diff --git a/.github/workflows/pom-release-published.yml b/.github/workflows/pom-release-published.yml new file mode 100644 index 00000000..ec76f1d3 --- /dev/null +++ b/.github/workflows/pom-release-published.yml @@ -0,0 +1,72 @@ +name: Release POM to Sonatype + +on: + workflow_call: + secrets: + SONATYPE_USERNAME: + description: 'SONATYPE_USERNAME from the caller workflow' + required: true + SONATYPE_TOKEN: + description: 'SONATYPE_TOKEN from the caller workflow' + required: true + +jobs: + release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Set up Java for publishing to Maven Central Repository + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + cache: 'maven' + server-id: sonatype-nexus-staging + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD + + - name: Configure Git + run: | + git config user.name "liquibot" + git config user.email "liquibot@liquibase.org" + + - name: Build release artifacts + id: build-release-artifacts + run: | + mvn -B release:clean release:prepare -Dusername=liquibot -Dpassword=$GITHUB_TOKEN -Darguments="-Dmaven.javadoc.skip=true -Dmaven.test.skipTests=true -Dmaven.test.skip=true -Dmaven.deploy.skip=true" -DreleaseVersion=${{ github.event.inputs.liquibaseVersion }} -DpushChanges=false + git reset HEAD~ --hard + + - name: Get Artifact ID + id: get-artifact-id + run: echo "artifact_id=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)" >> $GITHUB_ENV + + - name: Download Release Artifacts + uses: robinraju/release-downloader@v1.6 + with: + tag: "${{ github.event.release.tag_name }}" + filename: "${{ env.artifact_id }}-*" + out-file-path: "." + + - name: Publish to Maven Central + env: + MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.SONATYPE_TOKEN }} + run: | + version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) + mvn -B org.apache.maven.plugins:maven-deploy-plugin:3.0.0-M1:deploy-file \ + -Durl=https://oss.sonatype.org/service/local/staging/deploy/maven2/ \ + -DrepositoryId=sonatype-nexus-staging \ + -DpomFile=${{ env.artifact_id }}-${version}.pom \ + -DgeneratePom=false \ + -Dfile=${{ env.artifact_id }}-${version}.pom \ + -Dsources=${{ env.artifact_id }}-${version}-sources.jar \ + -Djavadoc=${{ env.artifact_id }}-${version}-javadoc.jar \ + -Dfiles=${{ env.artifact_id }}-${version}-sources.jar.asc,${{ env.artifact_id }}-${version}-javadoc.jar.asc,${{ env.artifact_id }}-${version}.pom.asc \ + -Dtypes=jar.asc,jar.asc,pom.asc \ + -Dclassifiers=sources,javadoc, + + maven-release: + needs: release + uses: liquibase/build-logic/.github/workflows/extension-release-prepare.yml@v0.4.2 + secrets: inherit \ No newline at end of file diff --git a/README.md b/README.md index 925bed74..d7171c67 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,7 @@ Please review the below table of reusable workflows and their descriptions: | `extension-update-version.yml` | Updates release and development `pom.xml` versions | | `os-extension-test.yml` | Unit tests across build matrix on previously built artifact | | `package-deb.yml` | Creates and uploads deb packages | +| `pom-release-published.yml` | Publishes a release pom to Maven Central | | `pro-extension-test.yml` | Same as OS job, but with additional Pro-only vars such as License Key | | `sonar-pull-request.yml` | Code Coverage Scan for PRs. Requires branch name parameter | | `sonar-test-scan.yml` | Code Coverage Scan for unit and integration tests |