From 20b3e6120d07717503b5be5e5012c864905e2035 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Nicoll?= Date: Thu, 3 Oct 2024 15:28:16 +0200 Subject: [PATCH] Apply conventions to existing Actions and Workflows This commit applies the conventions that we documented on our wiki, see https://github.com/spring-projects/spring-boot/wiki/GitHub-Actions. In no particular order this: * Use consistent single quotes for descriptions * Order elements in a predictable order. In particular, inputs, outputs, and environment variables are ordered alphabetically Closes gh-42512 --- .github/actions/build/action.yml | 66 +++++++++---------- .../actions/create-github-release/action.yml | 10 +-- .../actions/prepare-gradle-build/action.yml | 24 +++---- .../actions/print-jvm-thread-dumps/action.yml | 2 +- .../actions/publish-gradle-plugin/action.yml | 22 +++---- .github/actions/publish-to-sdkman/action.yml | 18 ++--- .github/actions/send-notification/action.yml | 28 ++++---- .../actions/sync-to-maven-central/action.yml | 20 +++--- .../workflows/build-and-deploy-snapshot.yml | 34 +++++----- .github/workflows/build-pull-request.yml | 10 +-- .github/workflows/ci.yml | 22 +++---- .github/workflows/distribute.yml | 10 +-- .github/workflows/release.yml | 30 ++++----- .github/workflows/run-system-tests.yml | 12 ++-- .github/workflows/verify.yml | 44 ++++++++----- 15 files changed, 184 insertions(+), 168 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 6f0eb165b5f..1c18d5c0299 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -1,47 +1,47 @@ -name: 'Build' +name: Build description: 'Builds the project, optionally publishing it to a local deployment repository' inputs: - java-version: + commercial-release-repository-url: + description: 'URL of the release repository' required: false - default: '17' - description: 'The Java version to compile and test with' - java-early-access: + commercial-repository-password: + description: 'Password for authentication with the commercial repository' required: false - default: 'false' - description: 'Whether the Java version is in early access' - java-toolchain: + commercial-repository-username: + description: 'Username for authentication with the commercial repository' + required: false + commercial-snapshot-repository-url: + description: 'URL of the snapshot repository' + required: false + develocity-access-key: + description: 'Access key for authentication with ge.spring.io' required: false - default: 'false' - description: 'Whether a Java toolchain should be used' java-distribution: + description: 'Java distribution to use' required: false default: 'liberica' - description: 'The distribution of Java to use' - publish: + java-early-access: + description: 'Whether the Java version is in early access' required: false default: 'false' - description: 'Whether to publish artifacts ready for deployment to Artifactory' - develocity-access-key: - required: false - description: 'The access key for authentication with ge.spring.io' - commercial-repository-username: - required: false - description: 'Username for authentication with the commercial repository' - commercial-repository-password: + java-toolchain: + description: 'Whether a Java toolchain should be used' required: false - description: 'Password for authentication with the commercial repository' - commercial-release-repository-url: + default: 'false' + java-version: + description: 'Java version to compile and test with' required: false - description: 'URL of the release repository' - commercial-snapshot-repository-url: + default: '17' + publish: + description: 'Whether to publish artifacts ready for deployment to Artifactory' required: false - description: 'URL of the snapshot repository' + default: 'false' outputs: build-scan-url: - description: 'The URL, if any, of the build scan produced by the build' + description: 'URL, if any, of the build scan produced by the build' value: ${{ (inputs.publish == 'true' && steps.publish.outputs.build-scan-url) || steps.build.outputs.build-scan-url }} version: - description: 'The version that was built' + description: 'Version that was built' value: ${{ steps.read-version.outputs.version }} runs: using: composite @@ -50,18 +50,18 @@ runs: uses: ./.github/actions/prepare-gradle-build with: develocity-access-key: ${{ inputs.develocity-access-key }} - java-version: ${{ inputs.java-version }} + java-distribution: ${{ inputs.java-distribution }} java-early-access: ${{ inputs.java-early-access }} java-toolchain: ${{ inputs.java-toolchain }} - java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} - name: Build id: build if: ${{ inputs.publish == 'false' }} shell: bash env: - COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }} - COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }} COMMERCIAL_RELEASE_REPO_URL: ${{ inputs.commercial-release-repository-url }} + COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }} + COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }} COMMERCIAL_SNAPSHOT_REPO_URL: ${{ inputs.commercial-snapshot-repository-url }} run: ./gradlew build - name: Publish @@ -69,9 +69,9 @@ runs: if: ${{ inputs.publish == 'true' }} shell: bash env: - COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }} - COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }} COMMERCIAL_RELEASE_REPO_URL: ${{ inputs.commercial-release-repository-url }} + COMMERCIAL_REPO_PASSWORD: ${{ inputs.commercial-repository-password }} + COMMERCIAL_REPO_USERNAME: ${{ inputs.commercial-repository-username }} COMMERCIAL_SNAPSHOT_REPO_URL: ${{ inputs.commercial-snapshot-repository-url }} run: ./gradlew -PdeploymentRepository=$(pwd)/deployment-repository ${{ !startsWith(github.event.head_commit.message, 'Next development version') && 'build' || '' }} publishAllPublicationsToDeploymentRepository - name: Read Version From gradle.properties diff --git a/.github/actions/create-github-release/action.yml b/.github/actions/create-github-release/action.yml index e0120764f1e..a33b0b9b43d 100644 --- a/.github/actions/create-github-release/action.yml +++ b/.github/actions/create-github-release/action.yml @@ -1,11 +1,11 @@ name: Create GitHub Release -description: Create the release on GitHub with a changelog +description: 'Create the release on GitHub with a changelog' inputs: milestone: - description: Name of the GitHub milestone for which a release will be created + description: 'Name of the GitHub milestone for which a release will be created' required: true token: - description: Token to use for authentication with GitHub + description: 'Token to use for authentication with GitHub' required: true runs: using: composite @@ -13,11 +13,11 @@ runs: - name: Generate Changelog uses: spring-io/github-changelog-generator@185319ad7eaa75b0e8e72e4b6db19c8b2cb8c4c1 #v0.0.11 with: + config-file: .github/actions/create-github-release/changelog-generator.yml milestone: ${{ inputs.milestone }} token: ${{ inputs.token }} - config-file: .github/actions/create-github-release/changelog-generator.yml - name: Create GitHub Release + shell: bash env: GITHUB_TOKEN: ${{ inputs.token }} - shell: bash run: gh release create ${{ format('v{0}', inputs.milestone) }} --notes-file changelog.md diff --git a/.github/actions/prepare-gradle-build/action.yml b/.github/actions/prepare-gradle-build/action.yml index 5404276dd71..50bfd012cdc 100644 --- a/.github/actions/prepare-gradle-build/action.yml +++ b/.github/actions/prepare-gradle-build/action.yml @@ -1,25 +1,25 @@ -name: 'Prepare Gradle Build' +name: Prepare Gradle Build description: 'Prepares a Gradle build. Sets up Java and Gradle and configures Gradle properties' inputs: - java-version: + develocity-access-key: + description: 'Access key for authentication with ge.spring.io' required: false - default: '17' - description: 'The Java version to use for the build' - java-early-access: + java-distribution: + description: 'Java distribution to use' required: false - default: 'false' + default: 'liberica' + java-early-access: description: 'Whether the Java version is in early access. When true, forces java-distribution to temurin' - java-toolchain: required: false default: 'false' + java-toolchain: description: 'Whether a Java toolchain should be used' - java-distribution: required: false - default: 'liberica' - description: 'The distribution of Java to use' - develocity-access-key: + default: 'false' + java-version: + description: 'Java version to use for the build' required: false - description: 'The access key for authentication with ge.spring.io' + default: '17' runs: