatype closeAndReleaseSonatypeStagingRepository \ -PsonatypeUsername="$(NEXUS_USERNAME)" \ -PsonatypePassword="$(NEXUS_PASSWORD)" \ -Psigning.secretKeyRingFile="$(NEXUS_GPG_SECRING_FILE)" \ -Psigning.password="$(NEXUS_GPG_PASSWORD)" \ -Psigning.keyId="$(NEXUS_GPG_KEY_ID)" - @echo "Now you go https://s01.oss.sonatype.org, close the temporarily created staging repository and release it" @echo "https://central.sonatype.org/publish/release/#locate-and-examine-your-staging-repository" .PHONY: test