-
Notifications
You must be signed in to change notification settings - Fork 122
/
Copy pathrelease-prod.yml
58 lines (55 loc) · 2.2 KB
/
release-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
## SPDX-License-Identifier: Apache-2.0
version: 0.2
env:
variables:
BRANCH: "master"
secrets-manager:
GPG_KEY: Maven-GPG-Keys-Release-Credentials:Keyname
GPG_PASS: Maven-GPG-Keys-Release-Credentials:Passphrase
SONA_USERNAME: Sonatype-Team-Account:Username
SONA_PASSWORD: Sonatype-Team-Account:Password
phases:
install:
runtime-versions:
java: corretto11
commands:
- git submodule update --init submodules/MaterialProviders
# Get Dafny
- curl https://github.com/dafny-lang/dafny/releases/download/v4.2.0/dafny-4.2.0-x64-ubuntu-20.04.zip -L -o dafny.zip
- unzip -qq dafny.zip && rm dafny.zip
- export PATH="$PWD/dafny:$PATH"
# Get Gradle 7.6
- curl https://services.gradle.org/distributions/gradle-7.6-all.zip -L -o gradle.zip
- unzip -qq gradle.zip && rm gradle.zip
- export PATH="$PWD/gradle-7.6/bin:$PATH"
pre_build:
commands:
- git checkout $BRANCH
- export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
- aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys-Release --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
- tar -xvf ~/mvn_gpg.tgz -C ~
# Build and deploy TestVectorsAwsCryptographicMaterialProviders to maven local
- cd submodules/MaterialProviders
- git checkout $BRANCH
- cd TestVectorsAwsCryptographicMaterialProviders/
# This works because `node` is installed by default on GHA runners
- CORES=$(node -e 'console.log(os.cpus().length)')
- make build_java CORES=$CORES
- ./runtimes/java/gradlew -p runtimes/java publishMavenLocalPublicationToMavenLocal
- cd $CODEBUILD_SRC_DIR
build:
commands:
- |
mvn deploy \
-Ppublishing \
-Pfast-tests-only \
-DperformRelease \
-Dgpg.homedir="$HOME/mvn_gpg" \
-DautoReleaseAfterClose=true \
-Dgpg.keyname="$GPG_KEY" \
-Dgpg.passphrase="$GPG_PASS" \
-Dsonatype.username="$SONA_USERNAME" \
-Dsonatype.password="$SONA_PASSWORD" \
--no-transfer-progress \
-s $SETTINGS_FILE