Skip to content

Setup release from GitHub#810

Merged
jodastephen merged 1 commit intomainfrom
update-build
Mar 29, 2025
Merged

Setup release from GitHub#810
jodastephen merged 1 commit intomainfrom
update-build

Conversation

@jodastephen
Copy link
Copy Markdown
Member

@jodastephen jodastephen commented Mar 28, 2025
edited by coderabbitai Bot
Loading

  • Release from GitHub Actions

Summary by CodeRabbit

  • New Features

    • Introduced an automated release process triggered by version tags and manual initiation, streamlining deployments.

  • Documentation

    • Enhanced release guidelines with added instructions for local releases.

  • Chores

    • Updated various authentication methods to improve security.
    • Refined project metadata and updated key build dependencies.
    • Expanded ignore rules for system-specific files.

@jodastephen
Setup release from GitHub
56bf2a3 
* Release from GitHub Actions
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Mar 28, 2025
edited
Loading

📝 Walkthrough

Walkthrough

This pull request updates several configuration and workflow files. The Maven settings now use environment variables for server authentication, and the GitHub server entry has been modified to use a private key. Multiple GitHub Actions workflows have been updated by replacing authentication tokens and removing some tag-triggered steps. A new release workflow has been added to automate the release process. Additionally, the project’s metadata in the POM has been expanded with new elements and plugin updates, and the .gitignore has been modified to ignore all .DS_Store files. Instructions in the README have been enhanced with release process details.

Changes

File(s) Change summary
.github/maven-settings.xml Added a new <server> entry for sonatype-joda-staging using environment variables; modified the github server by removing <username> and adding <privateKey>.
.github/workflows/build.yml Removed the tag trigger for pushes (v*), updated the checkout token to ${{ secrets.PERSONAL_GITHUB_TOKEN }}, and removed the website update step conditional on tag events.
.github/workflows/release.yml Introduced a new release workflow triggered on release tags (and via manual dispatch) that includes checkout, Git setup, JDK installation, Maven release execution, website tagging, and a cleanup step to delete release tags.
.github/workflows/{tzdbupdate.yml, website.yml} Updated the token used in authentication steps from ${{ secrets.PERSONAL_TOKEN_GH }} to ${{ secrets.PERSONAL_GITHUB_TOKEN }} in checkout and pull request creation steps.
.gitignore Updated the .DS_Store ignore rule from /.DS_Store to *.DS_Store to ignore such files in all repository directories.
README.md Added instructions detailing the release process including pushing a release tag, clarifications on build and release steps, and a new “Release from local” section with additional deployment instructions.
pom.xml Added project metadata elements (<inceptionYear>, <licenses>, <organization>, <scm>); introduced a new Maven release plugin and dependency on the GitHub API; updated versions of several Maven plugins; modified staging and signing configurations.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant GitHubActions as GitHub Actions
    participant Checkout
    participant GitSetup as Setup Git
    participant JDKSetup as Setup JDK & Maven
    participant MavenRelease as Maven Release
    participant WebsiteTag as Website Tagging
    participant Cleanup

    User->>GitHubActions: Push release tag (matching "release*")
    GitHubActions->>Checkout: Checkout repository code
    GitHubActions->>GitSetup: Configure Git settings
    GitHubActions->>JDKSetup: Install JDK and set up Maven
    GitHubActions->>MavenRelease: Execute Maven clean and deploy commands using secrets
    GitHubActions->>WebsiteTag: Tag release and push website tag
    GitHubActions->>Cleanup: Delete local and remote release tag
Loading

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai plan to trigger planning for file edits and PR creation.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai Bot reviewed Mar 28, 2025
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
.github/workflows/release.yml (1)

19-25: Checkout Action Versioning

The checkout step references a specific commit SHA for actions/checkout. For better clarity and maintainability, consider switching to an official version tag (e.g. v4) unless the SHA is explicitly required.

- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  #v4.2.2
+ uses: actions/checkout@v4
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9a5d753 and 56bf2a3.

📒 Files selected for processing (8)
  • .github/maven-settings.xml (1 hunks)
  • .github/workflows/build.yml (1 hunks)
  • .github/workflows/release.yml (1 hunks)
  • .github/workflows/tzdbupdate.yml (2 hunks)
  • .github/workflows/website.yml (2 hunks)
  • .gitignore (1 hunks)
  • README.md (1 hunks)
  • pom.xml (10 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: Fuzzing
  • GitHub Check: build
🔇 Additional comments (18)
.gitignore (1)

20-20: DS_Store Ignore Pattern Update
The ignore rule for DS_Store files has been updated from /.DS_Store to *.DS_Store. This change ensures that all DS_Store files are excluded irrespective of their location within the project, thereby maintaining a cleaner repository structure.

