chore: update mainline-1.x with new release process

.gitignore

@@ -5,4 +5,11 @@ target/
 .classpath
 /bin/
 .idea/
-*.iml
+*.iml
+
+##semantic-release
+package-lock.json
+package.json
+node_modules/
+pom.xml.versionsBackup
+

.releaserc

@@ -0,0 +1,64 @@
+## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+## SPDX-License-Identifier: Apache-2.0
+{
+    "branches": ["master", "mainline-1.x"],
+    "plugins": [
+          ["@semantic-release/commit-analyzer", {
+            "preset": "conventionalcommits",
+            "parserOpts": {
+                "noteKeywords": ["BREAKING CHANGE", "BREAKING CHANGES"]
+            },
+            "presetConfig": {
+                "types": [
+                    {"type": "feat", "section": "Features"},
+                    {"type": "fix", "section": "Fixes"},
+                    {"type": "chore", "section": "Maintenance"},
+                    {"type": "docs", "section": "Maintenance"},
+                    {"type": "revert", "section": "Fixes"},
+                    {"type": "style", "hidden": true},
+                    {"type": "refactor", "hidden": true},
+                    {"type": "perf", "hidden": true},
+                    {"type": "test", "hidden": true}
+                ]
+            },
+            "releaseRules": [
+                {"type": "docs", "release": "patch"},
+                {"type": "revert", "release": "patch"},
+                {"type": "chore", "release": "patch"}
+            ]
+          }],
+          ["@semantic-release/release-notes-generator", {
+            "preset": "conventionalcommits",
+            "parserOpts": {
+                "noteKeywords": ["BREAKING CHANGE", "BREAKING CHANGES"]
+            },
+            "presetConfig": {
+                "types": [
+                    {"type": "feat", "section": "Features"},
+                    {"type": "fix", "section": "Fixes"},
+                    {"type": "chore", "section": "Maintenance"},
+                    {"type": "docs", "section": "Maintenance"},
+                    {"type": "revert", "section": "Fixes"},
+                    {"type": "style", "hidden": true},
+                    {"type": "refactor", "hidden": true},
+                    {"type": "perf", "hidden": true},
+                    {"type": "test", "hidden": true}
+                ]
+            }
+          }],
+          ["@semantic-release/changelog", {
+            "changelogFile": "./CHANGELOG.md",
+            "changelogTitle": "# Changelog"
+          }],
+          ["@semantic-release/exec", {
+            "prepareCmd": "mvn versions:set -DnewVersion=${nextRelease.version} \
+                    -DautoVersionSubmodules=true && find README.md -type f \
+                    -exec sed -i '' 's/<version>.*<\\/version>/<version>${nextRelease.version}<\\/version>/g' {} \\;"
+          }],
+          ["@semantic-release/git", {
+            "assets": ["./CHANGELOG.md", "./pom.xml", "./README.md"],
+            "message": "AWS Encryption SDK ${nextRelease.version} Release \n\n${nextRelease.notes}"
+          }],
+    ],
+    "repositoryUrl": "https://github.com/aws/aws-encryption-sdk-java",
+}

codebuild/release/release-prod.yml

@@ -1,3 +1,6 @@
+## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+## SPDX-License-Identifier: Apache-2.0
+
 version: 0.2
 
