Skip to content

AutoRelease

AutoRelease #95

Workflow file for this run

on:
workflow_dispatch:
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+*'
name: AutoRelease
permissions: {}
jobs:
release_maven:
permissions:
contents: write
actions: write
id-token: write
name: Build and release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "24"
- name: Build
run: export VERSION="1.0.0-`date '+%Y%m%d%H%M%S'`"; ./gradlew -Pversion=$VERSION clean check tools:cli-application:shadowJar writeVersionToReadme
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: ncipollo/release-action@v1
with:
artifacts: "rmf-codegen.jar"
allowUpdates: true
name: "Latest"
tag: "latest"
- name: Commit and push api-reference to branch
uses: planetscale/ghcommit-action@v0.2.21
with:
file_pattern: "scripts/install.sh"
repo: ${{ github.repository }}
branch: ${{ github.ref_name }}
commit_message: "TASK: Updating version in README"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
release_tag:
permissions:
id-token: write
contents: read
name: Build and release to Maven
if: startsWith( github.ref, 'refs/tags/')
runs-on: ubuntu-latest
needs: [release_maven]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: Build
run: ./gradlew -Pversion=${{ github.ref_name }} clean check tools:cli-application:shadowJar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: ncipollo/release-action@v1
with:
artifacts: "rmf-codegen.jar"
allowUpdates: true
# Configure npm for OIDC authentication with trusted publishing
# This must be done after CI setup to ensure npm is properly configured
# setup-node@v4 with registry-url automatically configures OIDC when id-token: write is set
- name: Setup Node.js for npm publishing
uses: actions/setup-node@v4
with:
node-version: "24"
registry-url: "https://registry.npmjs.org"
- name: Build NPM package
run: |
cp rmf-codegen.jar node/rmf-codegen/bin
- name: Verify npm OIDC configuration
run: |
# Verify registry is set correctly
echo "Registry: $(npm config get registry)"
# Ensure no token-based auth is configured (OIDC should be used automatically)
npm config delete //registry.npmjs.org/:_authToken || true
# Verify npm can access the registry (this will use OIDC if configured)
echo "npm OIDC authentication configured via setup-node action"
- name: Publish npm package
working-directory: node/rmf-codegen
run: npm version minor && npm publish --no-git-tag-version
bump_version:
if: startsWith( github.ref, 'refs/tags/')
name: Bump NPM version
needs: [release_tag]
runs-on: ubuntu-latest
permissions:
contents: write
actions: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: main
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "18"
- name: Publish npm package
working-directory: node/rmf-codegen
run: yarn version --no-git-tag-version --minor
- name: Commit and push api-reference to branch
uses: planetscale/ghcommit-action@v0.2.21
with:
file_pattern: "node/rmf-codegen/package.json"
commit_message: "Bump codegen version"
repo: ${{ github.repository }}
branch: ${{ github.ref_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}