|
|
|
@ -6,113 +6,50 @@ on: |
|
|
|
- '**' |
|
|
|
- '**' |
|
|
|
schedule: |
|
|
|
schedule: |
|
|
|
- cron: '0 10 * * *' # Once per day at 10am UTC |
|
|
|
- cron: '0 10 * * *' # Once per day at 10am UTC |
|
|
|
|
|
|
|
workflow_dispatch: |
|
|
|
env: |
|
|
|
|
|
|
|
RUN_JOBS: ${{ github.repository == 'spring-projects/spring-authorization-server' }} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
jobs: |
|
|
|
jobs: |
|
|
|
prerequisites: |
|
|
|
|
|
|
|
name: Pre-requisites for building |
|
|
|
|
|
|
|
runs-on: ubuntu-latest |
|
|
|
|
|
|
|
outputs: |
|
|
|
|
|
|
|
runjobs: ${{ steps.continue.outputs.runjobs }} |
|
|
|
|
|
|
|
project_version: ${{ steps.continue.outputs.project_version }} |
|
|
|
|
|
|
|
steps: |
|
|
|
|
|
|
|
- uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- id: continue |
|
|
|
|
|
|
|
name: Determine if should continue |
|
|
|
|
|
|
|
if: env.RUN_JOBS == 'true' |
|
|
|
|
|
|
|
run: | |
|
|
|
|
|
|
|
# Run jobs if in upstream repository |
|
|
|
|
|
|
|
echo "runjobs=true" >> $GITHUB_OUTPUT |
|
|
|
|
|
|
|
# Extract version from gradle.properties |
|
|
|
|
|
|
|
version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') |
|
|
|
|
|
|
|
echo "project_version=$version" >> $GITHUB_OUTPUT |
|
|
|
|
|
|
|
build: |
|
|
|
build: |
|
|
|
name: Build |
|
|
|
name: Build |
|
|
|
needs: [prerequisites] |
|
|
|
uses: spring-io/spring-security-release-tools/.github/workflows/build.yml@v1 |
|
|
|
strategy: |
|
|
|
strategy: |
|
|
|
matrix: |
|
|
|
matrix: |
|
|
|
os: [ubuntu-latest, windows-latest] |
|
|
|
os: [ubuntu-latest, windows-latest] |
|
|
|
jdk: [17] |
|
|
|
jdk: [17] |
|
|
|
fail-fast: false |
|
|
|
|
|
|
|
runs-on: ${{ matrix.os }} |
|
|
|
|
|
|
|
if: needs.prerequisites.outputs.runjobs |
|
|
|
|
|
|
|
steps: |
|
|
|
|
|
|
|
- uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- name: Set up JDK ${{ matrix.jdk }} |
|
|
|
|
|
|
|
uses: spring-io/spring-gradle-build-action@v2 |
|
|
|
|
|
|
|
with: |
|
|
|
with: |
|
|
|
|
|
|
|
runs-on: ${{ matrix.os }} |
|
|
|
java-version: ${{ matrix.jdk }} |
|
|
|
java-version: ${{ matrix.jdk }} |
|
|
|
distribution: temurin |
|
|
|
distribution: temurin |
|
|
|
- name: Build with Gradle |
|
|
|
secrets: inherit |
|
|
|
env: |
|
|
|
test: |
|
|
|
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} |
|
|
|
name: Test Against Snapshots |
|
|
|
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} |
|
|
|
uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1 |
|
|
|
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} |
|
|
|
|
|
|
|
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} |
|
|
|
|
|
|
|
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} |
|
|
|
|
|
|
|
run: ./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" |
|
|
|
|
|
|
|
snapshot_tests: |
|
|
|
|
|
|
|
name: Test against snapshots |
|
|
|
|
|
|
|
needs: [prerequisites] |
|
|
|
|
|
|
|
runs-on: ubuntu-latest |
|
|
|
|
|
|
|
if: needs.prerequisites.outputs.runjobs |
|
|
|
|
|
|
|
steps: |
|
|
|
|
|
|
|
- uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- name: Set up JDK |
|
|
|
|
|
|
|
uses: spring-io/spring-gradle-build-action@v2 |
|
|
|
|
|
|
|
with: |
|
|
|
with: |
|
|
|
java-version: 17 |
|
|
|
test-args: --refresh-dependencies --stacktrace -PforceMavenRepositories=snapshot -PspringFrameworkVersion=6.0.+ -PspringSecurityVersion=6.1.+ |
|
|
|
distribution: temurin |
|
|
|
secrets: inherit |
|
|
|
- name: Snapshot Tests |
|
|
|
deploy-artifacts: |
|
|
|
env: |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} |
|
|
|
|
|
|
|
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} |
