From ccb5f916e046f80f5e90bf64b5809a65d24960e6 Mon Sep 17 00:00:00 2001 From: Rob Winch <362503+rwinch@users.noreply.github.com> Date: Fri, 2 May 2025 12:35:23 -0500 Subject: [PATCH] rm .github/workflows for unsupported branch --- .github/workflows/clean_build_artifacts.yml | 23 -- .../continuous-integration-workflow.yml | 297 ------------------ .github/workflows/deploy-docs.yml | 33 -- .../milestone-spring-releasetrain.yml | 40 --- .github/workflows/pr-build-workflow.yml | 21 -- .github/workflows/release-scheduler.yml | 24 -- .../update-scheduled-release-version.yml | 80 ----- 7 files changed, 518 deletions(-) delete mode 100644 .github/workflows/clean_build_artifacts.yml delete mode 100644 .github/workflows/continuous-integration-workflow.yml delete mode 100644 .github/workflows/deploy-docs.yml delete mode 100644 .github/workflows/milestone-spring-releasetrain.yml delete mode 100644 .github/workflows/pr-build-workflow.yml delete mode 100644 .github/workflows/release-scheduler.yml delete mode 100644 .github/workflows/update-scheduled-release-version.yml diff --git a/.github/workflows/clean_build_artifacts.yml b/.github/workflows/clean_build_artifacts.yml deleted file mode 100644 index c116fac71d..0000000000 --- a/.github/workflows/clean_build_artifacts.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Clean build artifacts -on: - schedule: - - cron: '0 10 * * *' # Once per day at 10am UTC - -permissions: - contents: read - -jobs: - main: - runs-on: ubuntu-latest - if: ${{ github.repository == 'spring-projects/spring-security' }} - permissions: - contents: none - steps: - - name: Delete artifacts in cron job - env: - GH_ACTIONS_REPO_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - run: | - echo "Running clean build artifacts logic" - output=$(curl -X GET -H "Authorization: token $GH_ACTIONS_REPO_TOKEN" https://api.github.com/repos/spring-projects/spring-security/actions/artifacts | grep '"id"' | cut -d : -f2 | sed 's/,*$//g') - echo Output is $output - for id in $output; do curl -X DELETE -H "Authorization: token $GH_ACTIONS_REPO_TOKEN" https://api.github.com/repos/spring-projects/spring-security/actions/artifacts/$id; done; diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml deleted file mode 100644 index 4d61746853..0000000000 --- a/.github/workflows/continuous-integration-workflow.yml +++ /dev/null @@ -1,297 +0,0 @@ -name: CI - -on: - push: - branches-ignore: - - "dependabot/**" - schedule: - - cron: '0 10 * * *' # Once per day at 10am UTC - workflow_dispatch: # Manual trigger - -env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - COMMIT_OWNER: ${{ github.event.pusher.name }} - COMMIT_SHA: ${{ github.sha }} - STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }} - ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - -permissions: - contents: read - -jobs: - prerequisites: - name: Pre-requisites for building - runs-on: ubuntu-latest - if: ${{ github.repository == 'spring-projects/spring-security' }} - outputs: - runjobs: ${{ steps.continue.outputs.runjobs }} - project_version: ${{ steps.continue.outputs.project_version }} - samples_branch: ${{ steps.continue.outputs.samples_branch }} - steps: - - uses: actions/checkout@v3 - - id: continue - name: Determine if should continue - run: | - # Run jobs if in upstream repository - echo "runjobs=true" >>$GITHUB_OUTPUT - # Extract version from gradle.properties - version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') - echo "project_version=$version" >>$GITHUB_OUTPUT - samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}') - echo "samples_branch=$samples_branch" >>$GITHUB_OUTPUT - build_jdk_17: - name: Build JDK 17 - needs: [prerequisites] - strategy: - matrix: - os: [ubuntu-latest, windows-latest] - runs-on: ${{ matrix.os }} - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v3 - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: 'gradle' - - name: Set up Gradle - uses: gradle/gradle-build-action@v2 - - name: Set up gradle user name - run: echo 'systemProp.user.name=spring-builds+github' >> gradle.properties - - name: Build with Gradle - env: - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - run: ./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" - snapshot_tests: - name: Test against snapshots - needs: [prerequisites] - runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Snapshot Tests - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew test --refresh-dependencies -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PspringFrameworkVersion='6.0.+' -PreactorVersion='2022.0.+' -PspringDataVersion='2022.0.+' -PlocksDisabled --stacktrace - check_samples: - name: Check Samples project - needs: [prerequisites] - runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Check samples project - env: - LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos - SAMPLES_DIR: ../spring-security-samples - VERSION: ${{ needs.prerequisites.outputs.project_version }} - SAMPLES_BRANCH: ${{ needs.prerequisites.outputs.samples_branch }} - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew publishMavenJavaPublicationToLocalRepository - ./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$SAMPLES_BRANCH" -PcloneOutputDirectory="$SAMPLES_DIR" - ./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$VERSION" :runAllTests - check_tangles: - name: Check for Package Tangles - needs: [ prerequisites ] - runs-on: ubuntu-latest - if: needs.prerequisites.outputs.runjobs - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Check for package tangles - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew check s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace - deploy_artifacts: - name: Deploy Artifacts - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy artifacts - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew publishArtifacts finalizeDeployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace - env: - ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} - ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} - OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_S01_TOKEN_USERNAME }} - OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_S01_TOKEN_PASSWORD }} - ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - deploy_docs: - name: Deploy Docs - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy Docs - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace - env: - DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} - DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} - DOCS_HOST: ${{ secrets.DOCS_HOST }} - deploy_schema: - name: Deploy Schema - needs: [build_jdk_17, snapshot_tests, check_samples, check_tangles] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Deploy Schema - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew deploySchema -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace --info - env: - DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} - DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} - DOCS_HOST: ${{ secrets.DOCS_HOST }} - perform_release: - name: Perform release - needs: [prerequisites, deploy_artifacts, deploy_docs, deploy_schema] - runs-on: ubuntu-latest - permissions: - contents: write - timeout-minutes: 90 - if: ${{ !endsWith(needs.prerequisites.outputs.project_version, '-SNAPSHOT') }} - env: - REPO: ${{ github.repository }} - BRANCH: ${{ github.ref_name }} - TOKEN: ${{ github.token }} - VERSION: ${{ needs.prerequisites.outputs.project_version }} - steps: - - uses: actions/checkout@v3 - with: - token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Wait for Artifactory Artifacts - if: ${{ contains(needs.prerequisites.outputs.project_version, '-RC') || contains(needs.prerequisites.outputs.project_version, '-M') }} - run: | - echo "Wait for artifacts of $REPO@$VERSION to appear on Artifactory." - until curl -f -s https://repo.spring.io/artifactory/milestone/org/springframework/security/spring-security-core/$VERSION/ > /dev/null - do - sleep 30 - echo "." - done - echo "Artifacts for $REPO@$VERSION have been released to Artifactory." - - name: Wait for Maven Central Artifacts - if: ${{ !contains(needs.prerequisites.outputs.project_version, '-RC') && !contains(needs.prerequisites.outputs.project_version, '-M') }} - run: | - echo "Wait for artifacts of $REPO@$VERSION to appear on Maven Central." - until curl -f -s https://repo1.maven.org/maven2/org/springframework/security/spring-security-core/$VERSION/ > /dev/null - do - sleep 30 - echo "." - done - echo "Artifacts for $REPO@$VERSION have been released to Maven Central." - - name: Create GitHub Release - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - echo "Tagging and publishing $REPO@$VERSION release on GitHub." - ./gradlew createGitHubRelease -PnextVersion=$VERSION -Pbranch=$BRANCH -PcreateRelease=true -PgitHubAccessToken=$TOKEN - - name: Announce Release on Slack - id: spring-security-announcing - uses: slackapi/slack-github-action@v1.19.0 - with: - payload: | - { - "text": "spring-security-announcing `${{ env.VERSION }}` is available now", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "spring-security-announcing `${{ env.VERSION }}` is available now" - } - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SPRING_RELEASE_SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK - - name: Setup git config - run: | - git config user.name 'github-actions[bot]' - git config user.email 'github-actions[bot]@users.noreply.github.com' - - name: Update to next Snapshot Version - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - echo "Updating $REPO@$VERSION to next snapshot version." - ./gradlew :updateToSnapshotVersion - git commit -am "Next development version" - git push - notify_result: - name: Check for failures - needs: [perform_release] - if: failure() - runs-on: ubuntu-latest - permissions: - actions: read - steps: - - name: Send Slack message - # Workaround while waiting for Gamesight/slack-workflow-status#38 to be fixed - # See https://github.com/Gamesight/slack-workflow-status/issues/38 - uses: sjohnr/slack-workflow-status@v1-beta - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} - channel: '#spring-security-ci' - name: 'CI Notifier' diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml deleted file mode 100644 index 73c3e34ffe..0000000000 --- a/.github/workflows/deploy-docs.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: Deploy Docs -on: - push: - branches-ignore: - - "gh-pages" - - "dependabot/**" - tags: '**' - repository_dispatch: - types: request-build-reference # legacy - schedule: - - cron: '0 10 * * *' # Once per day at 10am UTC - workflow_dispatch: -permissions: read-all -jobs: - build: - runs-on: ubuntu-latest - if: github.repository_owner == 'spring-projects' - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: docs-build - fetch-depth: 1 - - name: Dispatch (partial build) - if: github.ref_type == 'branch' - env: - GH_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - run: gh workflow run deploy-docs.yml -r $(git rev-parse --abbrev-ref HEAD) -f build-refname=${{ github.ref_name }} - - name: Dispatch (full build) - if: github.ref_type == 'tag' - env: - GH_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - run: gh workflow run deploy-docs.yml -r $(git rev-parse --abbrev-ref HEAD) diff --git a/.github/workflows/milestone-spring-releasetrain.yml b/.github/workflows/milestone-spring-releasetrain.yml deleted file mode 100644 index 74be296abc..0000000000 --- a/.github/workflows/milestone-spring-releasetrain.