Setting up release workflows for keycloak-client project. (#31)

* Setting up release workflows for keycloak-client project.
Closes #23

Signed-off-by: Peter Skopek <pskopek@redhat.com>

.github/env/release-env

@@ -0,0 +1,2 @@
+mvn-releases-url=https://s01.oss.sonatype.org/service/local/repositories/releases/content/
+mvn-snapshots-url=https://s01.oss.sonatype.org/content/repositories/snapshots/

.github/mvn-rel-settings.xml

@@ -0,0 +1,38 @@
+
+<?xml version="1.0" encoding="UTF-8"?>
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+    <activeProfiles>
+        <activeProfile>keycloak-rel</activeProfile>
+    </activeProfiles>
+    <profiles>
+        <profile>
+            <id>keycloak-rel</id>
+            <repositories>
+                <repository>
+                    <id>${env.MAVEN_ID}</id>
+                    <url>${env.MAVEN_URL}</url>
+                    <snapshots>
+                        <enabled>true</enabled>
+                    </snapshots>
+                    <releases>
+                        <enabled>true</enabled>
+                    </releases>
+                </repository>
+            </repositories>
+        </profile>
+    </profiles>
+    <servers>
+        <server>
+            <id>${env.MAVEN_ID}</id>
+            <username>${env.MAVEN_USERNAME}</username>
+            <password>${env.MAVEN_PASSWORD}</password>
+        </server>
+        <server>
+            <id>gpg.passphrase</id>
+            <passphrase>${env.MAVEN_GPG_PASSPHRASE}</passphrase>
+        </server>
+    </servers>
+
+</settings>

.github/workflows/release-nightly.yml

@@ -0,0 +1,32 @@
+name: Keycloak Client Nightly Release
+
+on:
+  schedule:
+    - cron: '0 2 * * *'
+  workflow_dispatch:
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: 17
+          server-id: ossrh
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
+      - name: Deploy to Maven
+        env:
+          MAVEN_USERNAME: ${{ secrets.MVN_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.MVN_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+        run: |
+          mvn -nsu -B -Pgpg,jboss-release -DskipTests -DretryFailedDeploymentCount=10 -DautoReleaseAfterClose=true deploy

.github/workflows/release.yml

@@ -1,32 +1,66 @@
-name: Keycloak Client Nightly Release
+name: Release
 
 on:
-  schedule:
-    - cron: '0 2 * * *'
   workflow_dispatch:
+    inputs:
+      branch:
+        description: Release branch (needed for major and minor releases)
+        required: true
+      version:
+        description: Release version
+        required: true
+      deploy-skip:
+        description: Set to true to prevent maven deploy plugin to actually deploy the artifacts.
+        required: true
+        default: false
+
+concurrency: rel-${{ github.ref }}
+
+defaults:
+  run:
+    shell: bash
 
 jobs:
-  release:
+
+  show-inputs:
     runs-on: ubuntu-latest
     steps:
-      - name: Check out repository
+      - run: |
+          echo "Version: ${{ inputs.version }}  " >> $GITHUB_STEP_SUMMARY
+          echo "Release branch: ${{ inputs.branch }}  " >> $GITHUB_STEP_SUMMARY
+          echo "Workflow branch: ${{ github.ref_name }}  " >> $GITHUB_STEP_SUMMARY
+          echo "Deploy skip: ${{ inputs.deploy-skip }}  " >> $GITHUB_STEP_SUMMARY
+      - name: Checkout repository
         uses: actions/checkout@v4
-
-      - name: Setup Java
-        uses: actions/setup-java@v4
         with:
-          distribution: temurin
-          java-version: 17
-          server-id: ossrh
-          server-username: MAVEN_USERNAME
-          server-password: MAVEN_PASSWORD
-          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
-          gpg-passphrase: MAVEN_GPG_PASSPHRASE
-
-      - name: Deploy to Maven
-        env:
-          MAVEN_USERNAME: ${{ secrets.MVN_USERNAME }}
-          MAVEN_PASSWORD: ${{ secrets.MVN_TOKEN }}
-          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-        run: |
-          mvn -nsu -B -Pgpg,jboss-release -DskipTests -DretryFailedDeploymentCount=10 -DautoReleaseAfterClose=true deploy
+          ref: ${{ inputs.branch }}
+
+  env:
+    uses: ./.github/workflows/x-env.yml
+
+  create-tags:
+    name: Create tags
+    needs: [env]
+    uses: ./.github/workflows/x-create-tags.yml
+    with:
+      tag: ${{ github.event.inputs.version }}
+      branch: ${{ github.event.inputs.branch }}
+      set-versions: true
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  keycloak-client:
+    name: Keycloak Client
+    needs: [env, create-tags]
+    uses: ./.github/workflows/x-keycloak-client.yml
+    with:
+      mvn-url: ${{ needs.env.outputs.mvn-releases-url }}
+      tag: ${{ github.event.inputs.version }}
+      deploy-skip: ${{ needs.env.outputs.deploy-skip }}
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      MVN_USERNAME: ${{ secrets.MVN_USERNAME }}
+      MVN_TOKEN: ${{ secrets.MVN_TOKEN }}
+      GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+

