🔧 (package.yml): checkout OSS repo before building to include externa…

…l dependencies 🔧 (package.yml): remove redundant download and upload steps for deb and rpm packages 🔧 (package.yml): remove unnecessary Homebrew formula and SDKMAN version update steps 🔧 (package.yml): ensure s3 bucket public access is enabled for repo.liquibase.com
liquibase · Oct 2, 2024 · 91837b1 · 91837b1
1 parent 207adda
commit 91837b1
Showing 1 changed file with 5 additions and 176 deletions.
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -77,6 +77,11 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: Checkout OSS Repo
+        uses: actions/checkout@v4
+        with:
+          repository: liquibase/liquibase
+
       - name: Set up Java
         uses: actions/setup-java@v4
         with:
@@ -126,40 +131,10 @@ jobs:
           # Creating deb packages needs to get release assets from somewhere so be sure to follow this pattern in the artifact repo: https://github.com/liquibase/ARTIFACT_ID/releases/download/vVERSION/ARTIFACT_ID-VERSION.tar.gz
           wget -q -O $PWD/.github/target/${{ inputs.artifactId }}-${{ inputs.version }}.tar.gz https://github.com/liquibase/${{ inputs.artifactId }}/releases/download/v${{ inputs.version }}/${{ inputs.artifactId }}-${{ inputs.version }}.tar.gz
 
-      - name: Download ${{ inputs.artifactId }} dry-run Release
-        if: ${{ inputs.dry_run == true }}
-        run: |
-          mkdir -p $PWD/.github/target
-          # Creating deb packages needs to get release assets from somewhere so be sure to follow this pattern in the artifact repo: https://github.com/liquibase/ARTIFACT_ID/releases/download/vVERSION/ARTIFACT_ID-VERSION.tar.gz
-          wget --content-disposition --header="Accept: application/octet-stream" --header="Authorization: Token ${{ secrets.BOT_TOKEN }}" -O $PWD/.github/target/${{ inputs.artifactId }}-${{ inputs.version }}.tar.gz ${{ inputs.dry_run_tar_gz_url }}
-
       - name: Build ${{ inputs.artifactId }} deb package
         run: |
           mvn package -f $PWD/.github/package-deb-pom.xml -DgroupId=${{ inputs.groupId }} -DartifactId=${{ inputs.artifactId }} -Drevision=${{ inputs.version }} -DskipTests
 
-      - name: Install deb-s3 gem
-        run: gem install deb-s3
-
-      - name: Upload ${{ inputs.artifactId }} deb package
-        if: ${{ inputs.dry_run == false }}
-        run: |
-          sudo apt install pinentry-tty
-          echo "2" | sudo update-alternatives --config pinentry
-          echo "${{ secrets.GPG_SECRET }}" | gpg --batch --import --pinentry-mode loopback --passphrase "${{ secrets.GPG_PASSPHRASE }}"
-          export GPG_TTY=$(tty)
-          echo '${{ secrets.GPG_PASSPHRASE }}' > pass.txt
-          deb-s3 upload --preserve-versions --sign "${{ secrets.GPG_SECRET_KEY_ID }}" --gpg-options "\-\-pinentry-mode loopback \-\-batch \-\-passphrase\-file pass.txt \-\-yes \-\-quiet" --bucket repo.liquibase.com $PWD/.github/target/${{ inputs.artifactId }}-${{ inputs.version }}.deb
-
-      - name: Upload ${{ inputs.artifactId }} dry-run deb package
-        if: ${{ inputs.dry_run == true }}
-        run: |
-          sudo apt install pinentry-tty
-          echo "2" | sudo update-alternatives --config pinentry
-          echo "${{ secrets.GPG_SECRET }}" | gpg --batch --import --pinentry-mode loopback --passphrase "${{ secrets.GPG_PASSPHRASE }}"
-          export GPG_TTY=$(tty)
-          echo '${{ secrets.GPG_PASSPHRASE }}' > pass.txt
-          deb-s3 upload --preserve-versions --sign "${{ secrets.GPG_SECRET_KEY_ID }}" --gpg-options "\-\-pinentry-mode loopback \-\-batch \-\-passphrase\-file pass.txt \-\-yes \-\-quiet" --bucket repo.liquibase.com.dry.run $PWD/.github/target/${{ inputs.artifactId }}-${{ inputs.version }}.deb
-
       - name: Convert deb to rpm
         run: |
           sudo apt-get update
@@ -189,155 +164,9 @@ jobs:
           mv ${{ inputs.artifactId }}-${{ inputs.version }}-1.noarch* $PWD/yum/noarch
           aws s3 sync $PWD/yum s3://repo.liquibase.com/yum
 