using: composite steps: diff --git a/.github/actions/print-jvm-thread-dumps/action.yml b/.github/actions/print-jvm-thread-dumps/action.yml index 9b0905b7772..bcaebf3676a 100644 --- a/.github/actions/print-jvm-thread-dumps/action.yml +++ b/.github/actions/print-jvm-thread-dumps/action.yml @@ -1,5 +1,5 @@ name: Print JVM thread dumps -description: Prints a thread dump for all running JVMs +description: 'Prints a thread dump for all running JVMs' runs: using: composite steps: diff --git a/.github/actions/publish-gradle-plugin/action.yml b/.github/actions/publish-gradle-plugin/action.yml index eed0b5a8905..50d45f972a2 100644 --- a/.github/actions/publish-gradle-plugin/action.yml +++ b/.github/actions/publish-gradle-plugin/action.yml @@ -1,22 +1,22 @@ name: Publish Gradle Plugin -description: Publishes Spring Boot's Gradle plugin to the Plugin Portal +description: 'Publishes Spring Boot''s Gradle plugin to the Plugin Portal' inputs: - jfrog-cli-config-token: - description: 'Config token for the JFrog CLI' - required: true - plugin-version: - description: 'Version of the plugin' - required: true + build-number: + description: 'Build number to use when downloading plugin artifacts' + required: false + default: ${{ github.run_number }} gradle-plugin-publish-key: description: 'Gradle publishing key' required: true gradle-plugin-publish-secret: description: 'Gradle publishing secret' required: true - build-number: - description: 'The build number to use when downloading plugin artifacts' - required: false - default: ${{ github.run_number }} + jfrog-cli-config-token: + description: 'Config token for the JFrog CLI' + required: true + plugin-version: + description: 'Version of the plugin' + required: true runs: using: composite steps: diff --git a/.github/actions/publish-to-sdkman/action.yml b/.github/actions/publish-to-sdkman/action.yml index 7458c863ac5..3abdd67e27b 100644 --- a/.github/actions/publish-to-sdkman/action.yml +++ b/.github/actions/publish-to-sdkman/action.yml @@ -1,6 +1,10 @@ name: Publish to SDKMAN! -description: Publishes the release as a new candidate version on SDKMAN! +description: 'Publishes the release as a new candidate version on SDKMAN!' inputs: + make-default: + description: 'Whether the release should be made the default version' + required: false + default: 'false' sdkman-consumer-key: description: 'Key for publishing to SDKMAN!' required: true @@ -8,16 +12,13 @@ inputs: description: 'Token for publishing to SDKMAN!' required: true spring-boot-version: - description: 'The version to publish' + description: 'Version to publish' required: true - make-default: - description: 'Whether the release should be made the default version' - required: false - default: false runs: using: composite steps: - - shell: bash + - name: Publish Release + shell: bash run: > curl -X POST \ -H "Consumer-Key: ${{ inputs.sdkman-consumer-key }}" \ @@ -26,8 +27,9 @@ runs: -H "Accept: application/json" \ -d '{"candidate": "springboot", "version": "${{ inputs.spring-boot-version }}", "url": "${{ format('https://repo.maven.apache.org/maven2/org/springframework/boot/spring-boot-cli/{0}/spring-boot-cli-{0}-bin.zip', inputs.spring-boot-version) }}"}' \ https://vendors.sdkman.io/release - - shell: bash + - name: Flag Release as Default if: ${{ inputs.make-default == 'true' }} + shell: bash run: > curl -X PUT \ -H "Consumer-Key: ${{ inputs.sdkman-consumer-key }}" \ diff --git a/.github/actions/send-notification/action.yml b/.github/actions/send-notification/action.yml index d1389776397..b379e67897d 100644 --- a/.github/actions/send-notification/action.yml +++ b/.github/actions/send-notification/action.yml @@ -1,33 +1,39 @@ name: Send Notification -description: Sends a Google Chat message as a notification of the job's outcome +description: 'Sends a Google Chat message as a notification of the job''s outcome' inputs: - webhook-url: - description: 'Google Chat Webhook URL' - required: true - status: - description: 'Status of the job' - required: true build-scan-url: description: 'URL of the build scan to include in the notification' + required: false run-name: description: 'Name of the run to include in the notification' + required: false default: ${{ format('{0} {1}', github.ref_name, github.job) }} + status: + description: 'Status of the job' + required: true + webhook-url: + description: 'Google Chat Webhook URL' + required: true runs: using: composite steps: - - shell: bash + - name: Prepare Variables + shell: bash run: | echo "BUILD_SCAN=${{ inputs.build-scan-url == '' && ' [build scan unavailable]' || format(' [<{0}|Build Scan>]', inputs.build-scan-url) }}" >> "$GITHUB_ENV" echo "RUN_URL=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> "$GITHUB_ENV" - - shell: bash + - name: Success Notification if: ${{ inputs.status == 'success' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was successful ${{ env.BUILD_SCAN }}"}' || true - - shell: bash + - name: Failure Notification if: ${{ inputs.status == 'failure' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: " *<${{ env.RUN_URL }}|${{ inputs.run-name }}> failed* ${{ env.BUILD_SCAN }}"}' || true - - shell: bash + - name: Cancel Notification if: ${{ inputs.status == 'cancelled' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was cancelled"}' || true diff --git a/.github/actions/sync-to-maven-central/action.yml b/.github/actions/sync-to-maven-central/action.yml index 0fd8ebefbbd..2991e2dcc2a 100644 --- a/.github/actions/sync-to-maven-central/action.yml +++ b/.github/actions/sync-to-maven-central/action.yml @@ -1,11 +1,11 @@ name: Sync to Maven Central -description: Syncs a release to Maven Central and waits for it to be available for use +description: 'Syncs a release to Maven Central and waits for it to be available for use' inputs: jfrog-cli-config-token: description: 'Config token for the JFrog CLI' required: true - spring-boot-version: - description: 'The version of Spring Boot that is being synced to Central' + ossrh-s01-staging-profile: + description: 'Staging profile to use when syncing to Central' required: true ossrh-s01-token-username: description: 'Username for authentication with s01.oss.sonatype.org' @@ -13,8 +13,8 @@ inputs: ossrh-s01-token-password: description: 'Password for authentication with s01.oss.sonatype.org' required: true - ossrh-s01-staging-profile: - description: 'Staging profile to use when syncing to Central' + spring-boot-version: + description: 'Version of Spring Boot that is being synced to Central' required: true runs: using: composite @@ -29,14 +29,14 @@ runs: - name: Sync uses: spring-io/nexus-sync-action@42477a2230a2f694f9eaa4643fa9e76b99b7ab84 # v0.0.1 with: - username: ${{ inputs.ossrh-s01-token-username }} + close: true + create: true + generate-checksums: true password: ${{ inputs.ossrh-s01-token-password }} + release: true staging-profile-name: ${{ inputs.ossrh-s01-staging-profile }} - create: true upload: true - close: true - release: true - generate-checksums: true + username: ${{ inputs.ossrh-s01-token-username }} - name: Await shell: bash run: | diff --git a/.github/workflows/build-and-deploy-snapshot.yml b/.github/workflows/build-and-deploy-snapshot.yml index f9a8484d782..03b6453995f 100644 --- a/.github/workflows/build-and-deploy-snapshot.yml +++ b/.github/workflows/build-and-deploy-snapshot.yml @@ -8,8 +8,8 @@ concurrency: jobs: build-and-deploy-snapshot: name: Build and Deploy Snapshot - runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} + runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} steps: - name: Check Out Code uses: actions/checkout@v4 @@ -17,34 +17,34 @@ jobs: id: build-and-publish uses: ./.github/actions/build with: - develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - publish: true - commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} - commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }} + commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} + commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + publish: true - name: Deploy uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} - username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} - password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + artifact-properties: | + /**/spring-boot-docs-*.zip::zip.type=docs,zip.deployed=false build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }} - repository: ${{ vars.COMMERCIAL && 'spring-commercial-snapshot-local' || 'libs-snapshot-local' }} - project: ${{ vars.COMMERCIAL && 'spring' }} folder: 