diff --git a/.asf-release/.gitkeep b/.asf-release/.gitkeep new file mode 100644 index 00000000..a926db80 --- /dev/null +++ b/.asf-release/.gitkeep @@ -0,0 +1,22 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# --- +# This directory is used as apart of the release process. +# Package tarballs will be generated in stored temporarily +# within this directory and should not be commited to repo. +# --- diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml new file mode 100644 index 00000000..b277477d --- /dev/null +++ b/.github/workflows/draft-release.yml @@ -0,0 +1,106 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: Draft Release + +on: + push: + tags: + - 'draft/**' + +permissions: + contents: read + id-token: write + +jobs: + upload-to-atr: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6 + with: + node-version: 24 + + - name: Setup environment variables + run: | + REPO_NAME="${GITHUB_REPOSITORY#*/}" + TAG_NAME="${GITHUB_REF#refs/tags/}" + TARGET_RELEASE_VERSION="${TAG_NAME#draft/}" + + echo "REPO_NAME=$REPO_NAME" >> $GITHUB_ENV + echo "TAG_NAME=$TAG_NAME" >> $GITHUB_ENV + echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION" >> $GITHUB_ENV + + echo "REPO_NAME=$REPO_NAME" + echo "TAG_NAME=$TAG_NAME" + echo "TARGET_RELEASE_VERSION=$TARGET_RELEASE_VERSION" + + - name: Verify Target Release Version + run: | + PACKAGE_VERSION=$(jq -r '.version' package.json) + if [ $PACKAGE_VERSION != "$TARGET_RELEASE_VERSION" ]; then + echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and package version ($PACKAGE_VERSION)" + exit 1 + fi + + if [ -f "plugin.xml" ]; then + PLUGIN_VERSION=$(yq -p=xml -o=json '.plugin.+@version' plugin.xml) + if [ $PLUGIN_VERSION != "$TARGET_RELEASE_VERSION" ]; then + echo "Mismatch version detected between tag version ($TARGET_RELEASE_VERSION) and plugin version ($PLUGIN_VERSION)" + exit 1 + fi + fi + + - name: Generate "tgz" npm convenience package + run: |- + npm install + NPM_PKG_NAME=$(npm pack) + mv ./.asf-release/$NPM_PKG_NAME ./.asf-release/${REPO_NAME}-npm-${TARGET_RELEASE_VERSION}.tgz + + - name: Generate "tar.gz" source archive + run: |- + git archive --format=tar.gz \ + --prefix=${REPO_NAME}-source-${TARGET_RELEASE_VERSION}/ \ + -o ./.asf-release/${REPO_NAME}-source-${TARGET_RELEASE_VERSION}.tar.gz \ + ${TAG_NAME} + + - name: Generate "zip" source archive + run: |- + git archive --format=zip \ + --prefix=${REPO_NAME}-source-${TARGET_RELEASE_VERSION}/ \ + -o ./.asf-release/${REPO_NAME}-source-${TARGET_RELEASE_VERSION}.zip \ + ${TAG_NAME} + + - name: Create Sign and Checksum + working-directory: .asf-release + run: |- + for f in *.tar.gz *.tgz *.zip; do + [ -e "$f" ] || continue + echo "$CORDOVA_GPG_SECRET_KEY" | gpg --batch --import --import-options import-show + gpg --armor --detach-sign "$f" + sha512sum "$f" > "${f}.sha512" + done + env: + CORDOVA_GPG_SECRET_KEY: ${{ secrets.CORDOVA_GPG_SECRET_KEY }} + + - name: Upload to Apache Trusted Release (ATR) + uses: apache/tooling-actions/upload-to-atr@b7e972c11790ee16eca101900af1b3c7fd1b106e + with: + project: ${{ env.REPO_NAME }} + version: ${{ env.TARGET_RELEASE_VERSION }} + src: .asf-release diff --git a/.gitignore b/.gitignore index aec87e52..74f6a372 100644 --- a/.gitignore +++ b/.gitignore @@ -70,3 +70,7 @@ coverage/ .project .settings .classpath + +# ASF release workspace +.asf-release/ +!.asf-release/.gitkeep diff --git a/.npmignore b/.npmignore index 1cd98fee..84766f50 100644 --- a/.npmignore +++ b/.npmignore @@ -21,3 +21,6 @@ test spec framework/build cordova-js-src + +# ASF release workspace +.asf-release/ diff --git a/.npmrc b/.npmrc index 7cff3238..6f982f74 100644 --- a/.npmrc +++ b/.npmrc @@ -16,3 +16,8 @@ # under the License. registry=https://registry.npmjs.org + +# ASF release settings +git-tag-version=false +preid=dev +pack-destination=./.asf-release