github
/
spring-security
mirror of https://github.com/spring-projects/spring-security


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667
							name: Update Scheduled Release Version

on:
  workflow_dispatch: # Manual trigger only. Triggered by release-scheduler.yml on main.

env:
  DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}

permissions:
  contents: read

jobs:
  update_scheduled_release_version:
    name: Initiate Release If Scheduled
    if: ${{ github.repository == 'spring-projects/spring-security' }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
      actions: read
    steps:
      - id: checkout-source
        name: Checkout Source Code
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }}
      - name: Set up gradle
        uses: spring-io/spring-gradle-build-action@v2
        with:
          java-version: '11'
          distribution: 'adopt'
      - id: check-release-due
        name: Check Release Due
        run: |
          ./gradlew gitHubCheckNextVersionDueToday
          echo "is_due_today=$(cat build/github/milestones/is-due-today)" >>$GITHUB_OUTPUT
      - id: check-open-issues
        name: Check for open issues
        if: steps.check-release-due.outputs.is_due_today == 'true'
        run: |
          ./gradlew gitHubCheckMilestoneHasNoOpenIssues
          echo "is_open_issues=$(cat build/github/milestones/is-open-issues)" >>$GITHUB_OUTPUT
      - id: validate-release-state
        name: Validate State of Release
        if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'true'
        run: |
          echo "The release is due today but there are open issues"
          exit 1
      - id: update-version-and-push
        name: Update version and push
        if: steps.check-release-due.outputs.is_due_today == 'true' && steps.check-open-issues.outputs.is_open_issues == 'false'
        run: |
          git config user.name 'github-actions[bot]'
          git config user.email 'github-actions[bot]@users.noreply.github.com'
          ./gradlew :updateProjectVersion
          updatedVersion=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}')
          git commit -am "Release $updatedVersion"
          git tag $updatedVersion
          git push
          git push origin $updatedVersion
      - name: Send Notification
        if: failure()
        uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1
        with:
          webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }}
          status: ${{ job.status }}
          build-scan-url: ${{ steps.build-and-publish.outputs.build-scan-url }}
          run-name: ${{ format('spring-security/{0}', github.ref_name) }}