diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 39f4168d..0f5fe729 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -47,11 +47,42 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} slug: openfga/java-sdk - publish-maven-central: + verify-version: if: startsWith(github.ref, 'refs/tags/v') needs: [test] runs-on: ubuntu-latest + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Verify versions match + run: | + TAG_VERSION="${GITHUB_REF#refs/tags/v}" + MANIFEST_VERSION=$(jq -r '.["."]' .release-please-manifest.json) + GRADLE_VERSION=$(grep 'x-release-please-version' build.gradle | grep -oP "'\K[^']+") + PUBLISH_VERSION=$(grep 'x-release-please-version' publish.gradle | grep -oP "'\K[^']+") + + echo "Tag: $TAG_VERSION | Manifest: $MANIFEST_VERSION | build.gradle: $GRADLE_VERSION | publish.gradle: $PUBLISH_VERSION" + + if [[ "$TAG_VERSION" != "$MANIFEST_VERSION" ]]; then + echo "ERROR: Tag version does not match manifest version" + exit 1 + fi + if [[ "$GRADLE_VERSION" != "$MANIFEST_VERSION" ]]; then + echo "ERROR: build.gradle version does not match manifest version" + exit 1 + fi + if [[ "$PUBLISH_VERSION" != "$MANIFEST_VERSION" ]]; then + echo "ERROR: publish.gradle version does not match manifest version" + exit 1 + fi + echo "All versions verified: $TAG_VERSION" + + publish-maven-central: + if: startsWith(github.ref, 'refs/tags/v') + needs: [verify-version] + runs-on: ubuntu-latest + permissions: contents: read packages: write @@ -85,7 +116,7 @@ jobs: publish-github-packages: if: startsWith(github.ref, 'refs/tags/v') - needs: [test] + needs: [verify-version] runs-on: ubuntu-latest permissions: @@ -118,22 +149,9 @@ jobs: ORG_GRADLE_PROJECT_SIGNINGKEY: ${{ secrets.GPG_PRIVATE_KEY }} ORG_GRADLE_PROJECT_SIGNINGPASSWORD: ${{ secrets.GPG_PASSPHRASE }} - create-release: + undraft-release: if: startsWith(github.ref, 'refs/tags/v') needs: [publish-maven-central, publish-github-packages] - runs-on: ubuntu-latest - permissions: contents: write - - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - uses: Roang-zero1/github-create-release-action@57eb9bdce7a964e48788b9e78b5ac766cb684803 # v3.0.1 - with: - version_regex: ^v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+ - prerelease_regex: ^v[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+-(alpha|beta|preview)\.[[:digit:]]+$ - changelog_file: CHANGELOG.md - draft: true - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: openfga/sdk-generator/.github/workflows/undraft-release.yml@main diff --git a/.github/workflows/pr-title-check.yml b/.github/workflows/pr-title-check.yml index 5926b3c7..e5061b04 100644 --- a/.github/workflows/pr-title-check.yml +++ b/.github/workflows/pr-title-check.yml @@ -7,15 +7,8 @@ on: - main jobs: - validate-pr-title: - name: Validate PR Title - runs-on: ubuntu-latest + pr-title-check: permissions: pull-requests: read - steps: - - name: PR Conventional Commit Validation - uses: ytanikin/pr-conventional-commits@639145d78959c53c43112365837e3abd21ed67c1 # v1.5.2 - with: - task_types: '["feat","fix","docs","test","refactor","ci","perf","chore","revert","release"]' - add_label: 'false' + uses: openfga/sdk-generator/.github/workflows/pr-title-check.yml@main diff --git a/release-please-config.json b/release-please-config.json index 4f2fa629..f616447b 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -2,6 +2,7 @@ "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json", "release-type": "simple", "pull-request-title-pattern": "release: v${version}", + "draft": true, "packages": { ".": { "package-name": "",