'deployment-repository' + password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + project: ${{ vars.COMMERCIAL && 'spring' }} + repository: ${{ vars.COMMERCIAL && 'spring-commercial-snapshot-local' || 'libs-snapshot-local' }} signing-key: ${{ secrets.GPG_PRIVATE_KEY }} signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} - artifact-properties: | - /**/spring-boot-docs-*.zip::zip.type=docs,zip.deployed=false + uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} + username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} - name: Send Notification - uses: ./.github/actions/send-notification if: always() + uses: ./.github/actions/send-notification with: - webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} - status: ${{ job.status }} build-scan-url: ${{ steps.build-and-publish.outputs.build-scan-url }} run-name: ${{ format('{0} | Linux | Java 17', github.ref_name) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} outputs: version: ${{ steps.build-and-publish.outputs.version }} verify: @@ -52,11 +52,11 @@ jobs: needs: build-and-deploy-snapshot uses: ./.github/workflows/verify.yml secrets: + commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} + commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} google-chat-webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} opensource-repository-password: ${{ secrets.ARTIFACTORY_PASSWORD }} opensource-repository-username: ${{ secrets.ARTIFACTORY_USERNAME }} - commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} - commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} with: version: ${{ needs.build-and-deploy-snapshot.outputs.version }} diff --git a/.github/workflows/build-pull-request.yml b/.github/workflows/build-pull-request.yml index 56a064ca5ae..b0131d1362b 100644 --- a/.github/workflows/build-pull-request.yml +++ b/.github/workflows/build-pull-request.yml @@ -5,19 +5,19 @@ permissions: jobs: build: name: Build Pull Request - runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} if: ${{ github.repository == 'spring-projects/spring-boot' }} + runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} steps: - name: Free Disk Space uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: - large-packages: false docker-images: false + large-packages: false - name: Set Up JDK 17 uses: actions/setup-java@v4 with: - java-version: '17' distribution: 'liberica' + java-version: '17' - name: Check Out uses: actions/checkout@v4 - name: Validate Gradle Wrapper @@ -30,11 +30,11 @@ jobs: GRADLE_ENTERPRISE_URL: 'https://ge.spring.io' run: ./gradlew -Dorg.gradle.internal.launcher.welcomeMessageEnabled=false --no-daemon --no-parallel --continue build - name: Print JVM Thread Dumps When Cancelled - uses: ./.github/actions/print-jvm-thread-dumps if: cancelled() + uses: ./.github/actions/print-jvm-thread-dumps - name: Upload Build Reports - uses: actions/upload-artifact@v4 if: failure() + uses: actions/upload-artifact@v4 with: name: build-reports path: '**/build/reports/' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 45f2ac4b839..216508ab597 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,8 +8,8 @@ concurrency: jobs: ci: name: '${{ matrix.os.name}} | Java ${{ matrix.java.version}}' - runs-on: ${{ matrix.os.id }} if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} + runs-on: ${{ matrix.os.id }} strategy: fail-fast: false matrix: @@ -45,20 +45,20 @@ jobs: id: build uses: ./.github/actions/build with: - java-version: ${{ matrix.java.version }} - java-early-access: ${{ matrix.java.early-access || 'false' }} - java-toolchain: ${{ matrix.java.toolchain }} - java-distribution: ${{ matrix.java.distribution }} - develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} - commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }} + commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} + commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + java-early-access: ${{ matrix.java.early-access || 'false' }} + java-distribution: ${{ matrix.java.distribution }} + java-toolchain: ${{ matrix.java.toolchain }} + java-version: ${{ matrix.java.version }} - name: Send Notification - uses: ./.github/actions/send-notification if: always() + uses: ./.github/actions/send-notification with: - webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} - status: ${{ job.status }} build-scan-url: ${{ steps.build.outputs.build-scan-url }} run-name: ${{ format('{0} | {1} | Java {2}', github.ref_name, matrix.os.name, matrix.java.version) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} diff --git a/.github/workflows/distribute.yml b/.github/workflows/distribute.yml index 41cfee482cc..55f9a9c3685 100644 --- a/.github/workflows/distribute.yml +++ b/.github/workflows/distribute.yml @@ -2,12 +2,8 @@ name: Distribute on: workflow_dispatch: inputs: - version: - description: 'The version to bundle and distribute' - required: true - type: string build-number: - description: 'The number of the build to use to create the bundle' + description: 'Number of the build to use to create the bundle' required: true type: string create-bundle: @@ -15,6 +11,10 @@ on: required: true type: boolean default: true + version: + description: 'Version to bundle and distribute' + required: true + type: string jobs: distribute-spring-enterprise-release-bundle: runs-on: ${{ vars.UBUNTU_SMALL || 'ubuntu-latest' }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 222f2f4864e..bf4117737b6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,8 +8,8 @@ concurrency: jobs: build-and-stage-release: name: Build and Stage Release - runs-on: ${{ vars.UBUNTU_MEDIUIM || 'ubuntu-latest' }} if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} + runs-on: ${{ vars.UBUNTU_MEDIUIM || 'ubuntu-latest' }} steps: - name: Check Out Code uses: actions/checkout@v4 @@ -17,40 +17,40 @@ jobs: id: build-and-publish uses: ./.github/actions/build with: - develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - publish: true - commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} - commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} commercial-release-repository-url: ${{ vars.COMMERCIAL_RELEASE_REPO_URL }} + commercial-repository-password: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_PASSWORD }} + commercial-repository-username: ${{ secrets.COMMERCIAL_ARTIFACTORY_RO_USERNAME }} commercial-snapshot-repository-url: ${{ vars.COMMERCIAL_SNAPSHOT_REPO_URL }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + publish: true - name: Stage Release uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} - username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} - password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + artifact-properties: | + /**/spring-boot-docs-*.zip::zip.type=docs,zip.deployed=false build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }} - repository: ${{ vars.COMMERCIAL && 'spring-enterprise-maven-stage-local' || 'libs-staging-local' }} - project: ${{ vars.COMMERCIAL && 'spring' }} folder: 'deployment-repository' + password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + project: ${{ vars.COMMERCIAL && 'spring' }} + repository: ${{ vars.COMMERCIAL && 'spring-enterprise-maven-stage-local' || 'libs-staging-local' }} signing-key: ${{ secrets.GPG_PRIVATE_KEY }} signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} - artifact-properties: | - /**/spring-boot-docs-*.zip::zip.type=docs,zip.deployed=false + uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} + username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} outputs: version: ${{ steps.build-and-publish.outputs.version }} verify: name: Verify needs: build-and-stage-release uses: ./.github/workflows/verify.yml - with: - staging: true - version: ${{ needs.build-and-stage-release.outputs.version }} secrets: google-chat-webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} repository-password: ${{ secrets.ARTIFACTORY_PASSWORD }} repository-username: ${{ secrets.ARTIFACTORY_USERNAME }} token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} + with: + staging: true + version: ${{ needs.build-and-stage-release.outputs.version }} sync-to-maven-central: name: Sync to Maven Central if: ${{ !COMMERCIAL }} diff --git a/.github/workflows/run-system-tests.yml b/.github/workflows/run-system-tests.yml index af1d9449e0b..c0a6e71e5ce 100644 --- a/.github/workflows/run-system-tests.yml +++ b/.github/workflows/run-system-tests.yml @@ -8,8 +8,8 @@ concurrency: jobs: run-system-tests: name: 'Java ${{ matrix.java.version}}' - runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} if: ${{ github.repository == 'spring-projects/spring-boot' }} + runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} strategy: matrix: java: @@ -24,17 +24,17 @@ jobs: uses: ./.github/actions/prepare-gradle-build with: develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - java-version: ${{ matrix.java.version }} java-toolchain: ${{ matrix.java.toolchain }} + java-version: ${{ matrix.java.version }} - name: Run System Tests id: run-system-tests shell: bash run: ./gradlew systemTest - name: Send Notification - uses: ./.github/actions/send-notification if: always() + uses: ./.github/actions/send-notification with: - webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} - status: ${{ job.status }} build-scan-url: ${{ steps.run-system-tests.outputs.build-scan-url }} - run-name: ${{ format('{0} | System Tests | Java {1}', github.ref_name, matrix.java.version) }} \ No newline at end of file + run-name: ${{ format('{0} | System Tests | Java {1}', github.ref_name, matrix.java.version) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 999a9fcef9a..2a16a8f68c2 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -2,25 +2,33 @@ name: Verify on: workflow_call: inputs: - version: - required: true - type: string staging: + description: 'Whether the release to verify is in the staging repository' required: false default: false type: boolean + version: + description: 'Version to verify' + required: true + type: string secrets: - opensource-repository-username: - required: false - opensource-repository-password: + commercial-repository-password: + description: 'Password for authentication with the commercial repository' required: false commercial-repository-username: - required: false - commercial-repository-password: + description: 'Username for authentication with the commercial repository' required: false google-chat-webhook-url: + description: 'Google Chat Webhook URL' required: true + opensource-repository-password: + description: 'Password for authentication with the open-source repository' + required: false + opensource-repository-username: + description: 'Username for authentication with the open-source repository' + required: false token: + description: 'Token to use for authentication with GitHub' required: true jobs: verify: @@ -30,8 +38,8 @@ jobs: - name: Check Out Release Verification Tests uses: actions/checkout@v4 with: - repository: spring-projects/spring-boot-release-verification ref: 'v0.0.6' + repository: spring-projects/spring-boot-release-verification token: ${{ secrets.token }} - name: Check Out Send Notification Action uses: actions/checkout@v4 @@ -57,24 +65,24 @@ jobs: echo 'org.gradle.daemon=false' >> $HOME/.gradle/gradle.properties - name: Run Release Verification Tests env: - RVT_VERSION: ${{ inputs.version }} + RVT_COMMERCIAL_REPOSITORY_PASSWORD: ${{ secrets.commercial-repository-password }} + RVT_COMMERCIAL_REPOSITORY_USERNAME: ${{ secrets.commercial-repository-username }} + RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.opensource-repository-password }} + RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.opensource-repository-username }} RVT_RELEASE_TYPE: ${{ vars.COMMERCIAL && 'commercial' || 'oss' }} RVT_STAGING: ${{ inputs.staging }} - RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.opensource-repository-username }} - RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.opensource-repository-password }} - RVT_COMMERCIAL_REPOSITORY_USERNAME: ${{ secrets.commercial-repository-username }} - RVT_COMMERCIAL_REPOSITORY_PASSWORD: ${{ secrets.commercial-repository-password }} + RVT_VERSION: ${{ inputs.version }} run: ./gradlew spring-boot-release-verification-tests:test - name: Upload Build Reports on Failure - uses: actions/upload-artifact@v4 if: failure() + uses: actions/upload-artifact@v4 with: name: build-reports path: '**/build/reports/' - name: Send Notification - uses: ./send-notification/.github/actions/send-notification if: always() + uses: ./send-notification/.github/actions/send-notification with: - webhook-url: ${{ secrets.google-chat-webhook-url }} - status: ${{ job.status }} run-name: ${{ format('{0} | Verification | {1}', github.ref_name, inputs.version) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.google-chat-webhook-url }}