mobile_release #57

Workflow file for this run

.github/workflows/mobile_release.yml at c7bd38e

	name: mobile_release

	on:
	workflow_dispatch:
	schedule:
	# Mondays at 1pm UTC (8am EST)
	- cron: "0 13 * * 1"

	jobs:
	android_release_artifacts:
	if: \|
	${{
	github.repository == 'envoyproxy/envoy'
	&& (github.event.schedule
	\|\| !contains(github.actor, '[bot]'))
	}}
	name: android_release_artifacts
	runs-on: ubuntu-20.04
	timeout-minutes: 120
	container:
	image: envoyproxy/envoy-build-ubuntu:mobile-41c5a05d708972d703661b702a63ef5060125c33
	env:
	CC: /opt/llvm/bin/clang
	CXX: /opt/llvm/bin/clang++
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: Add safe directory
	run: git config --global --add safe.directory /__w/envoy/envoy
	- name: 'Build envoy.aar distributable'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	working-directory: mobile
	run: \|
	version="0.5.0.$(date '+%Y%m%d')"
	./bazelw build \
	$([ -z $GITHUB_TOKEN ] \|\| echo "--config=remote-ci-linux-clang") \
	--remote_header="Authorization=Bearer $GITHUB_TOKEN" \
	--fat_apk_cpu=x86,x86_64,armeabi-v7a,arm64-v8a \
	--define=pom_version="$version" \
	--config=release-android \
	--linkopt=-fuse-ld=lld \
	//:android_dist
	- name: 'Tar artifacts'
	run: \|
	tar -czvf envoy_android_aar_sources.tar.gz \
	bazel-bin/library/kotlin/io/envoyproxy/envoymobile/envoy.aar \
	bazel-bin/library/kotlin/io/envoyproxy/envoymobile/envoy-pom.xml \
	bazel-bin/library/kotlin/io/envoyproxy/envoymobile/envoy-sources.jar \
	bazel-bin/library/kotlin/io/envoyproxy/envoymobile/envoy-javadoc.jar
	working-directory: mobile
	- uses: actions/upload-artifact@v3
	with:
	name: envoy_android_aar_sources
	path: mobile/envoy_android_aar_sources.tar.gz
	android_release_deploy:
	name: android_release_deploy
	needs: android_release_artifacts
	runs-on: ubuntu-22.04
	timeout-minutes: 20
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: Add safe directory
	run: git config --global --add safe.directory /__w/envoy/envoy
	- uses: actions/download-artifact@v3
	with:
	name: envoy_android_aar_sources
	path: .
	- name: Expand archive
	run: \|
	tar -xvf envoy_android_aar_sources.tar.gz
	mv bazel-bin/library/kotlin/io/envoyproxy/envoymobile/* .
	- name: 'Configure gpg signing'
	env:
	GPG_KEY: ${{ secrets.EM_GPG_KEY }}
	GPG_KEY_NAME: ${{ secrets.EM_GPG_KEY_NAME }}
	GPG_PASSPHRASE: ${{ secrets.EM_GPG_PASSPHRASE }}
	run: \|
	# https://github.com/keybase/keybase-issues/issues/2798
	export GPG_TTY=$(tty)
	# Import gpg keys and warm the passphrase to avoid the gpg
	# passphrase prompt when initating a deploy
	# `--pinentry-mode=loopback` could be needed to ensure we
	# suppress the gpg prompt
	echo $GPG_KEY \| base64 --decode > signing-key
	gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
	shred signing-key

	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab envoy.aar
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab envoy-pom.xml
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab envoy-javadoc.jar
	gpg --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -ab envoy-sources.jar
	- name: 'Release to sonatype repository'
	env:
	READWRITE_USER: ${{ secrets.EM_SONATYPE_USER }}
	READWRITE_API_KEY: ${{ secrets.EM_SONATYPE_PASSWORD }}
	SONATYPE_PROFILE_ID: ${{ secrets.EM_SONATYPE_PROFILE_ID }}
	run: \|
	version="0.5.0.$(date '+%Y%m%d')"
	python mobile/ci/sonatype_nexus_upload.py \
	--profile_id=$SONATYPE_PROFILE_ID \
	--version=$version \
	--files \
	envoy.aar \
	envoy-pom.xml \
	envoy-sources.jar \
	envoy-javadoc.jar \
	--signed_files \
	envoy.aar.asc \
	envoy-pom.xml.asc \
	envoy-sources.jar.asc \
	envoy-javadoc.jar.asc

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

mobile_release #57

Workflow file

mobile_release #57

Jobs

Run details

Workflow file for this run