diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index ccf8cdf..878010f 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -2,6 +2,13 @@ name: release-please on: push: branches: [main] + workflow_dispatch: + inputs: + docker_version: + description: "Version to (re)build & push the Docker image for, e.g. 2.0.0 (no leading v). Runs only the docker job." + required: true + type: string + permissions: contents: write pull-requests: write @@ -22,33 +29,114 @@ jobs: config-file: release-please-config.json manifest-file: .release-please-manifest.json + # Resolves the current project version from gradle.properties for non-release + # pushes, so the snapshot jobs below know whether (and at which version) to run. + version: + needs: release-please + if: github.event_name == 'push' && needs.release-please.outputs.release_created != 'true' + runs-on: ubuntu-latest + outputs: + version: ${{ steps.read.outputs.version }} + is_snapshot: ${{ steps.read.outputs.is_snapshot }} + steps: + - name: Checkout + uses: actions/checkout@v6 + - name: Read version + id: read + shell: bash + run: | + VERSION="$(grep -E '^version=' gradle.properties | head -n1 | cut -d= -f2 | cut -d'#' -f1 | xargs)" + echo "version=$VERSION" >> "$GITHUB_OUTPUT" + # Mirror the snapshot routing in build.gradle.kts (SNAPSHOT/BETA/ALPHA). + case "$VERSION" in + *SNAPSHOT*|*BETA*|*ALPHA*) IS_SNAPSHOT=true ;; + *) IS_SNAPSHOT=false ;; + esac + echo "is_snapshot=$IS_SNAPSHOT" >> "$GITHUB_OUTPUT" + echo "Resolved version '$VERSION' (snapshot=$IS_SNAPSHOT)" + + # ---- Maven publish ---- publish: needs: release-please if: needs.release-please.outputs.release_created == 'true' - uses: OneLiteFeatherNET/workflows/.github/workflows/gradle-publish.yml@v2.2.0 + uses: OneLiteFeatherNET/workflows/.github/workflows/gradle-publish.yml@v2.3.0 with: java-version: "25.0.3" java-distribution: "temurin" secrets: inherit + publish-snapshot: + needs: [release-please, version] + if: needs.version.outputs.is_snapshot == 'true' + uses: OneLiteFeatherNET/workflows/.github/workflows/gradle-publish.yml@v2.3.0 + with: + java-version: "25.0.3" + java-distribution: "temurin" + secrets: inherit + + # ---- Release Docker image (Gradle produces the context, docker-publish builds it) ---- + build-context: + name: Build Docker context + needs: release-please + # On a real release, or on a manual dispatch to (re)publish a given version. + if: | + always() && + ((github.event_name == 'push' && needs.release-please.outputs.release_created == 'true') || + github.event_name == 'workflow_dispatch') + uses: OneLiteFeatherNET/workflows/.github/workflows/gradle-docker-context.yml@v2.3.0 + with: + version: ${{ github.event_name == 'workflow_dispatch' && inputs.docker_version || needs.release-please.outputs.version }} + gradle-command: "./gradlew jar optimizedBuildLayers optimizedDockerfile -Pversion=$VERSION" + context-path: "build/docker/optimized" + artifact-name: "docker-context-release" + secrets: inherit + docker: name: Build Docker Artifacts - needs: release-please + needs: [release-please, build-context] permissions: contents: read id-token: write # keyless cosign signing via GitHub OIDC - # Runs on a real release, or on a manual dispatch to (re)publish a given version. if: | - always() && + always() && needs.build-context.result == 'success' && ((github.event_name == 'push' && needs.release-please.outputs.release_created == 'true') || github.event_name == 'workflow_dispatch') - uses: OneLiteFeatherNET/workflows/.github/workflows/docker-publish.yml@v2.2.0 + uses: OneLiteFeatherNET/workflows/.github/workflows/docker-publish.yml@v2.3.0 with: image-name: "onelitefeather/vulpes-backend" version: ${{ github.event_name == 'workflow_dispatch' && inputs.docker_version || needs.release-please.outputs.version }} - setup-java: true - build-command: "./gradlew jar optimizedBuildLayers optimizedDockerfile -Pversion=$VERSION" - context: "./build/docker/optimized" + context: "build/docker/optimized" + artifact-name: "docker-context-release" + blob-chunk: "90000000" # ~90 MB, under the 100 MB Cloudflare cap + req-concurrent: "4" + secrets: inherit + + # ---- Snapshot Docker image (on every non-release push to main) ---- + build-context-snapshot: + name: Build Docker context (snapshot) + needs: [release-please, version] + if: needs.version.outputs.is_snapshot == 'true' + uses: OneLiteFeatherNET/workflows/.github/workflows/gradle-docker-context.yml@v2.3.0 + with: + version: ${{ needs.version.outputs.version }} + gradle-command: "./gradlew jar optimizedBuildLayers optimizedDockerfile -Pversion=$VERSION" + context-path: "build/docker/optimized" + artifact-name: "docker-context-snapshot" + secrets: inherit + + docker-snapshot: + name: Build Docker Artifacts (snapshot) + needs: [version, build-context-snapshot] + permissions: + contents: read + id-token: write # keyless cosign signing via GitHub OIDC + if: needs.version.outputs.is_snapshot == 'true' + uses: OneLiteFeatherNET/workflows/.github/workflows/docker-publish.yml@v2.3.0 + with: + image-name: "onelitefeather/vulpes-backend" + version: ${{ needs.version.outputs.version }} + context: "build/docker/optimized" + artifact-name: "docker-context-snapshot" blob-chunk: "90000000" # ~90 MB, under the 100 MB Cloudflare cap req-concurrent: "4" secrets: inherit