sync: master to release #16406
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Publish | |
#the concurrency check will cancel in-progress runs on non-master branches and pull requests on forked repositories, but not on the specified branches (master, github-action-**, DAT-**, dependabot-**). | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref && github.ref || github.run_id }} | |
cancel-in-progress: false | |
on: | |
workflow_call: | |
workflow_dispatch: | |
env: | |
MAVEN_VERSION: '3.9.2' | |
jobs: | |
setup: | |
name: Setup | |
runs-on: ubuntu-22.04 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
outputs: | |
branchExistsInBoth: ${{ steps.check-branch.outputs.branchExistsInBoth }} | |
thisBranchName: ${{ steps.get-branch-name.outputs.thisBranchName }} | |
latestMergeSha: ${{ steps.get-sha.outputs.latestMergeSha }} | |
timeStamp: ${{ steps.get-timestamp.outputs.timestamp }} | |
proBranchNamePrefix: ${{ steps.check-branch.outputs.proBranchNamePrefix }} | |
unmodifiedBranchName: ${{ steps.get-branch-name.outputs.unmodifiedBranchName }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.event.after}} | |
- name: Get Latest Merge Commit SHA | |
id: get-sha | |
run: | | |
latest_merge_sha=`(git rev-parse HEAD)` | |
echo "latestMergeSha=${latest_merge_sha}" >> $GITHUB_OUTPUT | |
- name: Get Timestamp | |
id: get-timestamp | |
run: | | |
timeStamp=$(date +'%Y-%m-%d %H:%M:%S %Z') | |
echo "timestamp=${timeStamp}" >> $GITHUB_OUTPUT | |
- name: Get Current BranchName | |
id: get-branch-name | |
run: | | |
# this logic checks if the branch is from a forked repository PR or not. Where -n is the inverse of -z (not empty) | |
if [ -n "${GITHUB_HEAD_REF}" ]; | |
then | |
branch_name=${GITHUB_HEAD_REF} | |
else | |
branch_name=${{ github.ref_name }} | |
fi | |
modified_branch_name=`(echo $branch_name | tr '/' '_')` | |
echo "thisBranchName=$modified_branch_name" >> $GITHUB_OUTPUT | |
#this is to check if the same branch name exists in PRO, we need it in check-branch step | |
echo "unmodifiedBranchName=$branch_name" >> $GITHUB_OUTPUT | |
echo "Modified Branch Name:" $modified_branch_name | |
echo "Original Branch Name thisBranchName:" $branch_name | |
- name: Checkout OSS Repo | |
uses: actions/checkout@v3 | |
with: | |
repository: liquibase/liquibase | |
#RUN THIS LOGIC WHEN THERE IS A SAME BRANCH IN OSS AND PRO | |
#checking if the branch specified by $currentBranch exists in the PRO repository, If the getBranch call throws an error, it means the branch doesn't exist in the PRO repo. Also, remove refs/heads/ | |
# if the value of branchExistsInBoth = false then set liquibaseProVersionPrefix = master else $currentBranch | |
# if the value of branchExistsInBoth = true then set liquibaseProVersionPrefix = thisBranchName else $currentBranch as PRO also has replacement logic for / with _ | |
- name: Check branch existence | |
id: check-branch | |
uses: actions/github-script@v6 | |
with: | |
github-token: ${{ secrets.LIQUIBOT_PAT_GPM_ACCESS }} | |
script: | | |
const currentBranch = "${{ steps.get-branch-name.outputs.unmodifiedBranchName }}" | |
console.log(currentBranch) | |
let branchExistsInBoth; | |
try { | |
await github.rest.repos.getBranch({ | |
owner: "liquibase", | |
repo: "liquibase-pro", | |
branch: currentBranch | |
}); | |
branchExistsInBoth = true | |
} catch (error){ | |
branchExistsInBoth = false | |
} | |
let liquibaseProVersionPrefix= branchExistsInBoth ? currentBranch : 'master' | |
liquibaseProVersionPrefix=liquibaseProVersionPrefix.replaceAll("/","_") | |
core.setOutput("branchExistsInBoth", branchExistsInBoth) | |
core.setOutput("proBranchNamePrefix", liquibaseProVersionPrefix) | |
console.log(liquibaseProVersionPrefix) | |
### MATCHING BRANCH RUN THIS LOGIC | |
build_publish_branch: | |
name: Artifacts- Build & Package | |
runs-on: macos-latest | |
needs: [ setup ] | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.event.after}} | |
# this includes all the tar files included in the previous runs. So in the next step we deploy what was previously build | |
- name: Download Artifacts for build.yml | |
