Mobile/Release #34

Workflow file for this run

.github/workflows/mobile-release.yml at f93d8cb

	name: Mobile/Release

	permissions:
	contents: read

	on:
	workflow_dispatch:
	schedule:
	# Mondays at 1pm UTC (8am EST)
	- cron: "0 13 * * 1"

	jobs:
	env:
	secrets:
	lock-app-key: ${{ secrets.ENVOY_CI_MUTEX_APP_KEY }}
	lock-app-id: ${{ secrets.ENVOY_CI_MUTEX_APP_ID }}
	permissions:
	contents: read
	uses: ./.github/workflows/_load_env.yml

	release:
	permissions:
	contents: read
	packages: read
	if: >-
	${{
	(github.repository == 'envoyproxy/envoy'
	\|\| vars.ENVOY_CI)
	&& (github.event.schedule
	\|\| !contains(github.actor, '[bot]'))
	}}
	needs: env
	uses: ./.github/workflows/_mobile_container_ci.yml
	with:
	args: ${{ matrix.args }}
	container: ${{ fromJSON(needs.env.outputs.build-image).mobile }}
	container-output: \|
	"bazel-bin/library/kotlin/io/envoyproxy/envoymobile/${{ matrix.output }}.aar": build/
	"bazel-bin/library/kotlin/io/envoyproxy/envoymobile/${{ matrix.output }}-pom.xml": build/
	"bazel-bin/library/kotlin/io/envoyproxy/envoymobile/${{ matrix.output }}-sources.jar": build/
	"bazel-bin/library/kotlin/io/envoyproxy/envoymobile/${{ matrix.output }}-javadoc.jar": build/
	request: ${{ needs.env.outputs.request }}
	steps-pre: \|
	- run: \|
	mkdir /tmp/mobile
	VERSION="0.5.0.$(date '+%Y%m%d')"
	echo "VERSION=${VERSION}" >> $GITHUB_ENV
	shell: bash
	steps-post: \|
	- run: \|
	mkdir /tmp/output
	shell: bash
	- name: Tar artifacts
	run: >-
	tar
	-czhf
	/tmp/output/${{ matrix.output }}_android_aar_sources.tar.gz
	-C
	/tmp/container-output/build
	.
	shell: bash
	target: ${{ matrix.target }}
	upload-name: ${{ matrix.output }}_android_aar_sources
	upload-path: /tmp/output/${{ matrix.output }}_android_aar_sources.tar.gz
	strategy:
	fail-fast: false
	matrix:
	include:
	- target: android-release
	args: >-
	build
	--config=mobile-remote-release-clang-android-publish
	--define=pom_version=$VERSION
	//:android_dist
	output: envoy
	- target: xds-release
	args: >-
	build
	--config=mobile-remote-release-clang-android-publish-xds
	--define=pom_version=$VERSION
	//:android_xds_dist
	output: envoy_xds

	deploy:
	needs: release
	permissions:
	contents: read
	packages: read
	runs-on: ubuntu-22.04
	timeout-minutes: 20
	strategy:
	fail-fast: false
	matrix:
	include:
	- output: envoy
	- output: envoy_xds
	steps:
	- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	with:
	fetch-depth: 0
	- name: Add safe directory
	run: git config --global --add safe.directory /__w/envoy/envoy
	- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
	with:
	name: ${{ matrix.output }}_android_aar_sources
	path: .
	- name: Expand archive
	run: \|
	tar -xf ${{ matrix.output }}_android_aar_sources.tar.gz
	- name: 'Configure gpg signing'
	env:
	GPG_KEY: ${{ secrets.EM_GPG_KEY }}
	GPG_KEY_NAME: ${{ secrets.EM_GPG_KEY_NAME }}
	GPG_PASSPHRASE: ${{ secrets.EM_GPG_PASSPHRASE }}
	run: \|
	# https://github.com/keybase/keybase-issues/issues/2798
	export GPG_TTY=$(tty)
	# Import gpg keys and warm the passphrase to avoid the gpg
	# passphrase prompt when initating a deploy
	# `--pinentry-mode=loopback` could be needed to ensure we
	# suppress the gpg prompt
	echo $GPG_KEY \| base64 --decode > signing-key
	gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
	shred signing-key

	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab ${{ matrix.output }}.aar
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab ${{ matrix.output }}-pom.xml
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab ${{ matrix.output }}-javadoc.jar
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab ${{ matrix.output }}-sources.jar
	- name: 'Release to sonatype repository'
	env:
	READWRITE_USER: ${{ secrets.EM_SONATYPE_USER }}
	READWRITE_API_KEY: ${{ secrets.EM_SONATYPE_PASSWORD }}
	SONATYPE_PROFILE_ID: ${{ secrets.EM_SONATYPE_PROFILE_ID }}
	run: \|
	version="0.5.0.$(date '+%Y%m%d')"
	python mobile/ci/sonatype_nexus_upload.py \
	--profile_id=$SONATYPE_PROFILE_ID \
	--artifact_id=${{ matrix.output }} \
	--version=$version \
	--files \
	${{ matrix.output }}.aar \
	${{ matrix.output }}-pom.xml \
	${{ matrix.output }}-sources.jar \
	${{ matrix.output }}-javadoc.jar \
	--signed_files \
	${{ matrix.output }}.aar.asc \
	${{ matrix.output }}-pom.xml.asc \
	${{ matrix.output }}-sources.jar.asc \
	${{ matrix.output }}-javadoc.jar.asc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Mobile/Release #34

Workflow file

Mobile/Release #34

Jobs

Run details

Workflow file for this run