Split GH actions configuration to simplify

Xavier Arias · Xavier Arias · commit add46c3542b8 · 2021-01-22T17:18:46.000+01:00
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,4 +1,4 @@
-name: Web3j
+name: Build
 
 on:
   push:
@@ -30,13 +30,6 @@ jobs:
         run: ./gradlew integration-tests:test -Pintegration-tests=true
   build:
     runs-on: ubuntu-latest
-    env:
-      OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-      OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
-      GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-      BINTRAY_USER: ${{ secrets.BINTRAY_USER }}
-      BINTRAY_KEY: ${{ secrets.BINTRAY_KEY }}
-      GITHUB_PERSONAL_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
     steps:
       - uses: actions/checkout@v2
       - name: Set up JDK 1.8
@@ -53,18 +46,6 @@ jobs:
         run: chmod +x gradlew
       - name: Build
         run: ./gradlew check jacocoTestReport
-      - name: Decrypt secret key
-        run: openssl aes-256-cbc -K ${{ secrets.GPG_KEY }} -iv ${{ secrets.GPG_IV }} -in web3j.asc.enc -out web3j.asc -d
-        if: github.base_ref == ''
-      - name: Publish master
-        run: ./gradlew publish
-        if: github.base_ref == ''
-      - name: Release
-        uses: web3j/release-action@v1.2
-        with:
-          version: ${GITHUB_REF#'release/'}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-        if: contains(github.ref, '/release/')
       - name: After success
         run: bash <(curl -s https://codecov.io/bash)
         if: ${{ success() }}
diff --git a/.github/workflows/publish-snapshot.yml b/.github/workflows/publish-snapshot.yml
@@ -0,0 +1,38 @@
+name: Release
+
+on:
+  workflow_run:
+    workflows: [ 'Build' ]
+    branches: [ master ]
+    types: [ completed ]
+
+jobs:
+  publish-snapshot:
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    env:
+      OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+      GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      BINTRAY_USER: ${{ secrets.BINTRAY_USER }}
+      BINTRAY_KEY: ${{ secrets.BINTRAY_KEY }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK 1.8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 1.8
+      - name: Cache Gradle packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Decrypt secret key
+        run: openssl aes-256-cbc -K ${{ secrets.GPG_KEY }} -iv ${{ secrets.GPG_IV }} -in web3j.asc.enc -out web3j.asc -d
+      - name: Publish snapshot
+        run: ./gradlew publish
+
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,43 @@
+name: Publish snapshot
+
+on:
+  workflow_run:
+    workflows: [ 'Build' ]
+    branches: [ 'release/*' ]
+    types: [ completed ]
+
+jobs:
+  release:
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    env:
+      OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+      OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+      GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      BINTRAY_USER: ${{ secrets.BINTRAY_USER }}
+      BINTRAY_KEY: ${{ secrets.BINTRAY_KEY }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK 1.8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 1.8
+      - name: Cache Gradle packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Decrypt secret key
+        run: openssl aes-256-cbc -K ${{ secrets.GPG_KEY }} -iv ${{ secrets.GPG_IV }} -in web3j.asc.enc -out web3j.asc -d
+      - name: Build and stage release
+        run: ./gradlew publish bintrayUpload -Pversion=${{ GITHUB_REF#'release/' }}
+      - name: Release
+        run: ./gradlew closeAndReleaseRepository
+      - name: GitHub release
+        run: ./scripts/github-release.sh
+      - name: Javadoc release
+        run: ./gradlew -Dorg.ajoberstar.grgit.auth.username=${{ GITHUB_TOKEN }} core:gitPublishPush
diff --git a/core/build.gradle b/core/build.gradle
@@ -42,7 +42,7 @@ def getTimestamp() {
 
 ext {
     docsPath = 'web3j/web3j-docs'
-    ghToken = System.getenv('GITHUB_PERSONAL_ACCESS_TOKEN')
+    ghToken = System.getenv('GITHUB_TOKEN')
 }
 
 gitPublish {
diff --git a/scripts/common.bash b/scripts/common.bash
@@ -8,7 +8,7 @@ configure_github_user() {
 }
 
 github_clone() {
-    git clone https://antonydenyer:${GITHUB_PERSONAL_ACCESS_TOKEN}@github.com/web3j/$1.git
+    git clone https://antonydenyer:${GITHUB_TOKEN}@github.com/web3j/$1.git
     cd $1
 }
 
diff --git a/scripts/github-release.sh b/scripts/github-release.sh
@@ -21,7 +21,7 @@ ensure_version
 
 ensure_product
 
-export PREVIOUS_RELEASE=$(curl -H "Authorization: token ${GITHUB_PERSONAL_ACCESS_TOKEN}" -s https://api.github.com/repos/web3j/${PRODUCT}/releases/latest | jq -r '.target_commitish' )
+export PREVIOUS_RELEASE=$(curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/web3j/${PRODUCT}/releases/latest | jq -r '.target_commitish' )
 export CHANGELOG=$(git rev-list --format=oneline --abbrev-commit --max-count=50 ${PREVIOUS_RELEASE}..HEAD | jq --slurp --raw-input . )
 
 echo "Creating a new release on GitHub with changes"
@@ -37,12 +37,12 @@ API_JSON="{
 }"
 
 
-export RESULT=$(curl -H "Authorization: token ${GITHUB_PERSONAL_ACCESS_TOKEN}" --data "$API_JSON" -s https://api.github.com/repos/web3j/${PRODUCT}/releases)
+export RESULT=$(curl -H "Authorization: token ${GITHUB_TOKEN}" --data "$API_JSON" -s https://api.github.com/repos/web3j/${PRODUCT}/releases)
 export UPLOAD_URL=$(echo ${RESULT} | jq -r ".upload_url")
 
 for FILE in `find ./ -type f -name "${PRODUCT}-${VERSION}.*"`;
 do
-  curl -H "Authorization: token ${GITHUB_PERSONAL_ACCESS_TOKEN}" -s "${UPLOAD_URL:0:-13}?name=$(basename -- $FILE)" -H "Content-Type: $(file -b --mime-type $FILE)" --data-binary @"${FILE}"
+  curl -H "Authorization: token ${GITHUB_TOKEN}" -s "${UPLOAD_URL:0:-13}?name=$(basename -- $FILE)" -H "Content-Type: $(file -b --mime-type $FILE)" --data-binary @"${FILE}"
 done
 
 echo "Release finished"
diff --git a/scripts/release-dependant.sh b/scripts/release-dependant.sh

Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ def getTimestamp() {`
`42`	`42`
`43`	`43`	`ext {`
`44`	`44`	`docsPath = 'web3j/web3j-docs'`
`45`		`- ghToken = System.getenv('GITHUB_PERSONAL_ACCESS_TOKEN')`
	`45`	`+ ghToken = System.getenv('GITHUB_TOKEN')`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`gitPublish {`
Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@ configure_github_user() {`
`8`	`8`	`}`
`9`	`9`
`10`	`10`	`github_clone() {`
`11`		`- git clone https://antonydenyer:${GITHUB_PERSONAL_ACCESS_TOKEN}@github.com/web3j/$1.git`
	`11`	`+ git clone https://antonydenyer:${GITHUB_TOKEN}@github.com/web3j/$1.git`
`12`	`12`	`cd $1`
`13`	`13`	`}`
`14`	`14`