From c3b833763856b18cda71904a61db3b4abc1e6c18 Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Tue, 1 Oct 2024 15:24:49 -0700 Subject: [PATCH] Unify commercial and OSS workflows See gh-42333 --- .../workflows/build-and-deploy-snapshot.yml | 13 +++--- .github/workflows/build-pull-request.yml | 2 - .github/workflows/ci.yml | 2 +- .github/workflows/distribute.yml | 41 +++++++++++++++++++ .github/workflows/release.yml | 24 +++++++---- .github/workflows/verify.yml | 9 ++-- 6 files changed, 70 insertions(+), 21 deletions(-) create mode 100644 .github/workflows/distribute.yml diff --git a/.github/workflows/build-and-deploy-snapshot.yml b/.github/workflows/build-and-deploy-snapshot.yml index 1509cf8eb196..f9a8484d7825 100644 --- a/.github/workflows/build-and-deploy-snapshot.yml +++ b/.github/workflows/build-and-deploy-snapshot.yml @@ -9,7 +9,7 @@ jobs: build-and-deploy-snapshot: name: Build and Deploy Snapshot runs-on: ${{ vars.UBUNTU_MEDIUM || 'ubuntu-latest' }} - if: ${{ github.repository == 'spring-projects/spring-boot' }} + if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} steps: - name: Check Out Code uses: actions/checkout@v4 @@ -26,11 +26,12 @@ jobs: - name: Deploy uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: 'https://repo.spring.io' - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - build-name: 'spring-boot-3.2.x' - repository: 'libs-snapshot-local' + uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} + username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} + password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }} + repository: ${{ vars.COMMERCIAL && 'spring-commercial-snapshot-local' || 'libs-snapshot-local' }} + project: ${{ vars.COMMERCIAL && 'spring' }} folder: 'deployment-repository' signing-key: ${{ secrets.GPG_PRIVATE_KEY }} signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} diff --git a/.github/workflows/build-pull-request.yml b/.github/workflows/build-pull-request.yml index 96667f8684b7..56a064ca5ae4 100644 --- a/.github/workflows/build-pull-request.yml +++ b/.github/workflows/build-pull-request.yml @@ -1,9 +1,7 @@ name: Build Pull Request on: pull_request - permissions: contents: read - jobs: build: name: Build Pull Request diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8533bf167b6a..45f2ac4b8399 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ jobs: ci: name: '${{ matrix.os.name}} | Java ${{ matrix.java.version}}' runs-on: ${{ matrix.os.id }} - if: ${{ github.repository == 'spring-projects/spring-boot' }} + if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} strategy: fail-fast: false matrix: diff --git a/.github/workflows/distribute.yml b/.github/workflows/distribute.yml new file mode 100644 index 000000000000..68dc1f29c687 --- /dev/null +++ b/.github/workflows/distribute.yml @@ -0,0 +1,41 @@ +name: Distribute +on: + workflow_dispatch: + inputs: + version: + description: 'The version to bundle and distribute' + required: true + type: string + build-number: + description: 'The number of the build to use to create the bundle' + required: true + type: string + create-bundle: + description: 'Whether to create the bundle. If unchecked, only the bundle distribution is executed' + required: true + type: boolean + default: true +jobs: + distribute-spring-enterprise-release-bundle: + if: ${{ vars.COMMERCIAL }} + runs-on: ${{ vars.UBUNTU_SMALL || 'ubuntu-latest' }} + steps: + - name: Create Bundle + if: ${{ inputs.create-bundle }} + shell: bash + run: | + curl -s -u "${{ secrets.COMMERCIAL_ARTIFACTORY_USERNAME }}:${{ secrets.COMMERCIAL_ARTIFACTORY_PASSWORD }}" \ + -X POST -H "X-JFrog-Signing-Key-Name: packagesKey" -H "Content-Type: application/json" \ + "https://usw1.packages.broadcom.com/lifecycle/api/v2/release_bundle?project=spring" \ + -d '{"release_bundle_name": "TNZ-spring-boot-commercial", "release_bundle_version": "${{ inputs.version }}", "skip_docker_manifest_resolution": true, "source_type": "builds", "source": {"builds": [ {"build_repository": "spring-build-info", "build_name": "spring-boot-commercial-${{ inputs.version }}", "build_number": "${{ inputs.build-number }}", "include_dependencies": false}]}}' + - name: Sleep + if: ${{ inputs.create-bundle }} + shell: bash + run: sleep 30 + - name: Distribute Bundle + shell: bash + run: | + curl -s -u "${{ secrets.COMMERCIAL_ARTIFACTORY_USERNAME }}:${{ secrets.COMMERCIAL_ARTIFACTORY_PASSWORD }}" \ + -X POST -H "Content-Type: application/json" \ + "https://usw1.packages.broadcom.com/lifecycle/api/v2/distribution/distribute/TNZ-spring-boot-commercial/${{ inputs.version }}?project=spring" \ + -d '{"auto_create_missing_repositories": "false", "distribution_rules": [{"site_name": "JP-SaaS"}], "modifications": {"mappings": [{"input": "spring-enterprise-maven-prod-local/(.