 env:
@@ -13,15 +16,9 @@ phases:
       java: openjdk11
   pre_build:
     commands:
-      - git checkout $COMMIT_ID
-      - FOUND_VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')
-      - |
-        if expr ${FOUND_VERSION} != ${VERSION}; then
-          echo "pom.xml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping"
-          exit 1;
-        fi
+      - export VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')
       - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
-      - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
+      - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_pg.tgz
       - tar -xvf ~/mvn_gpg.tgz -C ~
   build:
     commands:
@@ -36,46 +33,6 @@ phases:
           -Dgpg.passphrase="$GPG_PASS" \
           -Dsonatype.username="$SONA_USERNAME" \
           -Dsonatype.password="$SONA_PASSWORD" \
+          --no-transfer-progress \
           -s $SETTINGS_FILE
-
-
-batch:
-  fast-fail: false
-  build-graph:
-    - identifier: release_to_prod
-    - identifier: validate_prod_release_openjdk8
-      depend-on:
-        - release_to_prod
-      buildspec: codebuild/release/validate-prod.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: openjdk8
-          JAVA_NUMERIC_VERSION: 8
-        image: aws/codebuild/standard:3.0
-    - identifier: validate_prod_release_openjdk11
-      depend-on:
-        - release_to_prod
-      buildspec: codebuild/release/validate-prod.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: openjdk11
-          JAVA_NUMERIC_VERSION: 11
-        image: aws/codebuild/standard:3.0
-    - identifier: validate_prod_release_corretto8
-      depend-on:
-        - release_to_prod
-      buildspec: codebuild/release/validate-prod.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: corretto8
-          JAVA_NUMERIC_VERSION: 8
-        image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
-    - identifier: validate_prod_release_corretto11
-      depend-on:
-        - release_to_prod
-      buildspec: codebuild/release/validate-prod.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: corretto11
-          JAVA_NUMERIC_VERSION: 11
-        image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
+      - ./look_4_version.sh $VERSION

codebuild/release/release-staging.yml

@@ -1,3 +1,6 @@
+## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+## SPDX-License-Identifier: Apache-2.0
+
 version: 0.2
 
 env:
@@ -14,23 +17,21 @@ env:
 phases:
   install:
     runtime-versions:
-      java: openjdk11
+      java: corretto11
   pre_build:
     commands:
-      - git checkout $COMMIT_ID
-      - FOUND_VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')
-      - |
-        if expr ${FOUND_VERSION} != ${VERSION}; then
-          echo "pom.xml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping"
-          exit 1;
-        fi
       - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
       - export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain $DOMAIN --domain-owner $ACCOUNT --query authorizationToken --output text --region ${REGION})
       - export CODEARTIFACT_REPO_URL=https://${DOMAIN}-${ACCOUNT}.d.codeartifact.${REGION}.amazonaws.com/maven/${REPOSITORY}
       - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
       - tar -xvf ~/mvn_gpg.tgz -C ~
   build:
     commands:
+      - VERSION_HASH="$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)-$CODEBUILD_RESOLVED_SOURCE_VERSION"
+#      See https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html
+      - echo "Setting version in POM to $VERSION_HASH"
+      - mvn versions:set -DnewVersion="$VERSION_HASH" --no-transfer-progress
+      - echo "Version is now $(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')"
       - |
         mvn deploy \
           -PpublishingCodeArtifact \
@@ -42,45 +43,5 @@ phases:
           -Dgpg.passphrase="$GPG_PASS" \
           -Dcodeartifact.token=$CODEARTIFACT_TOKEN \
           -DaltDeploymentRepository=codeartifact::default::$CODEARTIFACT_REPO_URL \
+          --no-transfer-progress \
           -s $SETTINGS_FILE
-
-batch:
-  fast-fail: false
-  build-graph:
-    - identifier: release_to_staging
-    - identifier: validate_staging_release_openjdk8
-      depend-on:
-        - release_to_staging
-      buildspec: codebuild/release/validate-staging.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: openjdk8
-          JAVA_NUMERIC_VERSION: 8
-        image: aws/codebuild/standard:3.0
-    - identifier: validate_staging_release_openjdk11
-      depend-on:
-        - release_to_staging
-      buildspec: codebuild/release/validate-staging.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: openjdk11
-          JAVA_NUMERIC_VERSION: 11
-        image: aws/codebuild/standard:3.0
-    - identifier: validate_staging_release_corretto8
-      depend-on:
-        - release_to_staging
-      buildspec: codebuild/release/validate-staging.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: corretto8
-          JAVA_NUMERIC_VERSION: 8
-        image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
-    - identifier: validate_staging_release_corretto11
-      depend-on:
-        - release_to_staging
-      buildspec: codebuild/release/validate-staging.yml
-      env:
-        variables:
-          JAVA_ENV_VERSION: corretto11
-          JAVA_NUMERIC_VERSION: 11
-        image: aws/codebuild/amazonlinux2-x86_64-standard:3.0

