fix: fixed release process to use maven publish plugin directly (#739)

auth0 · May 28, 2024 · abd641c · abd641c
1 parent b8d4df2
commit abd641c
Show file tree

Hide file tree

Showing 11 changed files with 244 additions and 78 deletions.
diff --git a/.github/actions/maven-publish/action.yml b/.github/actions/maven-publish/action.yml
@@ -1,20 +1,19 @@
 name: Publish release to Java
 
 inputs:
+  java-version:
+    required: true
+
+secrets:
   ossr-username:
     required: true
-  ossr-password:
+  ossr-token:
     required: true
   signing-key:
     required: true
   signing-password:
     required: true
-  java-version:
-    required: true
-  is-android:
-    required: true
-  version:
-    required: true
+
 
 runs:
   using: composite
@@ -33,12 +32,11 @@ runs:
 
     - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # pin@1.1.0
 
-    - name: Publish Java
-      shell: bash
-      if: inputs.is-android == 'false'
-      run: ./gradlew clean assemble sign publishMavenJavaPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
+    - name: Publish Android/Java Packages to Maven
+      run: ./gradlew publish -PisSnapshot=false
+      env:
+        MAVEN_USERNAME: ${{ secrets.ossr-username }}
+        MAVEN_PASSWORD: ${{ secrets.ossr-token }}
+        SIGNING_KEY: ${{ secrets.signing-key}}
+        SIGNING_PASSWORD: ${{ secrets.signing-password}}
 
-    - name: Publish Android
-      shell: bash
-      if: inputs.is-android == 'true'
-      run: ./gradlew clean assemble publishAndroidLibraryPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml
@@ -6,13 +6,11 @@ on:
       java-version:
         required: true
         type: string
-      is-android:
-        required: true
-        type: string
+
     secrets:
       ossr-username:
         required: true
-      ossr-password:
+      ossr-token:
         required: true
       signing-key:
         required: true
@@ -67,15 +65,13 @@ jobs:
         run: exit 1
 
       # Publish the release to Maven
+      - name: Publish package to Maven
       - uses: ./.github/actions/maven-publish
-        with:
-          java-version: ${{ inputs.java-version }}
-          is-android: ${{ inputs.is-android }}
-          version: ${{ steps.get_version.outputs.version }}
+        secrets:
           ossr-username: ${{ secrets.ossr-username }}
-          ossr-password: ${{ secrets.ossr-password }}
-          signing-key: ${{ secrets.signing-key }}
-          signing-password: ${{ secrets.signing-password }}
+          ossr-token: ${{ secrets.ossr-token }}
+          signing-key:    ${{ secrets.signing-key}}
+          signing-password: ${{ secrets.signing-password}}
 
       # Create a release for the tag
       - uses: ./.github/actions/release-create

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -18,10 +18,9 @@ jobs:
     uses: ./.github/workflows/java-release.yml
     with:
       java-version: 8.0.402-zulu
-      is-android: true
     secrets:
       ossr-username: ${{ secrets.OSSR_USERNAME }}
-      ossr-password: ${{ secrets.OSSR_PASSWORD }}
+      ossr-token: ${{ secrets.OSSR_TOKEN }}
       signing-key: ${{ secrets.SIGNING_KEY }}
       signing-password: ${{ secrets.SIGNING_PASSWORD }}
       github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.snyk b/.snyk
@@ -0,0 +1,15 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-JAVA-COMFASTERXMLWOODSTOX-3091135:
+    - '*':
+        reason: Latest version of dokka has this vulnerability
+        expires: 2024-06-27T07:00:56.333Z
+        created: 2024-05-28T07:00:56.334Z
+  SNYK-JAVA-ORGJETBRAINSKOTLIN-2393744:
+    - '*':
+        reason: Latest version of dokka has this vulnerability
+        expires: 2024-06-27T07:01:24.820Z
+        created: 2024-05-28T07:01:24.825Z
+patch: {}
diff --git a/auth0/build.gradle b/auth0/build.gradle
@@ -23,38 +23,15 @@
  */
 
 plugins {
+    id 'com.android.library'
     id 'kotlin-android'
-    id "com.auth0.gradle.oss-library.android" version "0.18.0"
-    id "org.jetbrains.dokka" version "1.4.20"
 }
 
-logger.lifecycle("Using version ${version} for ${name}")
-
-def signingKey = findProperty('signingKey')
-def signingKeyPwd = findProperty('signingPassword')
-
-oss {
-    name 'Auth0.Android'
-    repository 'Auth0.Android'
-    organization 'auth0'
-    description 'Android toolkit for Auth0 API'
-    skipAssertSigningConfiguration true
+apply from: rootProject.file('gradle/versioning.gradle')
 
