From 7bc135aa1f38e5be6aae017ea92963509445c188 Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Fri, 15 May 2026 15:31:44 -0400 Subject: [PATCH 1/3] chore: Optimize GitHub Actions and release workflows --- .github/resources/settings.xml | 1 - .github/scripts/publish_artifacts.sh | 2 +- .github/scripts/publish_preflight_check.sh | 10 +--------- .github/workflows/ci.yml | 5 +++-- .github/workflows/nightly.yml | 5 +++-- .github/workflows/release.yml | 15 ++++++++++----- 6 files changed, 18 insertions(+), 20 deletions(-) diff --git a/.github/resources/settings.xml b/.github/resources/settings.xml index 53e482738..14a8a39f0 100644 --- a/.github/resources/settings.xml +++ b/.github/resources/settings.xml @@ -22,7 +22,6 @@ gpg ${env.GPG_KEY_ID} - ${env.GPG_PASSPHRASE} diff --git a/.github/scripts/publish_artifacts.sh b/.github/scripts/publish_artifacts.sh index 5da0f32a4..2c764e203 100755 --- a/.github/scripts/publish_artifacts.sh +++ b/.github/scripts/publish_artifacts.sh @@ -29,7 +29,7 @@ gpg --import --no-tty --batch --yes firebase.asc # 4. Publishes artifacts via Central Publisher Portal (deploy phase) mvn -B clean deploy \ -Dcheckstyle.skip \ - -DskipTests \ + -Dmaven.test.skip=true \ -Prelease \ --settings .github/resources/settings.xml diff --git a/.github/scripts/publish_preflight_check.sh b/.github/scripts/publish_preflight_check.sh index 7c23eba57..6ff0e15b4 100755 --- a/.github/scripts/publish_preflight_check.sh +++ b/.github/scripts/publish_preflight_check.sh @@ -57,7 +57,7 @@ echo_info "--------------------------------------------" echo_info "" echo_info "Loading version from: pom.xml" -readonly RELEASE_VERSION=`mvn help:evaluate -Dexpression=project.version -q -DforceStdout` || true +readonly RELEASE_VERSION=$(grep -m 1 '' pom.xml | sed -e 's/.*\(.*\)<\/version>.*/\1/' | tr -d '[:space:]') || true if [[ -z "${RELEASE_VERSION}" ]]; then echo_warn "Failed to extract release version from: pom.xml" terminate @@ -97,10 +97,6 @@ echo_info "Checking release tag" echo_info "--------------------------------------------" echo_info "" -echo_info "---< git fetch --depth=1 origin +refs/tags/*:refs/tags/* >---" -git fetch --depth=1 origin +refs/tags/*:refs/tags/* -echo "" - readonly EXISTING_TAG=`git rev-parse -q --verify "refs/tags/v${RELEASE_VERSION}"` || true if [[ -n "${EXISTING_TAG}" ]]; then echo_warn "Tag v${RELEASE_VERSION} already exists. Exiting." @@ -122,10 +118,6 @@ echo_info "Generating changelog" echo_info "--------------------------------------------" echo_info "" -echo_info "---< git fetch origin main --prune --unshallow >---" -git fetch origin main --prune --unshallow -echo "" - echo_info "Generating changelog from history..." readonly CURRENT_DIR=$(dirname "$0") readonly CHANGELOG=`${CURRENT_DIR}/generate_changelog.sh` diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4c3d6ac73..a1196d872 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,13 +24,14 @@ jobs: java-version: [8, 11, 17] steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + - uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 - name: Set up JDK - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 + uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} + cache: 'maven' # Does the following: # 1. Runs the Checkstyle plugin (validate phase) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 5026f2580..1bceee573 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -29,15 +29,16 @@ jobs: steps: - name: Checkout source for staging - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 with: ref: ${{ github.event.client_payload.ref || github.ref }} - name: Set up JDK 8 - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 + uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 with: distribution: 'zulu' java-version: 8 + cache: 'maven' - name: Compile, test and package run: ./.github/scripts/package_artifacts.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0be2d122c..7a59ae7b9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -46,13 +46,14 @@ jobs: steps: - name: Checkout source for staging - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 - name: Set up JDK 8 - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 + uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 with: distribution: 'zulu' java-version: 8 + cache: 'maven' - name: Compile, test and package run: ./.github/scripts/package_artifacts.sh @@ -86,13 +87,17 @@ jobs: steps: - name: Checkout source for publish - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 + uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 + with: + fetch-depth: 0 + fetch-tags: true - name: Set up JDK 8 - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 + uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 with: distribution: 'zulu' java-version: 8 + cache: 'maven' - name: Publish preflight check id: preflight @@ -112,7 +117,7 @@ jobs: - name: Publish to Maven Central run: ./.github/scripts/publish_artifacts.sh env: - GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} CENTRAL_USERNAME: ${{ secrets.CENTRAL_USERNAME }} From dc300e62ec6b0a6320f647c279608a39104f204e Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Fri, 15 May 2026 15:49:37 -0400 Subject: [PATCH 2/3] update actions commit hashes --- .github/workflows/ci.yml | 4 ++-- .github/workflows/nightly.yml | 4 ++-- .github/workflows/release.yml | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a1196d872..78066c1c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,10 +24,10 @@ jobs: java-version: [8, 11, 17] steps: - - uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up JDK - uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version: ${{ matrix.java-version }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 1bceee573..d1799478b 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -29,12 +29,12 @@ jobs: steps: - name: Checkout source for staging - uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ github.event.client_payload.ref || github.ref }} - name: Set up JDK 8 - uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version: 8 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7a59ae7b9..83be625e1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -46,10 +46,10 @@ jobs: steps: - name: Checkout source for staging - uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up JDK 8 - uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version: 8 @@ -87,13 +87,13 @@ jobs: steps: - name: Checkout source for publish - uses: actions/checkout@11bd519010775d10515a451893e8a7351609121c # v4.4.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 fetch-tags: true - name: Set up JDK 8 - uses: actions/setup-java@b36c23c03b3d6229505f96305a415a77c77f0a82 # v4.12.0 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: 'zulu' java-version: 8 From 5b432f379b051828a4b9ff129a0962c3b51db254 Mon Sep 17 00:00:00 2001 From: Lahiru Maramba Date: Fri, 15 May 2026 16:12:34 -0400 Subject: [PATCH 3/3] Optimize pom.xml version extraction in preflight check using robust Python XML parsing --- .github/scripts/publish_preflight_check.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/publish_preflight_check.sh b/.github/scripts/publish_preflight_check.sh index 6ff0e15b4..5069b5679 100755 --- a/.github/scripts/publish_preflight_check.sh +++ b/.github/scripts/publish_preflight_check.sh @@ -57,7 +57,7 @@ echo_info "--------------------------------------------" echo_info "" echo_info "Loading version from: pom.xml" -readonly RELEASE_VERSION=$(grep -m 1 '' pom.xml | sed -e 's/.*\(.*\)<\/version>.*/\1/' | tr -d '[:space:]') || true +readonly RELEASE_VERSION=$(python3 -c "import xml.etree.ElementTree as ET; ns = {'m': 'http://maven.apache.org/POM/4.0.0'}; print(ET.parse('pom.xml').getroot().find('m:version', ns).text)") || true if [[ -z "${RELEASE_VERSION}" ]]; then echo_warn "Failed to extract release version from: pom.xml" terminate