diff --git a/.azure-pipelines/ci-build.yml b/.azure-pipelines/ci-build.yml index a3957826..8bf44d1b 100644 --- a/.azure-pipelines/ci-build.yml +++ b/.azure-pipelines/ci-build.yml @@ -43,7 +43,6 @@ extends: #TODO maybe missing template context with sdl baselines? steps: - checkout: self - persistCredentials: true - task: JavaToolInstaller@1 inputs: @@ -68,26 +67,26 @@ extends: - script: ./gradlew --no-daemon publishToMavenLocal -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" displayName: Publish to local Maven for verification - # condition: contains(variables['build.sourceBranch'], 'refs/tags/v') + condition: contains(variables['build.sourceBranch'], 'refs/tags/v') - # - script: ./gradlew --no-daemon publishToMavenLocal -PmavenCentralPublishingEnabled=true - # displayName: Publish to local Maven for verification - # condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) + - script: ./gradlew --no-daemon publishToMavenLocal -PmavenCentralPublishingEnabled=true + displayName: Publish to local Maven for verification + condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) - script: ./gradlew --no-daemon publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true -PmavenCentralSnapshotArtifactSuffix="" displayName: Publish to local Maven ADO for ESRP - # condition: contains(variables['build.sourceBranch'], 'refs/tags/v') + condition: contains(variables['build.sourceBranch'], 'refs/tags/v') - # - script: ./gradlew --no-daemon publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true - # displayName: Publish to local Maven ADO for ESRP - # condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) + - script: ./gradlew --no-daemon publishMavenPublicationToADORepository -PmavenCentralPublishingEnabled=true + displayName: Publish to local Maven ADO for ESRP + condition: not(contains(variables['build.sourceBranch'], 'refs/tags/v')) - pwsh: | $contents = Get-Content gradle.properties -Raw - $major = $contents | Select-String -Pattern 'mavenMajorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - $minor = $contents | Select-String -Pattern 'mavenMinorVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - $patch = $contents | Select-String -Pattern 'mavenPatchVersion = ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - # $snapshot_suffix = if ($Env:BRANCH_NAME.StartsWith('refs/tags/v')) { '' } else { '-SNAPSHOT' } + $major = $contents | Select-String -Pattern 'mavenMajorVersion\s*=\s*([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } + $minor = $contents | Select-String -Pattern 'mavenMinorVersion\s*=\s*([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } + $patch = $contents | Select-String -Pattern 'mavenPatchVersion\s*=\s*([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } + $snapshot_suffix = if ($Env:BRANCH_NAME.StartsWith('refs/tags/v')) { '' } else { '-SNAPSHOT' } $version = "$major.$minor.$patch$snapshot_suffix" echo "Current version is $version" echo "##vso[task.setvariable variable=PACKAGE_VERSION;]$version" @@ -101,21 +100,19 @@ extends: displayName: Inspect contents of local Maven cache - pwsh: | - .\scripts\zipPackageContent.ps1 -OutputDirectory $Env:OUTPUT_DIRECTORY -ArtifactId microsoft-graph-core -PackageSegment abstractions -Version $(PACKAGE_VERSION) - echo "list of zips:" - Get-ChildItem -Path $Env:OUTPUT_DIRECTORY -Filter "*.zip" | ForEach-Object { Write-Host $_.FullName } - displayName: Zip contents of local Maven cache - env: - OUTPUT_DIRECTORY: $(Build.ArtifactStagingDirectory) + $packageFullPath = Join-Path -Path "./" -ChildPath "build/publishing-repository/com/microsoft/graph/microsoft-graph-core" -AdditionalChildPath "$(PACKAGE_VERSION)" + echo "Package full path: $packageFullPath" + echo "##vso[task.setvariable variable=PACKAGE_PATH;]$packageFullPath" + displayName: Get the package full path - task: 1ES.PublishPipelineArtifact@1 displayName: "Publish Artifact: jars" inputs: artifactName: jars - targetPath: "$(Build.ArtifactStagingDirectory)" + targetPath: "$(PACKAGE_PATH)" - stage: deploy - # condition: and(or(contains(variables['build.sourceBranch'], 'refs/tags/v'), eq(variables['build.sourceBranch'], '${{ parameters.previewBranch }}')), succeeded()) + condition: and(or(contains(variables['build.sourceBranch'], 'refs/tags/v'), eq(variables['build.sourceBranch'], '${{ parameters.previewBranch }}')), succeeded()) dependsOn: build jobs: - deployment: deploy_github @@ -137,7 +134,7 @@ extends: deploy: steps: - pwsh: | - $zips = Get-ChildItem -Path "$(Pipeline.Workspace)" -Filter "*.zip" + $zips = Get-ChildItem -Path "$(Pipeline.Workspace)" -Filter "*.jar" $zip = $zips | Select-Object -First 1 $zipName = $zip.Name if ($zipName -match "\d+.