uses: actions/download-artifact@v3 | |
with: | |
name: temp-artifact | |
##Cache based on install4j file, since changes to JVM is seen in there. If install4j version changes without changing the file, change the prefix letter before hashFiles to force a new cache | |
- name: Install4j Cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: install4j-A${{ hashFiles('liquibase-dist/src/main/install4j/liquibase.install4j') }} | |
path: ~/.install4j8/** | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '11' | |
distribution: 'temurin' | |
gpg-private-key: ${{ secrets.GPG_SECRET }} | |
gpg-passphrase: GPG_PASSPHRASE | |
cache: 'maven' | |
overwrite-settings: false | |
env: | |
GPG_PASSWORD: ${{ secrets.GPG_PASSPHRASE }} | |
#look for dependencies in maven | |
- name: maven-settings-xml-action | |
uses: whelk-io/maven-settings-xml-action@v21 | |
with: | |
repositories: | | |
[ | |
{ | |
"id": "liquibase", | |
"url": "https://maven.pkg.github.com/liquibase/liquibase", | |
"releases": { | |
"enabled": "false" | |
}, | |
"snapshots": { | |
"enabled": "true", | |
"updatePolicy": "always" | |
} | |
}, | |
{ | |
"id": "liquibase-pro", | |
"url": "https://maven.pkg.github.com/liquibase/liquibase-pro", | |
"releases": { | |
"enabled": "false" | |
}, | |
"snapshots": { | |
"enabled": "true", | |
"updatePolicy": "always" | |
} | |
} | |
] | |
servers: | | |
[ | |
{ | |
"id": "liquibase-pro", | |
"username": "liquibot", | |
"password": "${{ secrets.LIQUIBOT_PAT }}" | |
}, | |
{ | |
"id": "liquibase", | |
"username": "liquibot", | |
"password": "${{ secrets.LIQUIBOT_PAT }}" | |
} | |
] | |
- name: Set up Maven | |
uses: stCarolas/setup-maven@v4.5 | |
with: | |
maven-version: ${{ env.MAVEN_VERSION }} | |
# Version artifact based off of branch | |
- name: Version Artifact | |
run: | | |
version=${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT | |
mvn versions:set -DnewVersion="$version" | |
- name: Artifacts- Build & Sign | |
env: | |
INSTALL4J_LICENSE: ${{ secrets.INSTALL4J_LICENSE }} | |
INSTALL4J_APPLE_KEY: ${{ secrets.INSTALL4J_APPLE_KEY }} | |
INSTALL4J_APPLE_KEY_PASSWORD: ${{ secrets.INSTALL4J_APPLE_KEY_PASSWORD }} | |
INSTALL4J_APPLE_ID: ${{ secrets.INSTALL4J_APPLE_ID }} | |
INSTALL4J_APPLE_ID_PASSWORD: ${{ secrets.INSTALL4J_APPLE_ID_PASSWORD }} | |
INSTALL4J_WINDOWS_KEY: ${{ secrets.INSTALL4J_WINDOWS_KEY }} | |
INSTALL4J_WINDOWS_KEY_PASSWORD: ${{ secrets.INSTALL4J_WINDOWS_KEY_PASSWORD }} | |
GPG_PASSWORD: ${{ secrets.GPG_PASSPHRASE }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
## save install4j code signing keys | |
mkdir -p liquibase-dist/target/keys | |
echo "Saving apple key" | |
echo "$INSTALL4J_APPLE_KEY" | base64 -d > liquibase-dist/target/keys/datical_apple.p12 | |
echo "Saving windows key" | |
echo "$INSTALL4J_WINDOWS_KEY" | base64 -d > liquibase-dist/target/keys/datical_windows.pfx | |
# we are packaging and deploying liquibase tar which includes liquibase-commercial | |
mvn -B -pl liquibase-dist -P liquibase-commercial source:jar package "-Dliquibase-pro.version=${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT" "-Dbuild.repository.owner=liquibase" "-Dbuild.repository.name=liquibase" "-Dbuild.branch=${{ needs.setup.outputs.thisBranchName }}" "-Dbuild.number=${{ github.run_number }}" "-Dbuild.commit=${{ needs.setup.outputs.latestMergeSha }}-SNAPSHOT" "-Dbuild.timestamp=${{ needs.setup.outputs.timeStamp }}" | |
## extract tar content for other artifacts | |
mkdir -p liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT | |
(cd liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT && tar -xzf ../liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.tar.gz) | |
# there is some issue while doing a tar -xzf hence copying this manually | |
cp -r liquibase-standard/src/main/resources/liquibase/examples liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT | |
ls -l liquibase-dist/target | |
#zip the above folder again which contains examples folder | |
(cd liquibase-dist/target && tar -czf liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.tar.gz liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT) | |
