Bump org.springframework:spring-framework-bom from 7.0.0-M8 to 7.0.0-M9 #2912
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| - '1.2.x' | |
| paths-ignore: | |
| - '.github/**' | |
| schedule: | |
| - cron: '0 11 * * *' # Once per day at 11am UTC | |
| workflow_dispatch: | |
| inputs: | |
| run-trivy-scan: | |
| description: 'Run Trivy scan ?' | |
| default: true | |
| required: false | |
| type: boolean | |
| env: | |
| GCHAT_WEBHOOK_URL: ${{ secrets.SPRING_RELEASE_GCHAT_WEBHOOK_URL }} | |
| DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} | |
| COMMIT_OWNER: ${{ github.event.pusher.name }} | |
| COMMIT_SHA: ${{ github.sha }} | |
| ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
| ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
| GH_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} | |
| jobs: | |
| prerequisites: | |
| name: Pre-requisites for building | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'spring-projects/spring-pulsar' | |
| outputs: | |
| runjobs: ${{ steps.continue.outputs.runjobs }} | |
| project_version: ${{ steps.continue.outputs.project_version }} | |
| boot_version: ${{ steps.continue.outputs.boot_version }} | |
| should_deploy_artifacts: ${{ steps.should-deploy-artifacts.outputs.result }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - id: continue | |
| name: Determine if should continue | |
| run: | | |
| # Run jobs if in upstream repository | |
| echo "runjobs=true" >>$GITHUB_OUTPUT | |
| # Extract version from gradle.properties | |
| version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') | |
| echo "project_version=$version" >>$GITHUB_OUTPUT | |
| bootVersion=$(cat gradle/libs.versions.toml | grep "spring-boot = \"" | cut -d '"' -f2) | |
| echo "boot_version=$bootVersion" >>$GITHUB_OUTPUT | |
| - id: should-deploy-artifacts | |
| name: Check Deploy Artifacts using Secrets | |
| if: ${{ runner.os == 'Linux' }} | |
| run: | | |
| if [[ -z "$ARTIFACTORY_PASSWORD" ]] ; then | |
| echo "result=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "result=true" >> $GITHUB_OUTPUT | |
| fi | |
| build_jdk_17: | |
| name: Build (JDK 17) | |
| needs: [prerequisites] | |
| runs-on: ubuntu-latest | |
| if: needs.prerequisites.outputs.runjobs | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: spring-io/spring-gradle-build-action@v2 | |
| - name: Build and run unit tests | |
| run: | | |
| ./gradlew clean build -x integrationTest \ | |
| --continue --scan \ | |
| -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" | |
| - name: Run integration tests | |
| run: | | |
| ./gradlew integrationTest --rerun-tasks -DdownloadRabbitConnector=true --scan | |
| - name: Capture test results | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: test-results | |
| path: '*/build/reports/tests/**/*.*' | |
| retention-days: 3 | |
| check_samples: | |
| name: Check Sample Apps | |
| needs: [prerequisites] | |
| strategy: | |
| matrix: | |
| springBootVersion: [ "${{ needs.prerequisites.outputs.boot_version }}" ] | |
| runs-on: ubuntu-latest | |
| if: needs.prerequisites.outputs.runjobs | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: spring-io/spring-gradle-build-action@v2 | |
| - name: Run all sample app tests | |
| env: | |
| LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| BOOT_VERSION: ${{ matrix.springBootVersion }} | |
| ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} | |
| ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| ./gradlew publishMavenJavaPublicationToLocalRepository | |
| ./gradlew \ | |
| --init-script ./spring-pulsar-sample-apps/sample-apps-check-ci.gradle \ | |
| -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" \ | |
| -PspringPulsarVersion="$VERSION" \ | |
| -PspringBootVersion="$BOOT_VERSION" \ | |
| -PsampleTests \ | |
| :runAllSampleTests | |
| scan: | |
| needs: [prerequisites] | |
| if: ${{ needs.prerequisites.outputs.runjobs && !contains(inputs.run-trivy-scan, 'false') }} | |
| uses: ./.github/workflows/trivy-scan.yml | |
| deploy_artifacts: | |
| name: Deploy Artifacts | |