.github/workflows/website.yml (2)

22-22: Token Update in Checkout Step
The token in the Checkout step is now set to ${{ secrets.PERSONAL_GITHUB_TOKEN }}, which standardises authentication and improves security consistency across workflows.

50-50: Token Update in Checkout Website Step
The Checkout website step has also been updated to use ${{ secrets.PERSONAL_GITHUB_TOKEN }}. This adjustment aligns the authentication method with the rest of the workflow and reinforces secure practices.

.github/workflows/build.yml (1)

27-29: Authentication Token Standardisation
The Checkout step now utilises ${{ secrets.PERSONAL_GITHUB_TOKEN }} in place of the previous token. This change ensures consistency across workflows and enhances overall security.

README.md (1)

124-134: Enhanced Release Process Instructions
The README has been updated with detailed release instructions, including the command to push release tags and a new "Release from local" section. This provides clearer guidance for both automated and local release processes. Please ensure that these instructions are kept in line with the current tooling and deployment workflows.

.github/workflows/tzdbupdate.yml (2)

24-25: Token Update in TZDB Checkout
In the Checkout step, the token has been updated to ${{ secrets.PERSONAL_GITHUB_TOKEN }}, ensuring a consistent authentication approach with the other workflow files.

96-98: Token Update in Create Pull Request Step
The Create Pull Request step now uses ${{ secrets.PERSONAL_GITHUB_TOKEN }} to match the updated security practices. This change helps maintain a uniform authentication method across all parts of the workflow.

.github/maven-settings.xml (2)

6-10: Use Environment Variables for Sonatype Staging Credentials

The new server entry correctly utilises environment variables for safeguarding the OSSRH credentials. Please ensure that the CI/CD environment is configured with OSSRH_USERNAME and OSSRH_TOKEN as expected.

11-14: Update GitHub Server Authentication

Replacing the <username> element with <privateKey> to obtain the GitHub token from an environment variable enhances security. Confirm that your deployment infrastructure supports authentication via private key in this context.

.github/workflows/release.yml (3)

1-8: Configure Workflow Triggers for Release Automation

The workflow is appropriately set to trigger on tag pushes matching release* as well as via manual workflow_dispatch. This dual trigger mechanism offers both automated and manual control of the release process.

47-56: Maven Release Step Configuration

The Maven release step sets up essential environment variables (for OSSRH and GPG signing) and executes the command with the -Doss.repo flag. Verify that this flag activates the appropriate Maven profile for releasing artifacts.

62-66: Robust Tag Cleanup in Release Workflow

The final step that conditionally deletes the release tag from both the local and remote repositories ensures that the repository remains clean after release operations. This defensive measure is well implemented.

pom.xml (6)

16-27: Enhance Project Metadata

Adding <inceptionYear>, <licenses>, and <organization> elements significantly enriches the project’s metadata. These enhancements improve transparency and conform to Maven best practices in documenting project information.

32-37: Add SCM Configuration

The introduction of the <scm> section with detailed repository connection information aids users and contributors in locating the source code and understanding how the project is version-controlled.

612-629: Configure Maven Release Plugin for GitHub Releases

The new release plugin configuration is well-integrated. It leverages options such as -Doss.repo, autoVersionSubmodules, and a custom tagNameFormat to align tagging with the project’s version. Additionally, adding the dependency on github-api ensures smooth interaction with GitHub.

941-945: Disable Auto-Release in Nexus Staging

Setting <autoReleaseAfterClose>false</autoReleaseAfterClose> provides better control over the release process by requiring a manual sign-off before finalising the repository. This cautious approach is beneficial in production-grade deployments.

981-995: Consistent GPG Signing Configuration

The maven-gpg-plugin configurations for artifact signing (both for normal and distribution artifacts) consistently use signer set to "bc". Confirm that "bc" is the desired signing mechanism across your release pipeline.

1077-1104: Update Maven Plugin Versions

Updating several plugin versions (e.g. maven-clean-plugin, maven-deploy-plugin, maven-dependency-plugin, etc.) ensures compatibility with newer build requirements and improved security. This consistency in version management supports a more robust build process.

@jodastephen jodastephen merged commit 74d44e2 into main Mar 29, 2025
6 checks passed
@jodastephen jodastephen deleted the update-build branch March 29, 2025 11:47
@bf2robot bf2robot mentioned this pull request Mar 7, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

Task

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jodastephen