## verify that the contents of the tar matches the expectation | |
#echo "Comparing the contents of the tar.gz with the expected contents (using baseline file in liquibase-dist directory) to ensure that no new files were accidentally added. A failure here indicates that a new file was added to the tar.gz, and it should either be rectififed or added to the baseline." | |
brew install tree --quiet | |
tree liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT -o actual-distribution-contents.txt --noreport | |
# remove first line of actual, because it contains the folder name, which the expected will not have | |
echo "$(tail -n +2 actual-distribution-contents.txt)" > actual-distribution-contents.txt | |
diff actual-distribution-contents.txt liquibase-dist/expected-distribution-contents.txt | |
rm -rf actual-distribution-contents.txt | |
##create zip file from tar content | |
(cd liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT && zip -r ../liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.zip *) | |
echo "liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT" | |
ls liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT | |
##create installer - disabled here but run as nightly job and as part of release workflow | |
# (cd liquibase-dist && ${{ github.workspace }}/.github/util/package-install4j.sh 0-SNAPSHOT) | |
find . -name original-*.jar -exec rm {} \; | |
mkdir -p artifacts | |
cp liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.tar.gz artifacts | |
cp liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.zip artifacts | |
cp liquibase-core/target/liquibase-core-0-SNAPSHOT.jar artifacts/liquibase-core-0-SNAPSHOT.jar | |
#cp liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT/internal/lib/liquibase-core.jar artifacts/liquibase-core-0-SNAPSHOT.jar | |
cp liquibase-core/target/liquibase-core-0-SNAPSHOT-sources.jar artifacts/liquibase-core-0-SNAPSHOT-sources.jar | |
cp target/liquibase-0-SNAPSHOT-javadoc.jar artifacts/liquibase-core-0-SNAPSHOT-javadoc.jar | |
##create installer - disabled here but run as nightly job and as part of release workflow | |
#cp liquibase-dist/target/liquibase-*-installer-* artifacts | |
cp liquibase-maven-plugin/target/liquibase-maven-plugin-0-SNAPSHOT.jar artifacts | |
cp liquibase-maven-plugin/target/liquibase-maven-plugin-0-SNAPSHOT-sources.jar artifacts | |
cp liquibase-maven-plugin/target/liquibase-maven-plugin-0-SNAPSHOT-javadoc.jar artifacts | |
cp liquibase-cdi/target/liquibase-cdi-0-SNAPSHOT.jar artifacts | |
cp liquibase-cdi/target/liquibase-cdi-0-SNAPSHOT-sources.jar artifacts | |
cp liquibase-cdi/target/liquibase-cdi-0-SNAPSHOT-javadoc.jar artifacts | |
cp liquibase-cdi-jakarta/target/liquibase-cdi-jakarta-0-SNAPSHOT.jar artifacts | |
cp liquibase-cdi-jakarta/target/liquibase-cdi-jakarta-0-SNAPSHOT-sources.jar artifacts | |
cp liquibase-cdi-jakarta/target/liquibase-cdi-jakarta-0-SNAPSHOT-javadoc.jar artifacts | |
echo "Source code not available for liquibase-commercial" > /tmp/readme.source.txt | |
(cd /tmp && jar cf liquibase-commercial-${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT-sources.jar readme.source.txt) | |
echo "Javadocs not available for liquibase-commercial" > /tmp/readme.javadocs.txt | |
(cd /tmp && jar cf liquibase-commercial-${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT-javadoc.jar readme.javadocs.txt) | |
ls -R /Users/runner/.m2/repository/org/liquibase/liquibase-commercial | |
echo "/Users/runner/.m2/repository/org/liquibase/liquibase-commercial " | |
commercialJarM2Location=/Users/runner/.m2/repository/org/liquibase/liquibase-commercial/${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT/liquibase-commercial-${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT.jar | |
cp $commercialJarM2Location artifacts | |
cp /tmp/liquibase-commercial-${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT-sources.jar artifacts | |
cp /tmp/liquibase-commercial-${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT-javadoc.jar artifacts | |