| needs: [prerequisites, build_jdk_17, check_samples, scan] | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.prerequisites.outputs.should_deploy_artifacts }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: spring-io/spring-gradle-build-action@v2 | |
| - id: branch-name | |
| name: Extract Branch Name | |
| env: | |
| BRANCH: ${{ github.ref_name }} | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| run: | | |
| branch=$BRANCH | |
| if [[ "$branch" = "main" ]] ; then | |
| branch="${VERSION%.*}.x" | |
| fi | |
| echo "branch=$branch" >> $GITHUB_OUTPUT | |
| - id: deploy-location | |
| name: Default the Deploy Location | |
| env: | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| run: | | |
| if [[ "$VERSION" =~ "-SNAPSHOT" ]] ; then | |
| deploy_location=artifactory | |
| else | |
| deploy_location=central | |
| fi | |
| echo "deploy_location=$deploy_location" >> $GITHUB_OUTPUT | |
| - name: Publish Artifacts to Artifactory | |
| if: ${{ steps.deploy-location.outputs.deploy_location == 'artifactory' }} | |
| env: | |
| ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} | |
| ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} | |
| ARTIFACTORY_BUILD_NAME: ${{ github.event.repository.name }}-${{ steps.branch-name.outputs.branch }} | |
| ARTIFACTORY_BUILD_NUMBER: ${{ github.run_id }} | |
| ARTIFACTORY_BUILD_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| ARTIFACTORY_USER_AGENT_NAME: GitHub Actions | |
| ARTIFACTORY_USER_AGENT_VERSION: Unknown | |
| ARTIFACTORY_VCS_REVISION: ${{ github.sha }} | |
| run: | | |
| ./gradlew artifactoryPublish \ | |
| --stacktrace \ | |
| -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" | |
| - name: Stage Local Artifacts for Publishing to Central | |
| if: ${{ steps.deploy-location.outputs.deploy_location == 'central' }} | |
| env: | |
| ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} | |
| ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| ./gradlew publishAllPublicationsToLocalRepository --stacktrace | |
| # rm checksums to work around https://github.com/spring-io/central-publish-action/issues/11 | |
| find -name "*.md5" | xargs rm -f | |
| find -name "*.sha*" | xargs rm -f | |
| - name: Publish Staged Artifacts to Central | |
| if: ${{ steps.deploy-location.outputs.deploy_location == 'central' }} | |
| uses: spring-io/central-publish-action@0cdd90d12e6876341e82860d951e1bcddc1e51b6 # v0.2.0 | |
| with: | |
| token-name: ${{ secrets.CENTRAL_TOKEN_USERNAME }} | |
| token: ${{ secrets.CENTRAL_TOKEN_PASSWORD }} | |
| dir: build/publications/repos | |
| - name: Still publish docs module to Artifactory when deploy location is Central | |
| if: ${{ steps.deploy-location.outputs.deploy_location == 'central' }} | |
| env: | |
| ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} | |
| ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} | |
| ARTIFACTORY_BUILD_NAME: ${{ github.event.repository.name }}-${{ steps.branch-name.outputs.branch }} | |
| ARTIFACTORY_BUILD_NUMBER: ${{ github.run_id }} | |
| ARTIFACTORY_BUILD_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| ARTIFACTORY_USER_AGENT_NAME: GitHub Actions | |
| ARTIFACTORY_USER_AGENT_VERSION: Unknown | |
| ARTIFACTORY_VCS_REVISION: ${{ github.sha }} | |
| run: | | |
| ./gradlew :spring-pulsar-docs:artifactoryPublish \ | |
| --stacktrace \ | |
| -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" | |
| deploy_docs_antora: | |
| name: Deploy Antora Docs | |
| needs: [build_jdk_17, check_samples, scan] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: spring-io/spring-gradle-build-action@v2 | |
| - name: Run Antora | |
| run: | | |
| ./gradlew antora | |
| - name: Publish Docs | |
| uses: spring-io/spring-doc-actions/[email protected] | |
| with: | |
| docs-username: ${{ secrets.DOCS_USERNAME }} | |
| docs-host: ${{ secrets.DOCS_HOST }} | |
| docs-ssh-key: ${{ secrets.DOCS_SSH_KEY }} | |
| docs-ssh-host-key: ${{ secrets.DOCS_SSH_HOST_KEY }} | |
| site-path: spring-pulsar-docs/build/site | |
| - name: Bust Clouflare Cache | |
| uses: spring-io/spring-doc-actions/[email protected] | |
| with: | |
| context-root: spring-pulsar | |
| cloudflare-zone-id: ${{ secrets.CLOUDFLARE_ZONE_ID }} | |
| cloudflare-cache-token: ${{ secrets.CLOUDFLARE_CACHE_TOKEN }} | |
