GitHub Action implementing the common release steps for SonarSource projects. It's recommended to use when publishing a GitHub release.
Add .github/workflows/release.yml
to the repository
name: Release
# Trigger when publishing a new GitHub release
on:
release:
types:
- published
jobs:
release:
permissions:
id-token: write
contents: write
uses: SonarSource/gh-action_release/.github/workflows/main.yaml@v5
with:
publishToBinaries: true
mavenCentralSync: true # for OSS projects only
Available options:
publishToBinaries
(default: false): enable the publication to binariespublishJavadoc
(default: false): enable the publication of the javadoc to https://javadocs.sonarsource.org/javadocDestinationDirectory
(default: use repository name): define the subdir to use in https://javadocs.sonarsource.org/binariesS3Bucket
(default: downloads-cdn-eu-central-1-prod): target bucketmavenCentralSync
(default: false): enable synchronization to Maven Central, for OSS projects onlymavenCentralSyncExclusions
(default: none): exclude some artifacts from synchronizationpublishToPyPI
(default: false): Publish pypi artifacts to https://pypi.org/, for OSS projects onlypublishToTestPyPI
(default: false): Publish pypi artifacts to https://test.pypi.org/, for OSS projects onlyskipPythonReleasabilityChecks
(default: false): Skip releasability checks for Python projects onlyslackChannel
(default: build): notification Slack channelartifactoryRoleSuffix
(default: promoter): Artifactory promoter suffixdryRun
(default: false): perform a dry run execution
To perform a releasability check for a given version without performing an actual release, run the releasability_check workflow. The releasability checks execute the lambdas deployed from the https://github.com/SonarSource/ops-releasability project.
The repository needs to be onboarded to ops-releasability/projects.json.
The repository needs to be onboarded to the Vault.
development/artifactory/token/{REPO_OWNER_NAME_DASH}-promoter
development/kv/data/slack
development/kv/data/repox
development/aws/sts/downloads
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader
development/kv/data/ossrh
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader
development/kv/data/pypi
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader
development/kv/data/pypi-test
All the actions in this repository are released together following semantic versioning,
ie: 5.0.0
.
Branches prefixed with a v
are pointers to the last major versions, ie: v5
.
Note: the
master
branch is used for development and can not be referenced directly. Use av
branch or a tag instead.
The development is done on master
and the branch-*
maintenance branches.
For testing purpose you may want to use this gh-action without really releasing. There comes the dry run.
What the dry run will do and not do:
- Will not promote any artifacts in repox
- Will not push binaries
- Will not publish to slack
Instead, it will actually print the sequence of operations that would have
been performed based on the provided inputs defined in with:
section.
To create a release run the Release workflow. The workflow will create the GitHub Release.
To update the v-branch run the Update v-branch workflow. The workflow will update the v-branch to the specified tag.
For more deails see RELEASE.md