-      - name: Upload ${{ inputs.artifactId }} dry-run rpm package
-        if: ${{ inputs.dry_run == true }}
-        run: |
-          original_file=$(basename "$(find . -maxdepth 1 -name "*.rpm")")
-          new_name=$(echo "$original_file" | sed 's/+/-/g')
-          mv "$original_file" "$new_name"
-          sudo apt-get install -y libcurl4-openssl-dev libbz2-dev libxml2-dev libssl-dev zlib1g-dev pkg-config libglib2.0-dev liblzma-dev libsqlite0-dev libsqlite3-dev librpm-dev libzstd-dev python3 cmake
-          ./.github/sign_artifact.sh ${{ inputs.artifactId }}-${{ inputs.version }}-1.noarch.rpm
-          mkdir createrepo_folder
-          cd createrepo_folder
-          git clone https://github.com/rpm-software-management/createrepo_c
-          cd createrepo_c
-          mkdir build
-          cd build
-          cmake .. -DWITH_ZCHUNK=NO -DWITH_LIBMODULEMD=NO
-          make -j
-          cp src/createrepo_c  /opt/createrepo
-          cd ../../..
-          mkdir -p $PWD/yum/noarch
-          aws s3 ls s3://repo.liquibase.com.dry.run/yum/noarch/ | grep -E '\.rpm$' | awk '{print $4}' | xargs -I {} aws s3 cp s3://repo.liquibase.com.dry.run/yum/noarch/{} $PWD/yum/noarch
-          /opt/createrepo -h
-          /opt/createrepo -dp $PWD/yum/noarch
-          ./.github/sign_artifact.sh $PWD/yum/noarch/repodata/repomd.xml
-          mv ${{ inputs.artifactId }}-${{ inputs.version }}-1.noarch* $PWD/yum/noarch
-          aws s3 sync $PWD/yum s3://repo.liquibase.com.dry.run/yum
-
-
-      - name: Check for existing Homebrew formula PR for ${{ inputs.artifactId }}
-        id: check-brew-pr
-        run: |
-          # Authenticate GitHub CLI
-          echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token
-
-          # Define the PR title
-          pr_title="liquibase ${{ inputs.version }}"
-
-          # Search for open pull requests with the specified title in the Homebrew/homebrew-core repo
-          pr_title=$(gh pr list --repo Homebrew/homebrew-core --state open --search "$pr_title" --json title --jq ".[] | select(.title == \"$pr_title\") | .title" )
-          echo "pr_title: $pr_title"
-          # Set the environment variable based on whether the PR exists
-          if [ -z "$pr_title" ]; then
-            echo "PR_EXISTS=false" >> $GITHUB_ENV
-          else
-            echo "PR_EXISTS=true" >> $GITHUB_ENV
-          fi
-
-      - name: Update Homebrew formula for ${{ inputs.artifactId }}
-        if: ${{ env.PR_EXISTS == false && inputs.dry_run == false }}
-        uses: mislav/bump-homebrew-formula-action@v3
-        with:
-          formula-name: liquibase
-          formula-path: Formula/l/liquibase.rb
-          homebrew-tap: Homebrew/homebrew-core
-          tag-name: ${{ inputs.version }}
-          download-url: "https://github.com/liquibase/liquibase/releases/download/v${{ inputs.version }}/liquibase-${{ inputs.version }}.tar.gz"
-          commit-message: |
-            {{formulaName}} {{version}}
-
-            Created by https://github.com/mislav/bump-homebrew-formula-action
-        env:
-          COMMITTER_TOKEN: ${{ secrets.BOT_TOKEN }}
-
-      - name: Update SDKMAN version for ${{ inputs.artifactId }}
-        if: ${{ inputs.dry_run == false }}
-        env:
-          SDKMAN_CONSUMER_KEY: ${{ secrets.SDKMAN_CONSUMER_KEY }}
-          SDKMAN_CONSUMER_TOKEN: ${{ secrets.SDKMAN_CONSUMER_TOKEN }}
-          VERSION: ${{ inputs.version }}
-          S3_WEB_URL: https://s3.amazonaws.com/repo.liquibase.com/sdkman
-          S3_BUCKET: s3://repo.liquibase.com/sdkman/
-        run: |
-          wget -q https://github.com/liquibase/liquibase/releases/download/v$VERSION/liquibase-$VERSION.zip
-          mkdir -p liquibase-$VERSION/bin/internal
-          unzip liquibase-$VERSION.zip -d liquibase-$VERSION
-          rm -rf liquibase-$VERSION.zip