| perform_release: | |
| name: Perform Release | |
| needs: [prerequisites, deploy_artifacts, deploy_docs_antora] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| timeout-minutes: 120 | |
| if: ${{ !endsWith(needs.prerequisites.outputs.project_version, '-SNAPSHOT') }} | |
| env: | |
| REPO: ${{ github.repository }} | |
| BRANCH: ${{ github.ref_name }} | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} | |
| MILESTONE_REPO: https://repo1.maven.org/maven2 | |
| RELEASE_REPO: https://repo1.maven.org/maven2 | |
| ARTIFACT_PATH: org/springframework/pulsar/spring-pulsar | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} | |
| - uses: spring-io/spring-gradle-build-action@v2 | |
| - name: Wait for Milestone Artifacts | |
| if: ${{ contains(needs.prerequisites.outputs.project_version, '-RC') || contains(needs.prerequisites.outputs.project_version, '-M') }} | |
| env: | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| run: | | |
| echo "Wait for artifacts of $REPO@$VERSION to appear on milestone repository ($MILESTONE_REPO)." | |
| until curl -f -s $MILESTONE_REPO/$ARTIFACT_PATH/$VERSION/ > /dev/null | |
| do | |
| sleep 30 | |
| echo "." | |
| done | |
| echo "Artifacts for $REPO@$VERSION have been released to milestone repository ($MILESTONE_REPO)." | |
| - name: Wait for Release Artifacts | |
| if: ${{ !contains(needs.prerequisites.outputs.project_version.version, '-RC') && !contains(needs.prerequisites.outputs.project_version, '-M') }} | |
| env: | |
| VERSION: ${{ needs.prerequisites.outputs.project_version }} | |
| run: | | |
| echo "Wait for artifacts of $REPO@$VERSION to appear on release repository ($RELEASE_REPO)." | |
| until curl -f -s $RELEASE_REPO/$ARTIFACT_PATH/$VERSION/ > /dev/null | |
| do | |
| sleep 30 | |
| echo "." | |
| done | |
| echo "Artifacts for $REPO@$VERSION have been released to release repository ($RELEASE_REPO)." | |
| - name: Setup git for release tagging | |
| run: | | |
| git config user.name 'github-actions[bot]' | |
| git config user.email 'github-actions[bot]@users.noreply.github.com' | |
| - name: Tag release | |
| run: | | |
| echo "Tagging $REPO@$VERSION release." | |
| git tag v$VERSION | |
| git push --tags origin | |
| - name: Changelog Config File | |
| run: | | |
| repositoryTeam=$(gh api repos/$GITHUB_REPOSITORY/collaborators --jq 'map(select(.role_name == "admin") | .login) | tostring') | |
| repositoryTeam=$(sed 's/"//g' <<< ${repositoryTeam:1:-1}) | |
| repositoryVisibility=$(gh repo view --json visibility --jq .[]) | |
| repositoryVisibility=$([[ $repositoryVisibility = 'PUBLIC' ]] && echo 'true' || echo 'false') | |
| echo "changelog.contributors.exclude.names=$repositoryTeam" > changelog.properties | |
| echo "changelog.issues.generate-links=$repositoryVisibility" >> changelog.properties | |
| - name: Generate Changelog | |
| uses: spring-io/[email protected] | |
| with: | |
| milestone: ${{ env.VERSION }} | |
| token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} | |
| config-file: changelog.properties | |
| - name: GitHub Release | |
| run: | | |
| RELEASE_URL=$(gh release create v${{ env.VERSION }} -F changelog.md ${{ (contains(env.VERSION, '-M') || contains(env.VERSION, '-RC')) && '--prerelease' || '' }}) | |
| echo "::notice title=Release Page::$RELEASE_URL" | |
| - name: Close Milestone | |
| run: | | |
| MILESTONE_ID=$(gh api repos/$GITHUB_REPOSITORY/milestones --jq '.[] | select(.title == "${{ env.VERSION }}") | .number') | |
| if [ $MILESTONE_ID ]; then | |
| gh api -X PATCH repos/$GITHUB_REPOSITORY/milestones/$MILESTONE_ID -f state='closed' --silent | |
| fi | |
| - name: Announce Release in Chat | |
| if: env.GCHAT_WEBHOOK_URL | |
| run: | | |
| curl -X POST '${{ env.GCHAT_WEBHOOK_URL }}' \ | |
| -H 'Content-Type: application/json' \ | |
| -d '{ text: "${{ github.event.repository.name }}-announcing `${{ env.VERSION }}`"}' | |
| - name: Update next snapshot version | |
| run: | | |
| echo "Updating $REPO@$VERSION to next snapshot version." | |
| ./gradlew :updateToSnapshotVersion | |
| git commit -am "[Release $VERSION] Next development version" | |
| git push |