diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ff179617..a3df6b74 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,76 +2,93 @@ name: Release on: push: - tags: - - 'v*' +# tags: +# - 'v*' permissions: contents: write jobs: - soot-wrapper: + calculate-checksum: runs-on: ubuntu-latest - strategy: - matrix: - java-version: [ 11, 17, 21 ] steps: - uses: actions/checkout@v4 with: - repository: 'debricked/soot-wrapper' + fetch-depth: 30 + fetch-tags: true + ref: ${{ github.event.repository.default_branch }} + sparse-checkout: . + - name: Get next latest tag + id: next-latest-tag + run: | + CURRENT_TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r '.tag_name') + PREVIOUS_TAG=$(git describe --tags --abbrev=0 $CURRENT_TAG^) + echo "next_latest_tag=$PREVIOUS_TAG" >> $GITHUB_OUTPUT + - uses: actions/checkout@v4 + with: + repository: 'debricked/soot-wrapper' + - name: Calculate checksum id: calc-checksum run: | - TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r '.tag_name') - curl -LJO https://github.com/${{ github.repository }}/releases/download/${TAG}/soot-wrapper-rev-hash-${{ matrix.java-version }}.txt + curl -LJO https://github.com/${{ github.repository }}/releases/download/${{ steps.next-latest-tag.outputs.next_latest_tag }}/soot-wrapper-rev-hash-${{ matrix.java-version }}.txt - echo "release_tag=$TAG" >> $GITHUB_OUTPUT echo "hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT if [ ! -f soot-wrapper-rev-hash-${{ matrix.java-version }}.txt ]; then touch soot-wrapper-rev-hash-${{ matrix.java-version }}.txt fi echo "prev_hash=$(cat soot-wrapper-rev-hash-${{ matrix.java-version }}.txt)" >> $GITHUB_OUTPUT + - name: Store soot-wrapper revision hash + run: | + echo ${{ steps.calc-checksum.outputs.hash }} > soot-wrapper-rev-hash-${{ matrix.java-version }}.txt + + - name: Upload file containing soot-wrapper revision hash + uses: actions/upload-artifact@v4 + with: + name: soot-wrapper-rev-hash.txt + path: soot-wrapper-rev-hash.txt + overwrite: 'true' + + soot-wrapper: + needs: calculate-checksum + runs-on: ubuntu-latest + strategy: + matrix: + java-version: [ 11, 17, 21 ] + steps: + - uses: actions/checkout@v4 + with: + repository: 'debricked/soot-wrapper' + - name: Pull JAR from previous release if already built - if: steps.calc-checksum.outputs.hash == steps.calc-checksum.outputs.prev_hash + if: needs.calculate-checksum.steps.calc-checksum.outputs.hash == needs.calculate-checksum.steps.calc-checksum.outputs.prev_hash run: | - curl -LJO https://github.com/${{ github.repository }}/releases/download/${{ steps.calc-checksum.outputs.release_tag }}/soot-wrapper-${{ matrix.java-version }}.zip + curl -LJO https://github.com/${{ github.repository }}/releases/download/${{ needs.calculate-checksum.steps.next-latest-tag.outputs.next_latest_tag }}/soot-wrapper-${{ matrix.java-version }}.zip env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK ${{ matrix.java-version }} - if: steps.calc-checksum.outputs.hash != steps.calc-checksum.outputs.prev_hash + if: needs.calculate-checksum.steps.calc-checksum.outputs.hash != needs.calculate-checksum.steps.calc-checksum.outputs.prev_hash uses: actions/setup-java@v4 with: java-version: ${{ matrix.java-version }} distribution: 'adopt' - name: Build with Maven - if: steps.calc-checksum.outputs.hash != steps.calc-checksum.outputs.prev_hash + if: needs.calculate-checksum.steps.calc-checksum.outputs.hash != needs.calculate-checksum.steps.calc-checksum.outputs.prev_hash run: | cd java/common/ mvn clean package -X -DskipTests - name: Create archive with generated JARs - if: steps.calc-checksum.outputs.hash != steps.calc-checksum.outputs.prev_hash + if: needs.calculate-checksum.steps.calc-checksum.outputs.hash != needs.calculate-checksum.steps.calc-checksum.outputs.prev_hash run: | cd java/common/target/ zip -r soot-wrapper-${{ matrix.java-version }}.zip *.jar mv soot-wrapper-${{ matrix.java-version }}.zip ../../../soot-wrapper-${{ matrix.java-version }}.zip - - name: Store soot-wrapper revision hash - if: steps.calc-checksum.outputs.hash != steps.calc-checksum.outputs.prev_hash - run: | - echo ${{ steps.calc-checksum.outputs.hash }} > soot-wrapper-rev-hash-${{ matrix.java-version }}.txt - - - name: Upload file containing soot-wrapper revision hash - if: steps.calc-checksum.outputs.hash != steps.calc-checksum.outputs.prev_hash - uses: actions/upload-artifact@v4 - with: - name: soot-wrapper-rev-hash-${{ matrix.java-version }}.txt - path: soot-wrapper-rev-hash-${{ matrix.java-version }}.txt - overwrite: 'true' - - name: Upload the archive uses: actions/upload-artifact@v4 with: @@ -79,123 +96,121 @@ jobs: path: soot-wrapper-${{ matrix.java-version }}.zip overwrite: 'true' - goreleaser: - runs-on: ubuntu-latest - needs: soot-wrapper - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - run: git fetch --force --tags - - - uses: actions/setup-go@v5 - with: - go-version: '>=1.20' - cache: true - - - name: Import GPG signing key - id: import_gpg - uses: crazy-max/ghaction-import-gpg@v6 - with: - gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} - passphrase: ${{ secrets.GPG_PASSPHRASE }} - - - name: Pull Supported Formats - run: | - cd cmd/debricked - go generate -v -x - - - uses: goreleaser/goreleaser-action@v6 - with: - distribution: goreleaser - version: latest - args: release --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - - name: Download JAR archives - uses: actions/download-artifact@v4 - - - name: Add archives with JARs to release - uses: softprops/action-gh-release@v2 - if: startsWith(github.ref, 'refs/tags/') - with: - tag_name: ${{ github.ref_name }} - files: | - soot-wrapper-rev-hash-11.txt/soot-wrapper-rev-hash-11.txt - soot-wrapper-rev-hash-17.txt/soot-wrapper-rev-hash-17.txt - soot-wrapper-rev-hash-21.txt/soot-wrapper-rev-hash-21.txt - soot-wrapper-11.zip/soot-wrapper-11.zip - soot-wrapper-17.zip/soot-wrapper-17.zip - soot-wrapper-21.zip/soot-wrapper-21.zip - - major-release: - runs-on: ubuntu-latest - needs: goreleaser - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Update major release tag - id: major-tag - run: | - # returns v1, v2, etc, everything to the left of the leftmost dot. - MAJOR_VERSION="${GITHUB_REF_NAME%%.*}" - MAJOR_TAG="release-${MAJOR_VERSION}" - echo "MAJOR_VERSION=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" - echo "MAJOR_TAG=${MAJOR_TAG}" >> "$GITHUB_OUTPUT" - git tag -f "${MAJOR_TAG}" - git push -f origin "${MAJOR_TAG}" - - name: Fetch assets from actual release - env: - MAJOR_TAG: ${{ steps.major-tag.outputs.MAJOR_TAG }} - GH_TOKEN: ${{ github.token }} - run: | - gh release download --pattern="cli_*.tar.gz" "${GITHUB_REF_NAME}" - - name: Create or update release - uses: softprops/action-gh-release@v2 - with: - body: Latest release for the ${{ steps.major-tag.outputs.MAJOR_VERSION }} branch of the CLI - name: Latest ${{ steps.major-tag.outputs.MAJOR_VERSION }} CLI - tag_name: ${{ steps.major-tag.outputs.MAJOR_TAG }} - fail_on_unmatched_files: true - make_latest: false - files: "cli_*.tar.gz" - - - aur: - runs-on: ubuntu-latest - needs: goreleaser - container: - image: archlinux/archlinux:base-devel - steps: - - name: Prepare Arch Linux container - run: | - pacman -Syu --noconfirm git go openssh pacman-contrib - useradd -m aur - - # Setup SSH access to aur.archlinux.org - - uses: webfactory/ssh-agent@v0.9.0 - with: - ssh-private-key: ${{ secrets.AUR_SSH_PRIVATE_KEY }} - - # Now actually clone AUR repo, and update to new version - - name: Build package and update AUR - run: | - export NEW_VERSION="${GITHUB_REF_NAME#v}" - sudo -u aur sh -c "mkdir -p /home/aur/.ssh && chmod 700 /home/aur/.ssh && touch /home/aur/.ssh/known_hosts && chmod 600 /home/aur/.ssh/known_hosts" - sudo -u aur sh -c "echo 'aur.