-          mv ./liquibase-$VERSION/liquibase ./liquibase-$VERSION/bin/
-          mv ./liquibase-$VERSION/liquibase.bat ./liquibase-$VERSION/bin/
-          zip -r liquibase-$VERSION.zip ./liquibase-$VERSION
-          # Upload the release to S3
-          aws s3 cp liquibase-$VERSION.zip $S3_BUCKET
-          echo "Uploaded liquibase-$VERSION.zip to s3"
-          # Send the release to SDKMAN
-          curl -s -X POST \
-          -H "Consumer-Key: $SDKMAN_CONSUMER_KEY" \
-          -H "Consumer-Token: $SDKMAN_CONSUMER_TOKEN" \
-          -H "Content-Type: application/json" \
-          -H "Accept: application/json" \
-          -d '{"candidate": "liquibase", "version": "'"$VERSION"'", "url": "'"$S3_WEB_URL"'/liquibase-'"$VERSION"'.zip"}' \
-          https://vendors.sdkman.io/release
-          echo "Sent liquibase-$VERSION.zip to SDKMAN"
-          # Set the default version for SDKMAN
-          curl -s -X PUT \
-          -H "Consumer-Key: $SDKMAN_CONSUMER_KEY" \
-          -H "Consumer-Token: $SDKMAN_CONSUMER_TOKEN" \
-          -H "Content-Type: application/json" \
-          -H "Accept: application/json" \
-          -d '{"candidate": "liquibase", "version": "'"$VERSION"'"}' \
-          https://vendors.sdkman.io/default
-          echo "Set liquibase-$VERSION.zip as default version for SDKMAN"
-          # Announce the release to SDKMAN
-          curl -s -X POST \
-          -H "Consumer-Key: $SDKMAN_CONSUMER_KEY" \
-          -H "Consumer-Token: $SDKMAN_CONSUMER_TOKEN" \
-          -H "Content-Type: application/json" \
-          -H "Accept: application/json" \
-          -d '{"candidate": "liquibase", "version": "'"$VERSION"'", "url": "https://github.com/liquibase/liquibase/releases/tag/v'"$VERSION"'"}' \
-          https://vendors.sdkman.io/announce/struct
-          echo "Announced liquibase-$VERSION.zip to SDKMAN"
-
-      - name: Update SDKMAN version for ${{ inputs.artifactId }} dry-run
-        if: ${{ inputs.dry_run == true }}
-        env:
-          SDKMAN_CONSUMER_KEY: ${{ secrets.SDKMAN_CONSUMER_KEY }}
-          SDKMAN_CONSUMER_TOKEN: ${{ secrets.SDKMAN_CONSUMER_TOKEN }}
-          VERSION: ${{ inputs.version }}
-          S3_WEB_URL: https://s3.amazonaws.com/repo.liquibase.com.dry.run/sdkman
-          S3_BUCKET: s3://repo.liquibase.com.dry.run/sdkman/
-        run: |
-          wget --content-disposition --header="Accept: application/octet-stream" --header="Authorization: Token ${{ secrets.BOT_TOKEN }}" ${{ inputs.dry_run_zip_url }}
-
-          mkdir -p liquibase-$VERSION/bin/internal
-          unzip liquibase-$VERSION.zip -d liquibase-$VERSION
-          rm -rf liquibase-$VERSION.zip
-          mv ./liquibase-$VERSION/liquibase ./liquibase-$VERSION/bin/
-          mv ./liquibase-$VERSION/liquibase.bat ./liquibase-$VERSION/bin/
-          zip -r liquibase-$VERSION.zip ./liquibase-$VERSION
-          # Upload the release to S3
-          aws s3 cp liquibase-$VERSION.zip $S3_BUCKET
-          echo "Uploaded liquibase-$VERSION.zip to s3"
-
       - name: Ensure s3 bucket public access is enabled
         run: |
           aws s3api put-bucket-acl --bucket repo.liquibase.com  --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers
-          aws s3api put-bucket-acl --bucket repo.liquibase.com.dry.run  --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers
-
-  upload_windows_package:
-    uses: liquibase/liquibase-chocolatey/.github/workflows/deploy-package.yml@master
-    secrets: inherit
-    with:
-      version: ${{ inputs.version }}
-      dry_run: ${{ inputs.dry_run }}
-      dry_run_zip_url: ${{ inputs.dry_run_zip_url }}
 
-  upload_ansible_role:
-    uses: liquibase/liquibase-ansible/.github/workflows/deploy-role.yml@main
-    secrets: inherit
-    with:
-      version: ${{ inputs.version }}
-      dry_run: ${{ inputs.dry_run }}
-      dry_run_tar_gz_url: ${{ inputs.dry_run_tar_gz_url }}