spring-security/.github/workflows/update-scheduled-release-version.yml

name: Update Scheduled Release Version

on:
  workflow_dispatch: # Manual trigger only. Triggered by release-scheduler.yml on main.

env:
  DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}

permissions:
  contents: read

jobs:
  update_scheduled_release_version:
    name: Initiate Release If Scheduled
    if: ${{ github.repository == 'spring-projects/spring-security' }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
      actions: read
    steps:
      - id: checkout-source
        name: Checkout Source Code
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
      - name: Set up gradle
        uses: spring-io/spring-gradle-build-action@v2
        with:
          java-version: '11'
          distribution: 'adopt'
      - id: check-release-due
        name: Check Release Due
        run: |
          ./gradlew gitHubCheckNextVersionDueToday
          echo "is_due_today=$(cat build/github/milestones/is-due-today)" >>$GITHUB_OUTPUT          
      - id: check-open-issues
        name: Check for open issues
        if: steps.check-release-due.outputs.is_due_today == 'true'
        run: |
          ./gradlew gitHubCheckMilestoneHasNoOpenIssues
          echo "is_open_issues=$(cat build/github/milestones/is-open-issues)" >>$GITHUB_OUTPUT          
      - id: validate-release-state
        name: Validate State of Release
        if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'true'
        run: |
          echo "The release is due today but there are open issues"
          exit 1          
      - id: update-version-and-push
        name: Update version and push
        if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'false'
        run: |
          git config user.name 'github-actions[bot]'
          git config user.email 'github-actions[bot]@users.noreply.github.com'
          ./gradlew :updateProjectVersion
          updatedVersion=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
          git commit -am "Release $updatedVersion"
          git tag $updatedVersion
          git push
          git push origin $updatedVersion          
  send-notification:
    name: Send Notification
    needs: [ update_scheduled_release_version ]
    if: ${{ failure() || cancelled() }}
    runs-on: ubuntu-latest
    steps:
      - name: Send Notification
        uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1
        with:
          webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }}