Skip to content
Build Java Release

Bump package versions to v0.4.1 (#587) #6

Sign in to view logs

Bump package versions to v0.4.1 (#587)

Bump package versions to v0.4.1 (#587) #6

Workflow file for this run

.github/workflows/java-release.yml at 8491463
name: Build Java Release
on:
push:
tags:
# if you change this pattern, make sure jobs.strip-tag still works
- 'release/java/v[0-9]+.[0-9]+.[0-9]+'
permissions: {}
jobs:
ci:
permissions:
contents: read
uses: ./.github/workflows/java-build.yml
strip-tag:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version.outputs.version }}
steps:
- name: process tag
id: version
env:
TAG: ${{ github.ref_name }}
run: |
echo "version=${TAG#"release/java/v"}" >> $GITHUB_OUTPUT
build:
runs-on: ubuntu-latest
needs: [ci, strip-tag]
permissions:
contents: read # to checkout code
id-token: write # to sign with sigstore
steps:
- name: checkout tag
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Set up JDK 11
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: 11
distribution: 'temurin'
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935 # v2.1.8
with:
workload_identity_provider: projects/306323169285/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider
service_account: protobuf-specs-releaser@sigstore-secrets.iam.gserviceaccount.com
- uses: google-github-actions/get-secretmanager-secrets@a8440875e1c2892062aef9061228d4f1af8f919b # v2.2.3
id: secrets
with:
secrets: |-
signing_key:sigstore-secrets/sigstore-java-pgp-priv-key
signing_password:sigstore-secrets/sigstore-java-pgp-priv-key-password
sonatype_username:sigstore-secrets/sigstore-java-sonatype-username
sonatype_password:sigstore-secrets/sigstore-java-sonatype-password
- name: Build, Sign and Push to Maven Central
# TODO: someone still needs to close and release this, but that can be automated next
working-directory: ./java
env:
VERSION: ${{ needs.strip-tag.outputs.version }}
ORG_GRADLE_PROJECT_signingKey: ${{ steps.secrets.outputs.signing_key }}
ORG_GRADLE_PROJECT_signingPassword: ${{ steps.secrets.outputs.signing_password }}
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ steps.secrets.outputs.sonatype_username }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ steps.secrets.outputs.sonatype_password }}
run: |
./gradlew clean :publishProtoPublicationToSonatypeRepository -Pversion=${VERSION} -Prelease