Skip to content

Upload Java libraries to Sonatype (v0.53.0) #91

Upload Java libraries to Sonatype (v0.53.0)

Upload Java libraries to Sonatype (v0.53.0) #91

Workflow file for this run

name: Upload Java libraries to Sonatype
run-name: ${{ github.workflow }} (${{ github.ref_name }})
on:
workflow_dispatch:
inputs:
dry_run:
description: "Just build, don't publish"
default: false
required: false
type: boolean
env:
CARGO_TERM_COLOR: always
jobs:
build:
name: Build for local development
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [windows-latest, macos-12]
include:
- os: windows-latest
library: signal_jni.dll
- os: macos-12
library: libsignal_jni.dylib
additional-rust-target: aarch64-apple-darwin
# Ubuntu binaries are built using Docker, below
timeout-minutes: 45
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
submodules: recursive
- name: Checking run eligibility
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
const dryRun = ${{ inputs.dry_run }};
const refType = '${{ github.ref_type }}';
const refName = '${{ github.ref_name }}';
console.log(dryRun
? `Running in 'dry run' mode on '${refName}' ${refType}`
: `Running on '${refName}' ${refType}`);
if (refType !== 'tag' && !dryRun) {
core.setFailed("the action should either be launched on a tag or with a 'dry run' switch");
}
- run: rustup toolchain install $(cat rust-toolchain) --profile minimal
- run: rustup target add ${{ matrix.additional-rust-target }}
if: ${{ matrix.additional-rust-target != '' }}
# install nasm compiler for boring
- name: Install nasm
if: startsWith(matrix.os, 'windows')
run: choco install nasm
shell: cmd
- run: choco install protoc
if: matrix.os == 'windows-latest'
- run: brew install protobuf
if: matrix.os == 'macos-12'
- name: Build for host (should be x86_64)
run: java/build_jni.sh desktop
shell: bash
- name: Build for alternate target (arm64)
run: java/build_jni.sh desktop
if: matrix.os == 'macos-12'
env:
CARGO_BUILD_TARGET: ${{ matrix.additional-rust-target }}
- name: Merge library slices (for macOS)
# Using target/release/ for both the input and output wouldn't normally be ideal
# from a build system perspective, but we're going to immediately upload the merged library.
run: lipo -create target/release/${{ matrix.library }} target/${{ matrix.additional-rust-target }}/release/${{ matrix.library }} -output target/release/${{ matrix.library }}
if: matrix.os == 'macos-12'
- name: Upload library
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: libsignal_jni (${{matrix.os}})
path: target/release/${{ matrix.library }}
verify-rust:
name: Verify JNI bindings
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
submodules: recursive
- run: rustup toolchain install $(cat rust-toolchain) --profile minimal
- run: sudo apt-get update && sudo apt-get install protobuf-compiler
- name: Verify that the JNI bindings are up to date
run: rust/bridge/jni/bin/gen_java_decl.py --verify
publish:
name: Build for production and publish
runs-on: ubuntu-latest
needs: [build, verify-rust]
timeout-minutes: 45
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
submodules: recursive
- name: Download built libraries
id: download
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
path: artifacts
- name: Copy libraries
run: mv ${{ steps.download.outputs.download-path }}/*/* java/shared/resources && find java/shared/resources
- run: make
if: ${{ inputs.dry_run }}
working-directory: java
- name: Upload libsignal-android
if: ${{ inputs.dry_run }}
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: libsignal-android
path: java/android/build/outputs/aar/libsignal-android-release.aar
- name: Upload libsignal-client
if: ${{ inputs.dry_run }}
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: libsignal-client
path: java/client/build/libs/libsignal-client-*.jar
- name: Upload libsignal-server
if: ${{ inputs.dry_run }}
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: libsignal-server
path: java/server/build/libs/libsignal-server-*.jar
- run: make publish_java
if: ${{ !inputs.dry_run }}
working-directory: java
env:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USER }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
ORG_GRADLE_PROJECT_signingKeyId: ${{ secrets.SIGNING_KEYID }}
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SIGNING_PASSWORD }}
# ASCII-armored PGP secret key
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SIGNING_KEY }}