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Check Milestone -on: - milestone: - types: [created, opened, edited] -env: - DUE_ON: ${{ github.event.milestone.due_on }} - TITLE: ${{ github.event.milestone.title }} -permissions: - contents: read -jobs: - spring-releasetrain-checks: - name: Check DueOn is on a Release Date - runs-on: ubuntu-latest - if: ${{ github.repository == 'spring-projects/spring-security' }} - permissions: - contents: none - steps: - - name: Print Milestone Being Checked - run: echo "Validating DueOn '$DUE_ON' for milestone '$TITLE'" - - name: Validate DueOn - if: env.DUE_ON != '' - run: | - export TOOL_VERSION=0.1.1 - wget "https://repo.maven.apache.org/maven2/io/spring/releasetrain/spring-release-train-tools/$TOOL_VERSION/spring-release-train-tools-$TOOL_VERSION.jar" - java -cp "spring-release-train-tools-$TOOL_VERSION.jar" io.spring.releasetrain.CheckMilestoneDueOnMain --dueOn "$DUE_ON" --expectedDayOfWeek MONDAY --expectedMondayCount 3 - notify_result: - name: Check for failures - needs: [spring-releasetrain-checks] - if: failure() - runs-on: ubuntu-latest - permissions: - actions: read - steps: - - name: Send Slack message - uses: Gamesight/slack-workflow-status@v1.0.1 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} - channel: '#spring-security-ci' - name: 'CI Notifier' diff --git a/.github/workflows/pr-build-workflow.yml b/.github/workflows/pr-build-workflow.yml deleted file mode 100644 index 4c31cec97d..0000000000 --- a/.github/workflows/pr-build-workflow.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: PR Build - -on: pull_request - -permissions: - contents: read - -jobs: - build: - name: Build - runs-on: ubuntu-latest - if: ${{ github.repository == 'spring-projects/spring-security' }} - steps: - - uses: actions/checkout@v3 - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - name: Build with Gradle - run: ./gradlew clean build --continue --scan diff --git a/.github/workflows/release-scheduler.yml b/.github/workflows/release-scheduler.yml deleted file mode 100644 index e8c0971d22..0000000000 --- a/.github/workflows/release-scheduler.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Release Scheduler -on: - schedule: - - cron: '15 15 * * MON' # Every Monday at 3:15pm UTC - workflow_dispatch: -permissions: read-all -jobs: - dispatch_scheduled_releases: - name: Dispatch scheduled releases - if: github.repository_owner == 'spring-projects' - strategy: - matrix: - # List of active maintenance branches. - branch: [ main, 6.0.x, 5.8.x, 5.7.x, 5.6.x ] - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - fetch-depth: 1 - - name: Dispatch - env: - GH_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - run: gh workflow run update-scheduled-release-version.yml -r ${{ matrix.branch }} diff --git a/.github/workflows/update-scheduled-release-version.yml b/.github/workflows/update-scheduled-release-version.yml deleted file mode 100644 index 7a1f40d43c..0000000000 --- a/.github/workflows/update-scheduled-release-version.yml +++ /dev/null @@ -1,80 +0,0 @@ -name: Update Scheduled Release Version - -on: - workflow_dispatch: # Manual trigger only. Triggered by release-scheduler.yml on main. - -env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} - -permissions: - contents: read - -jobs: - update_scheduled_release_version: - name: Initiate Release If Scheduled - if: ${{ github.repository == 'spring-projects/spring-security' }} - runs-on: ubuntu-latest - permissions: - contents: read - actions: read - steps: - - id: checkout-source - name: Checkout Source Code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} - - name: Set up gradle - uses: spring-io/spring-gradle-build-action@v1 - with: - java-version: '17' - distribution: 'temurin' - - id: check-release-due - name: Check Release Due - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew gitHubCheckNextVersionDueToday - echo "is_due_today=$(cat build/github/milestones/is-due-today)" >>$GITHUB_OUTPUT - - id: check-open-issues - name: Check for open issues - if: steps.check-release-due.outputs.is_due_today == 'true' - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - ./gradlew gitHubCheckMilestoneHasNoOpenIssues - echo "is_open_issues=$(cat build/github/milestones/is-open-issues)" >>$GITHUB_OUTPUT - - id: validate-release-state - name: Validate State of Release - if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'true' - run: | - echo "The release is due today but there are open issues" - exit 1 - - id: update-version-and-push - name: Update version and push - if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'false' - run: | - export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" - export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" - export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" - git config user.name 'github-actions[bot]' - git config user.email 'github-actions[bot]@users.noreply.github.com' - ./gradlew :updateProjectVersion - updatedVersion=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') - git commit -am "Release $updatedVersion" - git tag $updatedVersion - git push - git push origin $updatedVersion - - id: send-slack-notification - name: Send Slack message - if: failure() - uses: Gamesight/slack-workflow-status@v1.0.1 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} - channel: '#spring-security-ci' - name: 'CI Notifier'