\d+.\d+") @@ -148,19 +145,10 @@ extends: } else { - Write-Error "No valid version found in zip file name." + Write-Error "No valid version found in jar file name." exit 1 } - - pwsh: | - $zips = Get-ChildItem -Path "$(Pipeline.Workspace)" -Filter "*.zip" - foreach ($zip in $zips) { - $targetPath = $zip.FullName.Replace(".zip", "") - Expand-Archive -Path $zip.FullName -DestinationPath $targetPath - Remove-Item -Path $zip.FullName -Force - } - displayName: Unzip artifacts - - task: GitHubRelease@1 inputs: gitHubConnection: "microsoftkiota" @@ -204,7 +192,7 @@ extends: - deployment: deploy_maven # snapshots are not supported by ESRP release for now, but they are planning to add support. When it happens, simply remove the condition - # condition: and(contains(variables['build.sourceBranch'], 'refs/tags/v'), succeeded()) + condition: and(contains(variables['build.sourceBranch'], 'refs/tags/v'), succeeded()) pool: name: Azure-Pipelines-1ESPT-ExDShared os: linux diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml deleted file mode 100644 index 71482093..00000000 --- a/.github/workflows/build-and-publish.yml +++ /dev/null @@ -1,160 +0,0 @@ -name: Build and Publish - -# TODO remove todo entries in build.gradle - -on: - workflow_dispatch: - push: - branches: [main] - paths-ignore: - - '.gradle/wrapper' - - '.gitignore' - - 'LICENSE' - - 'THIRD PARTY NOTICES' - - '*.md' - tags: - - "v[0-9]+.[0-9]+.[0-9]+" -env: - PREVIEW_TASK: publishToSonatype - PUBLISH_TASK: publishToSonatype closeAndReleaseSonatypeStagingRepository - JAVA_VERSION: 21 - JAVA_DISTRIBUTION: 'temurin' - -permissions: - contents: write - -jobs: - maven_Preview: - if: ${{ github.ref == 'refs/heads/main' }} - environment: - name: maven_central_snapshot - needs: validate-package-contents - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Detect secrets - run: | - pip install detect-secrets - git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline - - name: Set up JDK - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - cache: gradle - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }} - OUTPUT_PATH: '.\local.properties' - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.SECRING_GPG }} - OUTPUT_PATH: '.\secring.gpg' - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - name: Publish - run: ./gradlew $PREVIEW_TASK - - maven_Release: - if: ${{ startsWith(github.ref, 'refs/tags/') && github.actor == 'release-please[bot]'}} - environment: - name: maven_central_release - needs: validate-package-contents - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Detect secrets - run: | - pip install detect-secrets - git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline - - name: Set up JDK - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION }} - cache: gradle - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }} - OUTPUT_PATH: '.\local.properties' - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.SECRING_GPG }} - OUTPUT_PATH: '.\secring.gpg' - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - name: Publish - run: ./gradlew $PUBLISH_TASK -PmavenCentralSnapshotArtifactSuffix="" - - name: Upload Build Artifact - uses: actions/upload-artifact@v4 - with: - name: drop - path: | - **/libs/* - build/generated-pom.xml - build/generated-pom.xml.asc - build.gradle - gradlew - gradlew.bat - settings.gradle - gradle.properties - **/gradle/** - Scripts/** - - name: Github Release - uses: softprops/action-gh-release@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - fail_on_unmatched_files: true - files: | - build/**/*.jar - - validate-package-contents: - runs-on: ubuntu-latest - environment: ${{ contains(github.ref, 'refs/tags/v') && 'maven_central_release' || 'maven_central_snapshot' }} - defaults: - run: - working-directory: ./ - steps: - - uses: actions/checkout@v4 - - name: Setup JDK - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DISTRIBUTION}} - cache: gradle - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }} - OUTPUT_PATH: 'local.properties' - - name: Download file - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH - shell: pwsh - env: - ENCODED_VALUE: ${{ secrets.SECRING_GPG }} - OUTPUT_PATH: '.