-    developers {
-        auth0 {
-            displayName = 'Auth0'
-            email = 'oss@auth0.com'
-        }
-        lbalmaceda {
-            displayName = 'Luciano Balmaceda'
-            email = 'luciano.balmaceda@auth0.com'
-        }
-    }
-}
+version = getVersionFromFile()
 
-signing {
-    useInMemoryPgpKeys(signingKey, signingKeyPwd)
-}
+logger.lifecycle("Using version ${version} for ${name}")
 
 android {
     compileSdkVersion 31
@@ -101,12 +78,6 @@ ext {
     coroutinesVersion = '1.6.2'
 }
 
-// Configure javadoc jar to use dokka output
-// TODO update oss-plugin to use dokka instead of doing it here
-javadocJar {
-    dependsOn "dokkaJavadoc"
-    from "$buildDir/dokka/javadoc"
-}
 
 dependencies {
     implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk8:$kotlin_version"
@@ -134,4 +105,7 @@ dependencies {
     testImplementation 'org.robolectric:robolectric:4.6.1'
     testImplementation 'androidx.test.espresso:espresso-intents:3.5.1'
     testImplementation "org.jetbrains.kotlinx:kotlinx-coroutines-test:$coroutinesVersion"
-}
+}
+
+apply from: rootProject.file('gradle/jacoco.gradle')
+apply from: rootProject.file('gradle/maven-publish.gradle')
diff --git a/build.gradle b/build.gradle
@@ -15,9 +15,18 @@ buildscript {
     dependencies {
         classpath 'com.android.tools.build:gradle:4.2.2'
         classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
+        classpath "org.jacoco:org.jacoco.core:0.8.5"
     }
 }
 
+plugins {
+    id 'org.jetbrains.dokka' version '1.9.20'
+}
+
+subprojects {
+    apply plugin: 'org.jetbrains.dokka'
+}
+
 allprojects {
     group = 'com.auth0.android'
 

diff --git a/gradle.properties b/gradle.properties
@@ -1,19 +1,25 @@
-# Project-wide Gradle settings.
-# IDE (e.g. Android Studio) users:
-# Gradle settings configured through the IDE *will override*
-# any settings specified in this file.
-# For more details on how to configure your build environment visit
-# http://www.gradle.org/docs/current/userguide/build_environment.html
-# Specifies the JVM arguments used for the daemon process.
-# The setting is particularly useful for tweaking memory settings.
+GROUP=com.auth0.android
+POM_ARTIFACT_ID=auth0
+
+POM_NAME=Auth0.Android
+POM_DESCRIPTION=Android toolkit for Auth0 API
+POM_PACKAGING=aar
+
+POM_URL=https://github.com/auth0/Auth0.Android
+POM_SCM_URL=https://github.com/auth0/Auth0.Android
+POM_SCM_CONNECTION=scm:git@github.com:auth0/Auth0.Android.git
+POM_SCM_DEV_CONNECTION=scm:git@github.com:auth0/Auth0.Android.git
+
+POM_LICENCE_NAME=The MIT License (MIT)
+POM_LICENCE_URL=https://raw.githubusercontent.com/auth0/Auth0.Android/master/LICENSE
+POM_LICENCE_DIST=repo
+
+POM_DEVELOPER_ID=auth0
+POM_DEVELOPER_NAME=Auth0
+POM_DEVELOPER_EMAIL=oss@auth0.com
+
+
 org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
-# When configured, Gradle will run in incubating parallel mode.
-# This option should only be used with decoupled projects. More details, visit
-# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
-# org.gradle.parallel=true
-# AndroidX package structure to make it clearer which packages are bundled with the
-# Android operating system, and which are packaged with your app"s APK
-# https://developer.android.com/topic/libraries/support-library/androidx-rn
 android.useAndroidX=true
 # Automatically convert third-party libraries to use AndroidX
 android.enableJetifier=false

