Merge pull request #73 from fortify/release-v2.0.5 #95

Workflow file for this run

	on:
	push:
	branches:
	- '**'

	env:
	DIST_DIR: ${{ github.workspace }}/build/dist

	name: CI
	jobs:
	ci:
	runs-on: ubuntu-latest
	steps:
	- name: Check-out source code
	uses: actions/checkout@v2

	- name: PROD - Prepare GitHub release
	id: create_prod_release
	uses: GoogleCloudPlatform/release-please-action@v2
	if: github.ref == 'refs/heads/main'
	with:
	command: github-release
	release-type: simple
	package-name: ${{ github.event.repository.name }}

	- name: PROD - Define release info
	if: steps.create_prod_release.outputs.release_created
	run: \|
	tag=${{steps.create_prod_release.outputs.tag_name}}
	version=${{steps.create_prod_release.outputs.version}}
	major=${{steps.create_prod_release.outputs.major}}
	minor=${{steps.create_prod_release.outputs.minor}}
	patch=${{steps.create_prod_release.outputs.patch}}
	echo DO_BUILD=true >> $GITHUB_ENV
	echo DO_RELEASE=true >> $GITHUB_ENV
	echo DO_PROD_RELEASE=true >> $GITHUB_ENV
	echo RELEASE_TAG=${tag} >> $GITHUB_ENV
	echo RELEASE_VERSION=${version} >> $GITHUB_ENV
	echo DOCKER_TAG=${version} >> $GITHUB_ENV
	echo DOCKER_EXTRA_TAGS=latest,stable,v${version},${major}.${minor},v${major}.${minor},${major},v${major} >> $GITHUB_ENV

	- name: DEV - Define release info
	if: startsWith(github.ref, 'refs/heads/') && !env.DO_PROD_RELEASE
	run: \|
	branch="${GITHUB_REF#refs/heads/}"
	tag="dev_${branch//[^a-zA-Z0-9_.-]/.}" # Replace all special characters by a dot
	version="0.$(date +'%Y%m%d.%H%M%S')-${tag}"
	echo DO_BUILD=true >> $GITHUB_ENV # We always want to do a build if we're building a branch
	echo BRANCH=${branch} >> $GITHUB_ENV
	echo RELEASE_TAG=${tag} >> $GITHUB_ENV
	echo RELEASE_VERSION=${version} >> $GITHUB_ENV
	echo DOCKER_TAG=${tag} >> $GITHUB_ENV
	if [ "${branch}" == "main" ]; then
	echo DOCKER_EXTRA_TAGS=latest_rc >> $GITHUB_ENV
	fi

	if git ls-remote --exit-code origin refs/tags/${tag} >/dev/null 2>&1; then
	echo "Found tag ${tag}, development release will be published"
	echo DO_RELEASE=true >> $GITHUB_ENV
	echo DO_DEV_RELEASE=true >> $GITHUB_ENV
	else
	echo "Tag ${tag} does not exist, no development release will be published"
	fi

	- name: DEV - Prepare GitHub release
	if: env.DO_DEV_RELEASE
	run: \|
	gh release delete ${{ env.RELEASE_TAG }} -y \|\| true
	gh release create ${{ env.RELEASE_TAG }} -p -t "Development Release - ${{ env.BRANCH }} branch" -n 'See `Assets` section below for latest build artifacts'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Update documentation resources
	if: env.DO_BUILD
	run: bash doc-resources/update-repo-docs.sh

	- name: Build release ${{env.RELEASE_VERSION}}
	if: env.DO_BUILD
	run: ./gradlew dist distThirdParty -Pversion=${{env.RELEASE_VERSION}}

	- name: Publish build artifacts
	if: env.DO_BUILD
	uses: actions/upload-artifact@v2
	with:
	name: build_artifacts
	path: ${{ env.DIST_DIR }}

	- name: Publish Docker image
	if: env.DO_RELEASE
	run: ./gradlew jib -Pversion=${{env.RELEASE_VERSION}} -PjibImageTag=${{env.DOCKER_TAG}} -PjibExtraImageTags=${{env.DOCKER_EXTRA_TAGS}}
	env:
	DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
	DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}

	- name: PROD - Prepare release PR
	uses: GoogleCloudPlatform/release-please-action@v2
	if: github.ref == 'refs/heads/main'
	with:
	command: release-pr
	release-type: simple
	package-name: ${{ github.event.repository.name }}

	- name: DEV - Update ${{ env.RELEASE_TAG }} tag
	uses: richardsimko/update-tag@v1
	if: env.DO_DEV_RELEASE
	with:
	tag_name: ${{ env.RELEASE_TAG }}
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload assets to release
	if: env.DO_RELEASE
	run: \|
	files=$(find "${{ env.DIST_DIR }}" -type f -printf "%p ")
	gh release upload "${{ env.RELEASE_TAG }}" $files --clobber
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}


	test_artifacts_java:
	runs-on: ubuntu-latest
	needs: ci
	strategy:
	matrix:
	java: [ '8', '11', '17']
	steps:
	- name: Setup java
	uses: actions/setup-java@v2
	with:
	distribution: 'adopt'
	java-version: ${{ matrix.java }}
	- name: Download artifacts
	uses: actions/download-artifact@v2
	with:
	name: build_artifacts
	- name: Test distribution
	run: \|
	unzip FortifyVulnerabilityExporter.zip
	echo '[{"hello": "world"}]' > test.json
	java -jar FortifyVulnerabilityExporter.jar --export.from=raw --export.to=raw --raw.input=test.json --raw.output.stdout=true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #73 from fortify/release-v2.0.5 #95

Workflow file

Merge pull request #73 from fortify/release-v2.0.5 #95

Jobs

Run details

Workflow file for this run