|
|
|
|
|
|
|
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} |
|
|
|
|
|
|
|
run: ./gradlew test --refresh-dependencies -Duser.name=spring-builds+github -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PspringFrameworkVersion='6.0.+' -PspringSecurityVersion='6.1.+' -PlocksDisabled --stacktrace |
|
|
|
|
|
|
|
deploy_artifacts: |
|
|
|
|
|
|
|
name: Deploy Artifacts |
|
|
|
name: Deploy Artifacts |
|
|
|
needs: [build, snapshot_tests] |
|
|
|
needs: [build, test] |
|
|
|
runs-on: ubuntu-latest |
|
|
|
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 |
|
|
|
steps: |
|
|
|
|
|
|
|
- uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- name: Set up JDK |
|
|
|
|
|
|
|
uses: spring-io/spring-gradle-build-action@v2 |
|
|
|
|
|
|
|
with: |
|
|
|
with: |
|
|
|
java-version: 17 |
|
|
|
should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} |
|
|
|
distribution: temurin |
|
|
|
secrets: inherit |
|
|
|
- name: Deploy Artifacts |
|
|
|
deploy-docs: |
|
|
|
env: |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} |
|
|
|
|
|
|
|
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} |
|
|
|
|
|
|
|
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} |
|
|
|
|
|
|
|
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} |
|
|
|
|
|
|
|
OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_S01_TOKEN_USERNAME }} |
|
|
|
|
|
|
|
OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_S01_TOKEN_PASSWORD }} |
|
|
|
|
|
|
|
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} |
|
|
|
|
|
|
|
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} |
|
|
|
|
|
|
|
run: ./gradlew publishArtifacts finalizeDeployArtifacts -Duser.name=spring-builds+github -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace |
|
|
|
|
|
|
|
deploy_docs: |
|
|
|
|
|
|
|
name: Deploy Docs |
|
|
|
name: Deploy Docs |
|
|
|
needs: [build, snapshot_tests] |
|
|
|
needs: [build, test] |
|
|
|
runs-on: ubuntu-latest |
|
|
|
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1 |
|
|
|
steps: |
|
|
|
|
|
|
|
- uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- name: Set up JDK |
|
|
|
|
|
|
|
uses: spring-io/spring-gradle-build-action@v2 |
|
|
|
|
|
|
|
with: |
|
|
|
with: |
|
|
|
java-version: 17 |
|
|
|
should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }} |
|
|
|
distribution: temurin |
|
|
|
secrets: inherit |
|
|
|
- name: Deploy Docs |
|
|
|
perform-release: |
|
|
|
env: |
|
|
|
name: Perform Release |
|
|
|
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} |
|
|
|
needs: [deploy-artifacts, deploy-docs] |
|
|
|
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} |
|
|
|
uses: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml@v1 |
|
|
|
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} |
|
|
|
with: |
|
|
|
DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} |
|
|
|
should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }} |
|
|
|
DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} |
|
|
|
project-version: ${{ needs.deploy-artifacts.outputs.project-version }} |
|
|
|
DOCS_HOST: ${{ secrets.DOCS_HOST }} |
|
|
|
milestone-repo-url: https://repo.spring.io/artifactory/milestone |
|
|
|
run: ./gradlew deployDocs -Duser.name=spring-builds+github -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace |
|
|
|
release-repo-url: https://repo1.maven.org/maven2 |
|
|
|
|
|
|
|
artifact-path: org/springframework/security/spring-security-oauth2-authorization-server |
|
|
|
|
|
|
|
slack-announcing-id: spring-authorization-server-announcing |
|
|
|
|
|
|
|
secrets: inherit |
Steve Riesenberg
2 years ago