.github/util/sign-artifacts.sh artifacts | |
##prepare branch-named convenience artifacts directories | |
mkdir artifacts-named | |
cp liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT.tar.gz artifacts-named/liquibase-${{ needs.setup.outputs.thisBranchName }}.tar.gz | |
#cp liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT/internal/lib/liquibase-core.jar artifacts-named/liquibase-core-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-core/target/liquibase-core-0-SNAPSHOT.jar artifacts-named/liquibase-core-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-maven-plugin/target/liquibase-maven-plugin-0-SNAPSHOT.jar artifacts-named/liquibase-maven-plugin-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-cdi/target/liquibase-cdi-0-SNAPSHOT.jar artifacts-named/liquibase-cdi-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-cdi-jakarta/target/liquibase-cdi-jakarta-0-SNAPSHOT.jar artifacts-named/liquibase-cdi-jakarta-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-extension-testing/target/liquibase-extension-testing-0-SNAPSHOT.jar artifacts-named/liquibase-extension-testing-${{ needs.setup.outputs.thisBranchName }}.jar | |
cp liquibase-extension-testing/target/liquibase-extension-testing-0-SNAPSHOT-deps.jar artifacts-named/liquibase-extension-testing-${{ needs.setup.outputs.thisBranchName }}-deps.jar | |
#check why only this step has branchName when there is a standalone PR | |
cp $commercialJarM2Location artifacts-named/liquibase-commercial-${{ needs.setup.outputs.thisBranchName }}.jar | |
- name: Archive Packages | |
uses: actions/upload-artifact@v3 | |
with: | |
name: liquibase-artifacts | |
path: artifacts/* | |
- name: Archive Convenience Zip | |
uses: actions/upload-artifact@v3 | |
with: | |
name: liquibase-zip-${{ needs.setup.outputs.thisBranchName }} | |
path: liquibase-dist/target/liquibase-${{ needs.setup.outputs.thisBranchName }}-SNAPSHOT/* | |
- name: Archive Convenience Artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: liquibase-artifacts-${{ needs.setup.outputs.thisBranchName }} | |
path: artifacts-named/* | |
# Publish <commitsha>-SNAPSHOT version to GPM | |
- name: Version Artifact Publish <commitsha>-SNAPSHOT version to GPM | |
run: | | |
mvn versions:set "-DnewVersion=${{ needs.setup.outputs.latestMergeSha }}-SNAPSHOT" | |
- name: Publish <commitsha>-SNAPSHOT package | |
run: | | |
mvn -B clean deploy -pl '!liquibase-dist' -DskipTests=true "-Dbuild.repository.owner=liquibase" "-Dbuild.repository.name=liquibase" "-Dbuild.branch=${{ needs.setup.outputs.thisBranchName }}" "-Dbuild.number=${{ github.run_number }}" "-Dbuild.commit=${{ needs.setup.outputs.latestMergeSha }}" "-Dbuild.timestamp=${{ needs.setup.outputs.timeStamp }}" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
#Publish to GitHub Packages. We are building a tar file which includes liquibase-commercial hence we need "-Dliquibase-pro.version" | |
- name: Publish tar.gz package to GPM | |
run: | | |
mvn -B -pl liquibase-dist -P liquibase-commercial clean deploy -DskipTests=true "-Dliquibase-pro.version=${{ needs.setup.outputs.proBranchNamePrefix }}-SNAPSHOT" "-Dbuild.timestamp=${{ needs.setup.outputs.timestamp }}" "-Dbuild.repository.owner=liquibase" "-Dbuild.repository.name=liquibase" "-Dbuild.branch=${{ needs.setup.outputs.thisBranchName }}" "-Dbuild.number=${{ github.run_number }}" "-Dbuild.commit=${{ needs.setup.outputs.thisSha }}" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run-functional-tests: | |
needs: [ setup, build_publish_branch ] | |
uses: liquibase/liquibase/.github/workflows/run-functional-tests.yml@master | |
secrets: inherit | |
with: | |
latestMergeSha: ${{ needs.setup.outputs.latestMergeSha }} | |
thisBranchName: ${{ needs.setup.outputs.unmodifiedBranchName }} | |
run-tests-harness: | |
needs: [ setup,build_publish_branch ] | |
uses: liquibase/liquibase/.github/workflows/run-test-harness.yml@master | |
secrets: inherit | |
with: | |
latestMergeSha: ${{ needs.setup.outputs.latestMergeSha }} | |
thisBranchName: ${{ needs.setup.outputs.unmodifiedBranchName }} |