hawkbit/.github/workflows/release.yml

name: Release

on:
  # enable running the workflow manually
  workflow_dispatch:
    inputs:
      revision:
        description: 'Release version'
        default: '0-SNAPSHOT'

jobs:
  release:
    runs-on: ubuntu-latest

    permissions:
      contents: write

    services:
      rabbitmq:
        image: rabbitmq:3-management-alpine
        env:
          RABBITMQ_DEFAULT_VHOST: /
          RABBITMQ_DEFAULT_USER: guest
          RABBITMQ_DEFAULT_PASS: guest
        ports:
          - 15672:15672
          - 5672:5672

    steps:
      - uses: actions/checkout@v4

      - name: Set up JDK & Maven Central credentials
        uses: actions/setup-java@v4
        with:
          distribution: 'temurin'
          java-version: 21
          cache: 'maven'
          server-id: central
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          gpg-passphrase: MAVEN_GPG_PASSPHRASE

      - name: Cache local Maven repository
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-

      - name: Check file license headers
        run: mvn clean license:check -PcheckLicense --batch-mode
      - name: Check dependency licenses with dash tool
        run: |
          if [ "${REVISION}" = "0-SNAPSHOT" ]; then
              DASH_FAIL=false
          else
              DASH_FAIL=true
          fi
          mvn install -DskipTests -DskipJavadoc --batch-mode
          mvn license-tool:license-check -PcheckLicense -Ddash.fail=${DASH_FAIL} -Ddash.iplab.token=${GITLAB_API_TOKEN} --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test' --batch-mode
          CHANGED_FILES_COUNT=$(git status --short | wc -l)
          CHANGED_FILES_COUNT=${CHANGED_FILES_COUNT//[[:space:]]/}
          echo "Number of changed files: ${CHANGED_FILES_COUNT}"
          if [ "${CHANGED_FILES_COUNT}" -ne 0 ]; then
            if [ "${CHANGED_FILES_COUNT}" -eq 1 ]; then
                DEPENDENCY_FILE=".3rd-party/DEPENDENCIES"
                DEPENDENCIES_MODIFIED=$(git status --short | grep ".3rd-party/DEPENDENCIES")
                # Check if the file is modified
                if [[ -n "$DEPENDENCIES_MODIFIED" ]]; then
                    echo "${DEPENDENCY_FILE} changed - commit it"
                    git config --local user.name "github-actions[bot]"
                    git config --local user.email "github-actions[bot]@users.noreply.github.com"
                    git add ${DEPENDENCY_FILE} && git commit -m "[Release] Automated commit of ${DEPENDENCY_FILE} changes" && git push
                else
                    echo "Unexpected changes:"
                    git status --short
                    exit 1
                fi
            else
                echo "More than one file has changed:"
                git status --short
                exit 1
            fi
          fi
        env:
          REVISION: ${{ github.event.inputs.revision }}
          GITLAB_API_TOKEN: ${{ secrets.GITLAB_API_TOKEN }}

      - name: Run build javadoc, verify (test)
        run: mvn verify javadoc:jar -Dadditionalparam=-Xdoclint:none -Drevision=${REVISION} --batch-mode
        env:
          REVISION: ${{ github.event.inputs.revision }}

      - name: Deploy
        run: mvn deploy -Ppublish -DskipTests -Drevision=${REVISION} --batch-mode
        env:
          REVISION: ${{ github.event.inputs.revision }}
          MAVEN_USERNAME: ${{ secrets.CENTRAL_SONATYPE_TOKEN_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.CENTRAL_SONATYPE_TOKEN_PASSWORD }}
          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
      - name: Tag release
        run: |
          if [ "${REVISION}" != "0-SNAPSHOT" ]; then
              git config --local user.name "github-actions[bot]"
              git config --local user.email "github-actions[bot]@users.noreply.github.com"
              git tag -a ${REVISION} -m "Release version ${REVISION}" && git push origin ${REVISION}
          fi
        env:
          REVISION: ${{ github.event.inputs.revision }}