feat: Add scripts to release gapic-generator-java as jar (#1111)

.github/release-please.yml

@@ -1,3 +1,4 @@
-releaseType: simple
+releaseType: java-yoshi
+bumpMinorPreMajor: true
 handleGHRelease: true
 primaryBranch: main

.kokoro/common.cfg

@@ -0,0 +1,13 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+# Download trampoline resources. These will be in ${KOKORO_GFILE_DIR}
+gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline"
+
+# All builds use the trampoline script to run in docker.
+build_file: "gapic-generator-java/.kokoro/trampoline.sh"
+
+# Tell the trampoline which build file to use.
+env_vars: {
+    key: "TRAMPOLINE_BUILD_FILE"
+    value: "github/gapic-generator-java/.kokoro/build.sh"
+}

.kokoro/populate-secrets.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+# Copyright 2020 Google LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eo pipefail
+
+function now { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n' ;}
+function msg { println "$*" >&2 ;}
+function println { printf '%s\n' "$(now) $*" ;}
+
+
+# Populates requested secrets set in SECRET_MANAGER_KEYS from service account:
+# kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com
+SECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager"
+msg "Creating folder on disk for secrets: ${SECRET_LOCATION}"
+mkdir -p ${SECRET_LOCATION}
+for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g")
+do
+  msg "Retrieving secret ${key}"
+  docker run --entrypoint=gcloud \
+    --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \
+    gcr.io/google.com/cloudsdktool/cloud-sdk \
+    secrets versions access latest \
+    --project cloud-devrel-kokoro-resources \
+    --secret ${key} > \
+    "${SECRET_LOCATION}/${key}"
+  if [[ $? == 0 ]]; then
+    msg "Secret written to ${SECRET_LOCATION}/${key}"
+  else
+    msg "Error retrieving secret ${key}"
+  fi
+done

.kokoro/release/common.cfg

@@ -0,0 +1,49 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+
+# Download trampoline resources.
+gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline"
+
+# Use the trampoline script to run in docker.
+build_file: "gapic-generator-java/.kokoro/trampoline.sh"
+
+# Configure the docker image for kokoro-trampoline.
+env_vars: {
+  key: "TRAMPOLINE_IMAGE"
+  value: "gcr.io/cloud-devrel-kokoro-resources/java8"
+}
+
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 70247
+      keyname: "maven-gpg-keyring"
+    }
+  }
+}
+
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 70247
+      keyname: "maven-gpg-passphrase"
+    }
+  }
+}
+
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 70247
+      keyname: "maven-gpg-pubkeyring"
+    }
+  }
+}
+
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 70247
+      keyname: "sonatype-credentials"
+    }
+  }
+}

.kokoro/release/common.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eo pipefail
+
+# Get secrets from keystore and set and environment variables
+setup_environment_secrets() {
+  export GPG_PASSPHRASE=$(cat ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-passphrase)
+  export GPG_TTY=$(tty)
+  export GPG_HOMEDIR=/gpg
+  mkdir $GPG_HOMEDIR
+  mv ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-pubkeyring $GPG_HOMEDIR/pubring.gpg
+  mv ${KOKORO_KEYSTORE_DIR}/70247_maven-gpg-keyring $GPG_HOMEDIR/secring.gpg
+  export GPG_KEY_ID=$(echo -n $(gpg --with-colons ${GPG_HOMEDIR}/pubring.gpg | awk -F':' '/pub/{ print $5 }'))
+  export SONATYPE_USERNAME=$(cat ${KOKORO_KEYSTORE_DIR}/70247_sonatype-credentials | cut -f1 -d'|')
+  export SONATYPE_PASSWORD=$(cat ${KOKORO_KEYSTORE_DIR}/70247_sonatype-credentials | cut -f2 -d'|')
+}
+
+create_settings_xml_file() {
+  echo "
+<settings>
+  <servers>
+    <server>
+      <id>ossrh</id>
+      <username>${SONATYPE_USERNAME}</username>
+      <password>${SONATYPE_PASSWORD}</password>
+    </server>
+    <server>
+      <id>sonatype-nexus-staging</id>
+      <username>${SONATYPE_USERNAME}</username>
+      <password>${SONATYPE_PASSWORD}</password>
+    </server>
+    <server>
+      <id>sonatype-nexus-snapshots</id>
+      <username>${SONATYPE_USERNAME}</username>
+      <password>${SONATYPE_PASSWORD}</password>
+    </server>
+  </servers>
+</settings>" > $1
+}