*)", "output": "spring-enterprise/$1"}]}}' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4c4e63e2d564..222f2f4864e7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ jobs: build-and-stage-release: name: Build and Stage Release runs-on: ${{ vars.UBUNTU_MEDIUIM || 'ubuntu-latest' }} - if: ${{ github.repository == 'spring-projects/spring-boot' }} + if: ${{ github.repository == 'spring-projects/spring-boot' || github.repository == 'spring-projects/spring-boot-commercial' }} steps: - name: Check Out Code uses: actions/checkout@v4 @@ -26,11 +26,12 @@ jobs: - name: Stage Release uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: 'https://repo.spring.io' - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - build-name: ${{ format('spring-boot-{0}', steps.build-and-publish.outputs.version)}} - repository: 'libs-staging-local' + uri: ${{ vars.COMMERCIAL_DEPLOY_REPO_URL || 'https://repo.spring.io' }} + username: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_USERNAME || secrets.ARTIFACTORY_USERNAME }} + password: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_ARTIFACTORY_PASSWORD || secrets.ARTIFACTORY_PASSWORD }} + build-name: ${{ vars.COMMERCIAL && format('spring-boot-commercial-{0}', github.ref_name) || format('spring-boot-{0}', github.ref_name) }} + repository: ${{ vars.COMMERCIAL && 'spring-enterprise-maven-stage-local' || 'libs-staging-local' }} + project: ${{ vars.COMMERCIAL && 'spring' }} folder: 'deployment-repository' signing-key: ${{ secrets.GPG_PRIVATE_KEY }} signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -52,6 +53,7 @@ jobs: token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} sync-to-maven-central: name: Sync to Maven Central + if: ${{ !COMMERCIAL }} needs: - build-and-stage-release - verify @@ -77,11 +79,16 @@ jobs: - name: Set up JFrog CLI uses: jfrog/setup-jfrog-cli@9fe0f98bd45b19e6e931d457f4e98f8f84461fb5 # v4.4.1 env: - JF_ENV_SPRING: ${{ secrets.JF_ARTIFACTORY_SPRING }} - - name: Promote build + JF_ENV_SPRING: ${{ vars.COMMERCIAL && secrets.COMMERCIAL_JF_ARTIFACTORY_SPRING || secrets.JF_ARTIFACTORY_SPRING }} + - name: Promote open source build + if: ${{ !vars.COMMERCIAL }} run: jfrog rt build-promote ${{ format('spring-boot-{0}', needs.build-and-stage-release.outputs.version)}} ${{ github.run_number }} libs-release-local + - name: Promote commercial build + if: ${{ vars.COMMERCIAL }} + run: jfrog rt build-promote ${{ format('spring-boot-commercial-{0}', needs.build-and-stage-release.outputs.version)}} ${{ github.run_number }} spring-enterprise-maven-prod-local --project spring publish-gradle-plugin: name: Publish Gradle Plugin + if: ${{ !COMMERCIAL }} needs: - build-and-stage-release - sync-to-maven-central @@ -98,6 +105,7 @@ jobs: plugin-version: ${{ needs.build-and-stage-release.outputs.version }} publish-to-sdkman: name: Publish to SDKMAN! + if: ${{ !COMMERCIAL }} needs: - build-and-stage-release - sync-to-maven-central diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 668d45ef08e6..ac5a255cfee4 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -31,12 +31,12 @@ jobs: uses: actions/checkout@v4 with: repository: spring-projects/spring-boot-release-verification - ref: 'v0.0.3' + ref: 'v0.0.6' token: ${{ secrets.token }} - name: Check Out Send Notification Action uses: actions/checkout@v4 with: - path: spring-boot + path: ${{ vars.COMMERCIAL && 'spring-boot' || 'spring-boot-commercial' }} sparse-checkout: .github/actions/send-notification - name: Set Up Java uses: actions/setup-java@v4 @@ -44,6 +44,7 @@ jobs: distribution: 'liberica' java-version: 17 - name: Set Up Homebrew + if: ${{ !vars.COMMERCIAL }} uses: Homebrew/actions/setup-homebrew@7657c9512f50e1c35b640971116425935bab3eea - name: Set Up Gradle uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 @@ -57,7 +58,7 @@ jobs: - name: Run Release Verification Tests env: RVT_VERSION: ${{ inputs.version }} - RVT_RELEASE_TYPE: oss + RVT_RELEASE_TYPE: ${{ vars.COMMERCIAL && 'commercial' || 'oss' }} RVT_STAGING: ${{ inputs.staging }} RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.opensource-repository-username }} RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.opensource-repository-password }} @@ -71,7 +72,7 @@ jobs: name: build-reports path: '**/build/reports/' - name: Send Notification - uses: ./spring-boot/.github/actions/send-notification + uses: ${{ vars.COMMERCIAL && './spring-boot-commercial/.github/actions/send-notification' || './spring-boot/.github/actions/send-notification' }} if: always() with: webhook-url: ${{ secrets.google-chat-webhook-url }}