[INJIMOB-893]: edited android workflow for the gpg key step #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Android Artifact Build | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| message: | |
| description: 'Message for manually triggering' | |
| required: false | |
| default: 'Triggered for Updates' | |
| type: string | |
| push: | |
| branches: | |
| - release* | |
| - master | |
| - develop* | |
| jobs: | |
| maven-publish: | |
| uses: mosip/kattu/.github/workflows/maven-publish-android.yml@master | |
| with: | |
| SERVICE_LOCATION: '.' | |
| ANDROID_SERVICE_LOCATION: 'android' | |
| secrets: | |
| OSSRH_USER: ${{ secrets.OSSRH_USER }} | |
| OSSRH_URL: ${{secrets.OSSRH_URL }} | |
| OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} | |
| OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} | |
| GPG_SECRET: ${{ secrets.GPG_SECRET }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| source_workflow_job: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Setup branch and env | |
| run: | | |
| # Strip git ref prefix from version | |
| echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV | |
| echo "GPG_TTY=$(tty)" >> $GITHUB_ENV | |
| - name: Setup branch and GPG public key | |
| run: | | |
| # Strip git ref prefix from version | |
| echo ${{ env.BRANCH_NAME }} | |
| echo ${{ env.GPG_TTY }} | |
| sudo apt-get --yes install gnupg2 | |
| gpg2 --import tuvali/.github/keys/mosipgpgkey_pub.gpg | |
| gpg2 --quiet --batch --passphrase=${{secrets.GPG_SECRET}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg | |
| - name: Install xmlstartlet and xmllint | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install xmlstarlet libxml2-utils | |
| - name: Setup the settings file for ossrh server | |
| run: echo "<settings> <servers> <server> <id>ossrh</id> <username>${{secrets.OSSRH_USER}}</username> <password>${{secrets.OSSRH_SECRET}}</password> </server> </servers> <profiles> <profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg2</gpg.executable> <gpg.passphrase>${{secrets.GPG_SECRET}}</gpg.passphrase> </properties> </profile> <profile> <id>allow-snapshots</id> <activation><activeByDefault>true</activeByDefault></activation> <repositories> <repository> <id>snapshots-repo</id> <url>https://oss.sonatype.org/content/repositories/snapshots</url> <releases><enabled>false</enabled></releases> <snapshots><enabled>true</enabled></snapshots> </repository> <repository> <id>releases-repo</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url> <releases><enabled>true</enabled></releases> <snapshots><enabled>false</enabled></snapshots> </repository> <repository> <id>danubetech-maven-public</id> <url>https://repo.danubetech.com/repository/maven-public/</url> </repository> </repositories> </profile> <profile> <id>sonar</id> <properties> <sonar.sources>.</sonar.sources> <sonar.host.url>https://sonarcloud.io</sonar.host.url> </properties> <activation> <activeByDefault>false</activeByDefault> </activation> </profile> </profiles> </settings>" > $GITHUB_WORKSPACE/settings.xml | |
| - name: Build check for MOSIP License | |
| run: | | |
| cd ${{ inputs.SERVICE_LOCATION }}/${{ inputs.ANDROID_SERVICE_LOCATION }} | |
| chmod +x ./gradlew | |
| ./gradlew generatePom | |
| xmlstarlet select -N s="http://maven.apache.org/POM/4.0.0" -t -v "//s:project/s:licenses[1]/s:license/s:name" -nl build/publications/aar/pom-default.xml | grep -q "MIT" | |
| - name: Build check for developer | |
| run: | | |
| cd ${{ inputs.SERVICE_LOCATION }}/${{ inputs.ANDROID_SERVICE_LOCATION }} | |
| ./gradlew generatePom | |
| xmlstarlet select -N s="http://maven.apache.org/POM/4.0.0" -t -v "//s:project/s:developers[1]/s:developer/s:name" -nl build/publications/aar/pom-default.xml | grep -icq "Mosip" | |
| # Skipping the commit plugin step | |
| - name: Build check for commit plugin | |
| if: false | |
| run: echo "Skipping the commit plugin step" | |
| # Skipping the sign plugin step | |
| - name: Build check for sign plugin | |
| if: false | |
| run: echo "Skipping the sign plugin step" | |
| - name: Validate pom.xml & settings.xml via xmllint | |
| run: | | |
| find ${{ inputs.SERVICE_LOCATION }}/android/build/publications/aar -type f -name pom.xml | while read -r F; do | |
| xmllint --xpath '/*[local-name()="project"]/*[local-name()="version"]' $F | |
| done | |
| - name: Build with Gradlew | |
| run: | | |
| cd ${{ inputs.SERVICE_LOCATION }}/${{ inputs.ANDROID_SERVICE_LOCATION }} | |
| ./gradlew assembleDebug | |
| - name: Publish to Maven Central | |
| env: | |
| OSSRH_USERNAME: ${{secrets.OSSRH_USER}} | |
| OSSRH_PASSWORD: ${{secrets.OSSRH_SECRET}} | |
| OSSRH_URL: ${{secrets.OSSRH_URL}} | |
| if: "${{ !contains(github.ref, 'master') && github.event_name != 'pull_request' && github.event_name == 'workflow_dispatch' }}" | |
| run: | | |
| cd ${{ inputs.SERVICE_LOCATION }}/${{ inputs.ANDROID_SERVICE_LOCATION }} | |
| ./gradlew publish | |
| # - name: Publish to Slack | |
| # uses: 8398a7/action-slack@v3 | |
| # with: | |
| # status: ${{ job.status }} | |
| # fields: repo,message,author,commit,workflow,job # selectable (default: repo,message) | |
| # env: | |
| # SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
| # if: "${{ github.event_name != 'pull_request' && failure() }}" # |