.kokoro/release/stage.cfg

@@ -0,0 +1,17 @@
+# Format: //devtools/kokoro/config/proto/build.proto
+env_vars: {
+  key: "TRAMPOLINE_BUILD_FILE"
+  value: "github/gapic-generator-java/.kokoro/release/stage.sh"
+}
+
+action {
+  define_artifacts {
+    regex: "github/gapic-generator-java/target/nexus-staging/staging/*.properties"
+    strip_prefix: "github/gapic-generator-java"
+  }
+}
+
+env_vars: {
+  key: "SECRET_MANAGER_KEYS"
+  value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googleapis-installation,releasetool-publish-reporter-pem"
+}

.kokoro/release/stage.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eo pipefail
+
+if [[ -n "${AUTORELEASE_PR}" ]]
+then
+  # Start the releasetool reporter
+  requirementsFile=$(realpath $(dirname "${BASH_SOURCE[0]}")/../requirements.txt)
+  python3 -m pip install --require-hashes -r $requirementsFile
+  python3 -m releasetool publish-reporter-script > /tmp/publisher-script; source /tmp/publisher-script
+fi
+
+source $(dirname "$0")/common.sh
+MAVEN_SETTINGS_FILE=$(realpath $(dirname "$0")/../../)/settings.xml
+pushd $(dirname "$0")/../../
+
+setup_environment_secrets
+create_settings_xml_file "settings.xml"
+
+mvn clean deploy -B \
+  -DskipTests=true \
+  -Dclirr.skip=true \
+  --settings ${MAVEN_SETTINGS_FILE} \
+  -Dgpg.executable=gpg \
+  -Dgpg.passphrase=${GPG_PASSPHRASE} \
+  -Dgpg.homedir=${GPG_HOMEDIR} \
+  -P release
+
+# The job triggered by Release Please (release-trigger) has this AUTORELEASE_PR
+# environment variable. Fusion also lets us to specify this variable.
+if [[ -n "${AUTORELEASE_PR}" ]]
+then
+  mvn nexus-staging:release -B \
+    -P release-staging-repository \
+    -DperformRelease=true \
+    --settings=${MAVEN_SETTINGS_FILE}
+else
+  echo "AUTORELEASE_PR is not set. Not releasing."
+fi

.kokoro/requirements.in

@@ -0,0 +1,34 @@
+gcp-docuploader==0.6.3
+google-crc32c==1.3.0
+googleapis-common-protos==1.56.3
+gcp-releasetool==1.9.1
+cryptography==38.0.3
+cachetools==4.2.4
+cffi==1.15.1
+jeepney==0.7.1
+jinja2==3.0.3
+markupsafe==2.0.1
+keyring==23.4.1
+packaging==21.3
+protobuf==3.19.5
+pyjwt==2.4.0
+pyparsing==3.0.9
+pycparser==2.21
+pyperclip==1.8.2
+python-dateutil==2.8.2
+requests==2.27.1
+certifi==2022.9.24
+importlib-metadata==4.8.3
+zipp==3.6.0
+google_api_core==2.8.2
+google-cloud-storage==2.0.0
+google-resumable-media==2.3.3
+google-cloud-core==2.3.1
+typing-extensions==4.1.1
+urllib3==1.26.12
+zipp==3.6.0
+rsa==4.9
+six==1.16.0
+attrs==22.1.0
+google-auth==2.14.1
+idna==3.4