diff --git a/gradle/jacoco.gradle b/gradle/jacoco.gradle
@@ -0,0 +1,55 @@
+apply plugin: 'jacoco'
+
+jacoco {
+    toolVersion = "0.8.5"
+}
+
+android {
+    testOptions {
+        unitTests.all {
+            jacoco {
+                includeNoLocationClasses = true
+                jacoco.excludes = ['jdk.internal.*']
+            }
+        }
+    }
+}
+
+afterEvaluate {
+    def jacocoTestReportTask = tasks.findByName("jacocoTestReport")
+    if (!jacocoTestReportTask) {
+        jacocoTestReportTask = tasks.create("jacocoTestReport")
+        jacocoTestReportTask.group = "Reporting"
+        jacocoTestReportTask.description = "Generate Jacoco coverage reports for all builds."
+    }
+
+    android.libraryVariants.all { variant ->
+        def name = variant.name
+        def testTaskName = "test${name.capitalize()}UnitTest"
+
+        def reportTask = tasks.create(name: "jacocoTest${name.capitalize()}UnitTestReport", type: JacocoReport, dependsOn: testTaskName) {
+            group = "Reporting"
+            description = "Generate Jacoco coverage reports for the ${name.capitalize()} build."
+
+            classDirectories.from = fileTree(
+                    dir: "${buildDir}/intermediates/javac/${name}",
+                    excludes: ['**/R.class',
+                               '**/R$*.class',
+                               '**/*$ViewInjector*.*',
+                               '**/*$ViewBinder*.*',
+                               '**/BuildConfig.*',
+                               '**/Manifest*.*']
+            )
+
+            sourceDirectories.from = ['src/main/java'].plus(android.sourceSets[name].java.srcDirs)
+            executionData.from = "${buildDir}/jacoco/${testTaskName}.exec"
+
+            reports {
+                xml.enabled = true
+                html.enabled = true
+            }
+        }
+        jacocoTestReportTask.dependsOn reportTask
+    }
+}
+
diff --git a/gradle/maven-publish.gradle b/gradle/maven-publish.gradle
@@ -0,0 +1,97 @@
+apply plugin: 'maven-publish'
+apply plugin: 'signing'
+
+
+apply from: rootProject.file('gradle/versioning.gradle')
+
+task javadocJar(type: Jar, dependsOn: dokkaHtml) {
+    archiveClassifier = "javadoc"
+    from dokkaHtml.outputDirectory
+}
+
+task sourcesJar(type: Jar) {
+    archiveClassifier = 'sources'
+    from android.sourceSets.main.java.source
+}
+
+final releaseRepositoryUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2/"
+final snapshotRepositoryUrl = "https://oss.sonatype.org/content/repositories/snapshots/"
+
+publishing {
+    publications {
+        release(MavenPublication) {
+            groupId = GROUP
+            artifactId = POM_ARTIFACT_ID
+            version = getVersionName()
+
+            artifact("$buildDir/outputs/aar/${project.getName()}-release.aar")
+            artifact sourcesJar
+            artifact javadocJar
+
+            pom {
+                name = POM_NAME
+                packaging = POM_PACKAGING
+                description = POM_DESCRIPTION
+                url = POM_URL
+
+                licenses {
+                    license {
+                        name = POM_LICENCE_NAME
+                        url = POM_LICENCE_URL
+                        distribution = POM_LICENCE_DIST
+                    }
+                }
+
+                developers {
+                    developer {
+                        id = POM_DEVELOPER_ID
+                        name = POM_DEVELOPER_NAME
+                        email = POM_DEVELOPER_EMAIL
+                    }
+                }
+
+                scm {
+                    url = POM_SCM_URL
+                    connection = POM_SCM_CONNECTION
+                    developerConnection = POM_SCM_DEV_CONNECTION
+                }
+
+                withXml {
+                    def dependenciesNode = asNode().appendNode('dependencies')
+
+                    project.configurations.implementation.allDependencies.each {
+                        def dependencyNode = dependenciesNode.appendNode('dependency')
+                        dependencyNode.appendNode('groupId', it.group)
+                        dependencyNode.appendNode('artifactId', it.name)
+                        dependencyNode.appendNode('version', it.version)
+                    }
+                }
+            }
+        }
+    }
+    repositories {
+        maven {
+            name = "sonatype"
+            url = version.endsWith('SNAPSHOT') ? snapshotRepositoryUrl : releaseRepositoryUrl
+            credentials {
+                username = System.getenv("MAVEN_USERNAME")
+                password = System.getenv("MAVEN_PASSWORD")
+            }
+        }
+    }
+}
+
+
+signing {
+    def signingKey = System.getenv("SIGNING_KEY")
+    def signingPassword = System.getenv("SIGNING_PASSWORD")
+    useInMemoryPgpKeys(signingKey, signingPassword)
+    sign publishing.publications
+}
+
+
+publish.dependsOn build
+tasks.named('signReleasePublication').configure {
+    dependsOn 'bundleReleaseAar'
+}
+