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuBKrPzbawxA/k2g6NcyV5jmqwJ2s+zpgZGZ7tpLIcN' >> /home/aur/.ssh/known_hosts" - mkdir -p /root/.ssh && chmod 700 /root/.ssh && cp /home/aur/.ssh/known_hosts /root/.ssh/known_hosts && chown root: /root/.ssh/known_hosts - # clone repo - git clone aur@aur.archlinux.org:debricked.git debricked - chown -R aur debricked/ - cd debricked/ - sudo -u aur NEW_VERSION="${NEW_VERSION}" make update_version - sudo -u aur make package - sudo -u aur git diff - sudo -u aur git config user.email noreply@debricked.com - sudo -u aur git config user.name "Debricked build bot" - git config --global --add safe.directory "$PWD" - make push +# goreleaser: +# runs-on: ubuntu-latest +# needs: soot-wrapper +# steps: +# - uses: actions/checkout@v4 +# with: +# fetch-depth: 0 +# +# - run: git fetch --force --tags +# +# - uses: actions/setup-go@v5 +# with: +# go-version: '>=1.20' +# cache: true +# +# - name: Import GPG signing key +# id: import_gpg +# uses: crazy-max/ghaction-import-gpg@v6 +# with: +# gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} +# passphrase: ${{ secrets.GPG_PASSPHRASE }} +# +# - name: Pull Supported Formats +# run: | +# cd cmd/debricked +# go generate -v -x +# +# - uses: goreleaser/goreleaser-action@v6 +# with: +# distribution: goreleaser +# version: latest +# args: release --clean +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} +# +# - name: Download JAR archives +# uses: actions/download-artifact@v4 +# +# - name: Add archives with JARs to release +# uses: softprops/action-gh-release@v2 +# if: startsWith(github.ref, 'refs/tags/') +# with: +# tag_name: ${{ github.ref_name }} +# files: | +# soot-wrapper-rev-hash.txt/soot-wrapper-rev-hash.txt +# soot-wrapper-11.zip/soot-wrapper-11.zip +# soot-wrapper-17.zip/soot-wrapper-17.zip +# soot-wrapper-21.zip/soot-wrapper-21.zip +# +# major-release: +# runs-on: ubuntu-latest +# needs: goreleaser +# steps: +# - uses: actions/checkout@v4 +# with: +# fetch-depth: 0 +# - name: Update major release tag +# id: major-tag +# run: | +# # returns v1, v2, etc, everything to the left of the leftmost dot. +# MAJOR_VERSION="${GITHUB_REF_NAME%%.*}" +# MAJOR_TAG="release-${MAJOR_VERSION}" +# echo "MAJOR_VERSION=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" +# echo "MAJOR_TAG=${MAJOR_TAG}" >> "$GITHUB_OUTPUT" +# git tag -f "${MAJOR_TAG}" +# git push -f origin "${MAJOR_TAG}" +# - name: Fetch assets from actual release +# env: +# MAJOR_TAG: ${{ steps.major-tag.outputs.MAJOR_TAG }} +# GH_TOKEN: ${{ github.token }} +# run: | +# gh release download --pattern="cli_*.tar.gz" "${GITHUB_REF_NAME}" +# - name: Create or update release +# uses: softprops/action-gh-release@v2 +# with: +# body: Latest release for the ${{ steps.major-tag.outputs.MAJOR_VERSION }} branch of the CLI +# name: Latest ${{ steps.major-tag.outputs.MAJOR_VERSION }} CLI +# tag_name: ${{ steps.major-tag.outputs.MAJOR_TAG }} +# fail_on_unmatched_files: true +# make_latest: false +# files: "cli_*.tar.gz" +# +# +# aur: +# runs-on: ubuntu-latest +# needs: goreleaser +# container: +# image: archlinux/archlinux:base-devel +# steps: +# - name: Prepare Arch Linux container +# run: | +# pacman -Syu --noconfirm git go openssh pacman-contrib +# useradd -m aur +# +# # Setup SSH access to aur.archlinux.org +# - uses: webfactory/ssh-agent@v0.9.0 +# with: +# ssh-private-key: ${{ secrets.AUR_SSH_PRIVATE_KEY }} +# +# # Now actually clone AUR repo, and update to new version +# - name: Build package and update AUR +# run: | +# export NEW_VERSION="${GITHUB_REF_NAME#v}" +# sudo -u aur sh -c "mkdir -p /home/aur/.ssh && chmod 700 /home/aur/.ssh && touch /home/aur/.ssh/known_hosts && chmod 600 /home/aur/.ssh/known_hosts" +# sudo -u aur sh -c "echo 'aur.archlinux.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuBKrPzbawxA/k2g6NcyV5jmqwJ2s+zpgZGZ7tpLIcN' >> /home/aur/.ssh/known_hosts" +# mkdir -p /root/.ssh && chmod 700 /root/.ssh && cp /home/aur/.ssh/known_hosts /root/.ssh/known_hosts && chown root: /root/.ssh/known_hosts +# # clone repo +# git clone aur@aur.archlinux.org:debricked.git debricked +# chown -R aur debricked/ +# cd debricked/ +# sudo -u aur NEW_VERSION="${NEW_VERSION}" make update_version +# sudo -u aur make package +# sudo -u aur git diff +# sudo -u aur git config user.email noreply@debricked.com +# sudo -u aur git config user.name "Debricked build bot" +# git config --global --add safe.directory "$PWD" +# make push