codebuild/release/release.yml

@@ -0,0 +1,125 @@
+## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+## SPDX-License-Identifier: Apache-2.0
+
+version: 0.2
+
+batch:
+  fast-fail: true
+  build-graph:
+
+# Release to CodeArtifact
+  - identifier: release_staging
+    buildspec: codebuild/release/release-staging.yml
+
+# Validate CodeArtifact with supported JDK and Corretto
+  - identifier: validate_staging_release_openjdk8
+    depend-on:
+      - release_staging
+    buildspec: codebuild/release/validate-staging.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: openjdk8
+        JAVA_NUMERIC_VERSION: 8
+      image: aws/codebuild/standard:3.0
+
+  - identifier: validate_staging_release_openjdk11
+    depend-on:
+      - release_staging
+    buildspec: codebuild/release/validate-staging.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: openjdk11
+        JAVA_NUMERIC_VERSION: 11
+      image: aws/codebuild/standard:3.0
+
+  - identifier: validate_staging_release_corretto8
+    depend-on:
+      - release_staging
+    buildspec: codebuild/release/validate-staging.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: corretto8
+        JAVA_NUMERIC_VERSION: 8
+      image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
+
+  - identifier: validate_staging_release_corretto11
+    depend-on:
+      - release_staging
+    buildspec: codebuild/release/validate-staging.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: corretto11
+        JAVA_NUMERIC_VERSION: 11
+      image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
+
+# Version Project
+  - identifier: version
+    depend-on:
+      - release_staging
+      - validate_staging_release_openjdk8
+      - validate_staging_release_openjdk11
+      - validate_staging_release_corretto8
+      - validate_staging_release_corretto11
+    buildspec: codebuild/release/version.yml
+    env:
+      image: aws/codebuild/standard:5.0
+
+# Publish to Maven Central
+  - identifier: publish
+    depend-on:
+      - version
+    buildspec: codebuild/release/release-prod.yml
+
+# Validate Maven Central with supported JDK and Corretto
+  - identifier: validate_prod_release_openjdk8
+    depend-on:
+      - publish
+    buildspec: codebuild/release/validate-prod.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: openjdk8
+        JAVA_NUMERIC_VERSION: 8
+      image: aws/codebuild/standard:3.0
+
+  - identifier: validate_prod_release_openjdk11
+    depend-on:
+      - publish
+    buildspec: codebuild/release/validate-prod.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: openjdk11
+        JAVA_NUMERIC_VERSION: 11
+      image: aws/codebuild/standard:3.0
+
+  - identifier: validate_prod_release_corretto8
+    depend-on:
+      - publish
+    buildspec: codebuild/release/validate-prod.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: corretto8
+        JAVA_NUMERIC_VERSION: 8
+      image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
+
+  - identifier: validate_prod_release_corretto11
+    depend-on:
+      - publish
+    buildspec: codebuild/release/validate-prod.yml
+    env:
+      variables:
+        JAVA_ENV_VERSION: corretto11
+        JAVA_NUMERIC_VERSION: 11
+      image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
+
+# Upload Artifacts
+  - identifier: upload_artifacts
+    depend-on:
+      - validate_prod_release_openjdk8
+      - validate_prod_release_openjdk11
+      - validate_prod_release_corretto8
+      - validate_prod_release_corretto11
+    buildspec: codebuild/release/upload_artifacts.yml
+    env:
+      # Changing to standard:5.0 because we are able to install gh cli on ubuntu but
+      # not on AmazonLinux
+      image: aws/codebuild/standard:5.0