.github/workflows/x-create-tags.yml

@@ -0,0 +1,51 @@
+
+name: X Create tags
+
+on:
+  workflow_call:
+    inputs:
+      tag:
+        required: true
+        type: string
+      branch:
+        required: false
+        type: string
+        default: main
+      set-versions:
+        required: false
+        type: boolean
+        default: false
+    secrets:
+      GH_TOKEN:
+        required: true
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  create-tags:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Create version commit
+        if: inputs.set-versions
+        run: |
+          ./set-version.sh ${{ inputs.tag }}
+          git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --global user.name "github-actions[bot]"
+          git commit -a -m "Set version to ${{ inputs.tag }}"
+
+      - name: Tag commit
+        run: git tag --force ${{ inputs.tag }}
+
+      - name: Push changes
+        run: git push --force origin refs/tags/${{ inputs.tag }}
+
+  show-tags:
+    name: Show Git tags
+    runs-on: ubuntu-latest
+    needs: [create-tags]
+    steps:
+      - run: |
+          echo "https://github.com/keycloak/keycloak-client/tree/${{ inputs.tag }}  " >> $GITHUB_STEP_SUMMARY

.github/workflows/x-env.yml

@@ -0,0 +1,29 @@
+name: X Environment setup
+
+on:
+  workflow_call:
+    outputs:
+      mvn-releases-url:
+        description: "Maven Releases URL"
+        value: ${{ jobs.env.outputs.mvn-releases-url }}
+      mvn-snapshots-url:
+        description: "Maven Snapshots URL"
+        value: ${{ jobs.env.outputs.mvn-snapshots-url }}
+      deploy-skip:
+        value: ${{ jobs.env.outputs.depoly-skip }}
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  env:
+    runs-on: ubuntu-latest
+    outputs:
+      mvn-releases-url: ${{ env.mvn-releases-url }}
+      mvn-snapshots-url: ${{ env.mvn-snapshots-url }}
+      deploy-skip: ${{ env.deploy-skip }}
+    steps:
+      - id: load-env
+        run: |
+          cat .github/env/release-env | sed -r '/^\s*$/d' >> $GITHUB_ENV

.github/workflows/x-keycloak-client.yml

@@ -0,0 +1,78 @@
+name: X Keycloak Client
+
+on:
+  workflow_call:
+    inputs:
+      mvn-url:
+        description: "Maven repository URL"
+        required: true
+        type: string
+      tag:
+        description: "Final tag for the release"
+        required: true
+        type: string
+      deploy-skip:
+        description: "To skip deploy to the maven repository set to 'true'"
+        required: false
+        type: string
+        default: false
+      path-final:
+        description: "Patch where the final tag will be checked out"
+        required: false
+        type: string
+        default: keycloak-client-final
+    secrets:
+      GH_TOKEN:
+        required: true
+      MVN_USERNAME:
+        required: true
+      MVN_TOKEN:
+        required: true
+      GPG_PASSPHRASE:
+        required: true
+      GPG_PRIVATE_KEY:
+        required: true
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Setup Java
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: 17
+          server-id: kc-rel-repository
+          server-username: MAVEN_USERNAME
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+        with:
+          path: ${{ inputs.path-final }}
+          ref: ${{ inputs.tag }}
+
+      - name: Deploy to Maven
+        env:
+          MAVEN_ID: kc-rel-repository
+          MAVEN_URL: ${{ inputs.mvn-url }}
+          MAVEN_USERNAME: ${{ secrets.MVN_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.MVN_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+        run: |
+          MVN_HTTP_CONFIG="-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=120"
+          cd ${{ inputs.path-final }}
+          mvn -s ./.github/mvn-rel-settings.xml -nsu -B -Pgpg,jboss-release,all -Djboss.releases.repo.id=$MAVEN_ID -Dmaven.deploy.skip=${{ inputs.deploy-skip }} -Djboss.releases.repo.url=${{ inputs.mvn-url }} -Djboss.snapshots.repo.id=$MAVEN_ID -Djboss.snapshots.repo.url=${{ inputs.mvn-url }} -DskipTests -DskipTestsuite -DretryFailedDeploymentCount=10 -DautoReleaseAfterClose=true $MVN_HTTP_CONFIG clean deploy | tee deploy.log
+
+      - name: Show Maven artifacts
+        run: |
+          cd ${{ inputs.path-final }}
+          cat deploy.log | grep "Uploaded to" | grep -o "https://[^ ]*" | grep -v '.xml$' | grep -v '.asc$' | grep -v '.pom$' | grep -v 'javadoc.jar$' | grep -v 'sources.jar$' | xargs -I {} echo "{}  " >> $GITHUB_STEP_SUMMARY

set-version.sh

@@ -0,0 +1,8 @@
+#!/bin/bash -e
+
+NEW_VERSION=$1
+
+# Maven
+mvn versions:set -DnewVersion=$NEW_VERSION -DgenerateBackupPoms=false -DgroupId=org.keycloak* -DartifactId=*
+
+echo "New Mvn Version: $NEW_VERSION" >&2

testsuite/admin-client-tests/pom.xml

@@ -21,4 +21,16 @@
         </dependency>
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip> <!-- prevent to deploy the artifact anytime -->
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
 </project>

testsuite/authz-tests/pom.xml

@@ -27,4 +27,16 @@
         </dependency>
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip> <!-- prevent to deploy the artifact anytime -->
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
 </project>

testsuite/framework/pom.xml

@@ -42,4 +42,16 @@
         </dependency>
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-deploy-plugin</artifactId>
+                <configuration>
+                    <skip>true</skip> <!-- prevent to deploy the artifact anytime -->
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
 </project>