\secring.gpg' - - name: Publish to local Maven cache for validation - run: ./gradlew --no-daemon publishToMavenLocal - - name: Get current SNAPSHOT version - shell: pwsh - run: | - $contents = Get-Content gradle.properties -Raw - $major = $contents | Select-String -Pattern 'mavenMajorVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - $minor = $contents | Select-String -Pattern 'mavenMinorVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - $patch = $contents | Select-String -Pattern 'mavenPatchVersion\s+= ([0-9]+)' | ForEach-Object { $_.Matches.Groups[1].Value } - $version = "$major.$minor.$patch-SNAPSHOT" - echo "Current version is $version" - echo "PACKAGE_VERSION=$version" >> $Env:GITHUB_ENV - - name: Inspect contents of local Maven cache - shell: pwsh - run: | - .\scripts\validatePackageContents.ps1 -ArtifactId microsoft-graph-core -Version $env:PACKAGE_VERSION diff --git a/build.gradle b/build.gradle index 23a85870..85cba928 100644 --- a/build.gradle +++ b/build.gradle @@ -7,8 +7,6 @@ plugins { id 'jacoco' id 'com.github.spotbugs' version '6.2.0' id "org.sonarqube" version "6.2.0.5505" - // TODO remove this dependency once we remove the GH WF - id 'io.github.gradle-nexus.publish-plugin' version '2.0.0' } java { @@ -122,19 +120,6 @@ publishing { } } } -// TODO remove this section once we remove the GH WF -nexusPublishing { - repositories { - sonatype { - if (project.rootProject.file('local.properties').exists()) { - Properties properties = new Properties() - properties.load(project.rootProject.file('local.properties').newDataInputStream()) - username = properties.getProperty('sonatypeUsername') - password = properties.getProperty('sonatypePassword') - } - } - } -} group = project.property('mavenGroupId') version = "${mavenMajorVersion}.${mavenMinorVersion}.${mavenPatchVersion}${mavenCentralSnapshotArtifactSuffix}" diff --git a/scripts/zipPackageContent.ps1 b/scripts/zipPackageContent.ps1 deleted file mode 100644 index 02cc9b65..00000000 --- a/scripts/zipPackageContent.ps1 +++ /dev/null @@ -1,31 +0,0 @@ -# Checks that expected files are present & have contents after the publish process to the local cache -param( - [Parameter(Mandatory=$true)][string] $ArtifactId, - [Parameter(Mandatory=$true)][string] $PackageSegment, - [Parameter(Mandatory=$true)][string] $Version, - [Parameter(Mandatory=$true)][string] $OutputDirectory, - [Parameter()][string] $GroupId = "com.microsoft.graph", - [Parameter()][string] $ComponentsSegment = "..\components", - [Parameter()][string] $buildOutDir = "build\publishing-repository" -) - -#components\bundle\build\publishing-repository\com\microsoft\kiota\microsoft-kiota-bundle\1.8.5\ - -$groupIdPath = $GroupId -replace "\.", [System.IO.Path]::DirectorySeparatorChar -$packageFullPath = Join-Path -Path $PSScriptRoot -ChildPath $ComponentsSegment -AdditionalChildPath $PackageSegment, $buildOutDir, $groupIdPath, $ArtifactId, $Version - -Write-Output "---------------------------------------------------" -Write-Output "Zipping package contents at $packageFullPath" - -if(-not (Test-Path -Path $packageFullPath)) { - Write-Output "Package not found in local cache." - exit 1 -} - -$outputFilePath = Join-Path -Path $OutputDirectory -ChildPath "$ArtifactId-$Version.zip" -# removing any existing file -Remove-Item -Path $outputFilePath -ErrorAction SilentlyContinue -# removing any xml files that are not expected in ESRP release -Compress-Archive -Path "$packageFullPath\*" -DestinationPath $outputFilePath - -exit 0 \ No newline at end of file