From 61c16e2b143b31cf83b3bf718251e2ec3474c938 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 09:44:31 +0200 Subject: [PATCH 01/10] Move central publishing to GH actions --- .github/actions/android/action.yml | 56 ++++++++++++++++++++++++++++++ .github/workflows/android.yml | 37 ++------------------ .github/workflows/release.yml | 51 +++++++++++++-------------- android/build.gradle.kts | 37 ++++++++------------ 4 files changed, 97 insertions(+), 84 deletions(-) create mode 100644 .github/actions/android/action.yml diff --git a/.github/actions/android/action.yml b/.github/actions/android/action.yml new file mode 100644 index 0000000..e512307 --- /dev/null +++ b/.github/actions/android/action.yml @@ -0,0 +1,56 @@ +name: "Build Android library" +description: "Create artifact for Android library" +inputs: + gpg-key: + required: false + description: "The GPG key to use when signing the publication" + gpg-password: + required: false + description: "Password for the GPG key." + +runs: + using: "composite" + steps: + - uses: actions/checkout@v4 + with: + submodules: true + + - uses: actions/setup-java@v4 + with: + distribution: "temurin" + java-version: "17" + + - name: Validate Gradle wrapper + uses: gradle/actions/wrapper-validation@v4 + + - name: Setup + shell: bash + run: | + rustup toolchain install nightly-2025-04-15-x86_64-unknown-linux-gnu + rustup component add rust-src --toolchain nightly-2025-04-15-x86_64-unknown-linux-gnu + rustup target add \ + aarch64-linux-android \ + armv7-linux-androideabi \ + x86_64-linux-android \ + i686-linux-android + cargo install cargo-ndk + + - name: Build for Android + shell: bash + env: + GPG_PRIVATE_KEY: ${{ inputs.gpg-key }} + GPG_PASSWORD: ${{ inputs.gpg-password }} + run: | + cd android + ./gradlew build publishAllPublicationsToHereRepository + ls -lh build/outputs/aar + find build/repository + + - name: Upload binary + uses: actions/upload-artifact@v4 + with: + name: android-library + retention-days: 1 + compression-level: 0 # We're uploading a zip, no need to compress again + path: android/build/distributions/powersync_android.zip + if-no-files-found: error diff --git a/.github/workflows/android.yml b/.github/workflows/android.yml index 6ac1271..4659d08 100644 --- a/.github/workflows/android.yml +++ b/.github/workflows/android.yml @@ -8,38 +8,5 @@ jobs: if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - with: - submodules: true - - - uses: actions/setup-java@v4 - with: - distribution: "temurin" - java-version: "17" - - - name: Validate Gradle wrapper - uses: gradle/actions/wrapper-validation@v4 - - - name: Setup - run: | - rustup toolchain install nightly-2025-04-15-x86_64-unknown-linux-gnu - rustup component add rust-src --toolchain nightly-2025-04-15-x86_64-unknown-linux-gnu - rustup target add \ - aarch64-linux-android \ - armv7-linux-androideabi \ - x86_64-linux-android \ - i686-linux-android - cargo install cargo-ndk - - - name: Build for Android - run: | - cd android - ./gradlew build - ls -lh build/outputs/aar - - - name: Upload Android library - uses: actions/upload-artifact@v4 - with: - name: android-library - path: | - android/build/outputs/aar/ + - name: Build Android + uses: ./.github/actions/android diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a9ea494..65291d1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,45 +33,42 @@ jobs: body="Release $tag" gh release create --draft "$tag" --title "$tag" --notes "$body" + build_android: + name: Build Android + runs-on: ubuntu-latest + steps: + - name: Build Android + uses: ./.github/actions/android + publish_android: permissions: contents: read packages: write name: Publish Android - needs: [draft_release] + needs: [draft_release, build_android] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: - submodules: true + fetch-depth: 0 - - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: "17" + - uses: actions/download-artifact@v4 + name: android-library - - name: Setup - run: | - rustup toolchain install nightly-2025-04-15-x86_64-unknown-linux-gnu - rustup component add rust-src --toolchain nightly-2025-04-15-x86_64-unknown-linux-gnu - rustup target add \ - aarch64-linux-android \ - armv7-linux-androideabi \ - x86_64-linux-android \ - i686-linux-android - cargo install cargo-ndk - - - name: Publish for Android + - name: Publish to Maven Central if: ${{ inputs.publish }} run: | - cd android - ./gradlew publish - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} - OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} - GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} + curl --request POST \ + --header 'Authorization: Bearer ${{ secrets.CENTRAL_AUTH }}' \ + --form bundle=@powersync-android.zip \ + https://central.sonatype.com/api/v1/publisher/upload + + - name: Upload binary + uses: ./.github/actions/upload + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + file-name: powersync-android.zip + tag: ${{ needs.draft_release.outputs.tag }} publish_ios_pod_and_spm_package: name: Publish iOS diff --git a/android/build.gradle.kts b/android/build.gradle.kts index ff4b8b3..f880bf8 100644 --- a/android/build.gradle.kts +++ b/android/build.gradle.kts @@ -16,6 +16,8 @@ group = "co.powersync" version = "0.4.1" description = "PowerSync Core SQLite Extension" +val localRepo = uri("build/repository/") + repositories { mavenCentral() google() @@ -160,45 +162,36 @@ publishing { } repositories { - if (System.getenv("OSSRH_USERNAME") != null) { - maven { - name = "sonatype" - url = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/") - credentials { - username = System.getenv("OSSRH_USERNAME") - password = System.getenv("OSSRH_PASSWORD") - } - } - } - - if (System.getenv("GITHUB_ACTOR") != null) { - maven { - name = "GitHubPackages" - url = uri("https://maven.pkg.github.com/powersync-ja/powersync-sqlite-core") - credentials { - username = System.getenv("GITHUB_ACTOR") - password = System.getenv("GITHUB_TOKEN") - } - } + maven { + name = "here" + url = localRepo } } } signing { if (System.getenv("GPG_PRIVATE_KEY") == null) { - useGpgCmd() + // Don't sign the publication. } else { var signingKey = String(Base64.getDecoder().decode(System.getenv("GPG_PRIVATE_KEY"))).trim() var signingPassword = System.getenv("GPG_PASSWORD") useInMemoryPgpKeys(signingKey, signingPassword) + + sign(publishing.publications) } - sign(publishing.publications) } tasks.withType() { dependsOn(prefabAar) } +val zipPublication by tasks.registering(Zip::class) { + dependsOn(tasks.named("publishAllPublicationsToHereRepository")) + + archiveFileName.set("powersync_android.zip") + from(localRepo) +} + tasks.named("build") { dependsOn(prefabAar) } From 685ae81605b9eaa6c2aaf91191fe4eb869609c88 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 09:45:53 +0200 Subject: [PATCH 02/10] Checkout first --- .github/actions/android/action.yml | 4 ---- .github/workflows/android.yml | 3 +++ .github/workflows/release.yml | 3 +++ 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/actions/android/action.yml b/.github/actions/android/action.yml index e512307..4130d55 100644 --- a/.github/actions/android/action.yml +++ b/.github/actions/android/action.yml @@ -11,10 +11,6 @@ inputs: runs: using: "composite" steps: - - uses: actions/checkout@v4 - with: - submodules: true - - uses: actions/setup-java@v4 with: distribution: "temurin" diff --git a/.github/workflows/android.yml b/.github/workflows/android.yml index 4659d08..430f077 100644 --- a/.github/workflows/android.yml +++ b/.github/workflows/android.yml @@ -8,5 +8,8 @@ jobs: if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) runs-on: ubuntu-latest steps: + - uses: actions/checkout@v4 + with: + submodules: true - name: Build Android uses: ./.github/actions/android diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 65291d1..2c6919f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,6 +37,9 @@ jobs: name: Build Android runs-on: ubuntu-latest steps: + - uses: actions/checkout@v4 + with: + submodules: true - name: Build Android uses: ./.github/actions/android From 2187a7c14571924334df10f05afd1acfd040fe05 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 09:47:35 +0200 Subject: [PATCH 03/10] Sign publications --- .github/workflows/release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2c6919f..16ca07c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,6 +42,9 @@ jobs: submodules: true - name: Build Android uses: ./.github/actions/android + with: + gpg-key: ${{ secrets.GPG_PRIVATE_KEY }} + gpg-password: ${{ secrets.GPG_PASSWORD }} publish_android: permissions: From 56dd1c2bb80a03ee53db445f794b794b63c5aa70 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 09:51:41 +0200 Subject: [PATCH 04/10] Fix not signing publication --- android/build.gradle.kts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/android/build.gradle.kts b/android/build.gradle.kts index f880bf8..5faccf3 100644 --- a/android/build.gradle.kts +++ b/android/build.gradle.kts @@ -170,7 +170,9 @@ publishing { } signing { - if (System.getenv("GPG_PRIVATE_KEY") == null) { + val privateKey = System.getenv("GPG_PRIVATE_KEY") + + if (privateKey == null || privateKey == "null") { // Don't sign the publication. } else { var signingKey = String(Base64.getDecoder().decode(System.getenv("GPG_PRIVATE_KEY"))).trim() From 80bd2aa6638a7717568fd4aa19339a954e3aefb1 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 10:09:05 +0200 Subject: [PATCH 05/10] Use properties for configuration --- .github/actions/android/action.yml | 26 +++++++++++++++----------- .github/workflows/android.yml | 2 ++ .github/workflows/release.yml | 3 --- android/build.gradle.kts | 20 ++++++++++++-------- 4 files changed, 29 insertions(+), 22 deletions(-) diff --git a/.github/actions/android/action.yml b/.github/actions/android/action.yml index 4130d55..0e69a19 100644 --- a/.github/actions/android/action.yml +++ b/.github/actions/android/action.yml @@ -1,12 +1,9 @@ name: "Build Android library" description: "Create artifact for Android library" inputs: - gpg-key: - required: false - description: "The GPG key to use when signing the publication" - gpg-password: - required: false - description: "Password for the GPG key." + sign-publication: + description: "Whether to sign the built library" + default: '1' runs: using: "composite" @@ -31,14 +28,21 @@ runs: i686-linux-android cargo install cargo-ndk - - name: Build for Android + - name: Build signed library shell: bash - env: - GPG_PRIVATE_KEY: ${{ inputs.gpg-key }} - GPG_PASSWORD: ${{ inputs.gpg-password }} + if: ${{ inputs.sign-publication == '1' }} run: | cd android - ./gradlew build publishAllPublicationsToHereRepository + ./gradlew build publishAllPublicationsToHereRepository -PgpgKey=${{ secrets.GPG_PRIVATE_KEY }} -PgpgPassword=${{ secrets.GPG_PASSWORD }} + ls -lh build/outputs/aar + find build/repository + + - name: Build library without signing + shell: bash + if: ${{ inputs.sign-publication == '0' }} + run: | + cd android + ./gradlew build publishAllPublicationsToHereRepository -PsignPublication=0 ls -lh build/outputs/aar find build/repository diff --git a/.github/workflows/android.yml b/.github/workflows/android.yml index 430f077..12ca5ce 100644 --- a/.github/workflows/android.yml +++ b/.github/workflows/android.yml @@ -13,3 +13,5 @@ jobs: submodules: true - name: Build Android uses: ./.github/actions/android + with: + sign-publication: '0' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 16ca07c..2c6919f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,9 +42,6 @@ jobs: submodules: true - name: Build Android uses: ./.github/actions/android - with: - gpg-key: ${{ secrets.GPG_PRIVATE_KEY }} - gpg-password: ${{ secrets.GPG_PASSWORD }} publish_android: permissions: diff --git a/android/build.gradle.kts b/android/build.gradle.kts index 5faccf3..4aec08f 100644 --- a/android/build.gradle.kts +++ b/android/build.gradle.kts @@ -170,14 +170,18 @@ publishing { } signing { - val privateKey = System.getenv("GPG_PRIVATE_KEY") - - if (privateKey == null || privateKey == "null") { - // Don't sign the publication. - } else { - var signingKey = String(Base64.getDecoder().decode(System.getenv("GPG_PRIVATE_KEY"))).trim() - var signingPassword = System.getenv("GPG_PASSWORD") - useInMemoryPgpKeys(signingKey, signingPassword) + val sign = providers.gradleProperty("signPublication").getOrElse("1") + + if (sign != "0") { + val key = providers.gradleProperty("gpgKey") + val password = providers.gradleProperty("gpgPassword") + + if (key.isPresent()) { + val signingKey = String(Base64.getDecoder().decode(key.get())).trim() + useInMemoryPgpKeys(signingKey, password.get()) + } else { + useGpgCmd() + } sign(publishing.publications) } From 244eb1c613ec5b0a7c3e9b689afa9cb09571f6ff Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 10:13:08 +0200 Subject: [PATCH 06/10] Don't use secrets directly --- .github/actions/android/action.yml | 8 +++++++- .github/workflows/release.yml | 3 +++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/actions/android/action.yml b/.github/actions/android/action.yml index 0e69a19..a90d1cf 100644 --- a/.github/actions/android/action.yml +++ b/.github/actions/android/action.yml @@ -4,6 +4,12 @@ inputs: sign-publication: description: "Whether to sign the built library" default: '1' + gpg-key: + required: false + description: "The GPG key to use when signing the publication" + gpg-password: + required: false + description: "Password for the GPG key." runs: using: "composite" @@ -33,7 +39,7 @@ runs: if: ${{ inputs.sign-publication == '1' }} run: | cd android - ./gradlew build publishAllPublicationsToHereRepository -PgpgKey=${{ secrets.GPG_PRIVATE_KEY }} -PgpgPassword=${{ secrets.GPG_PASSWORD }} + ./gradlew build publishAllPublicationsToHereRepository -PgpgKey=${{ inputs.gpg-key }} -PgpgPassword=${{ inputs.gpg-password }} ls -lh build/outputs/aar find build/repository diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2c6919f..16ca07c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,6 +42,9 @@ jobs: submodules: true - name: Build Android uses: ./.github/actions/android + with: + gpg-key: ${{ secrets.GPG_PRIVATE_KEY }} + gpg-password: ${{ secrets.GPG_PASSWORD }} publish_android: permissions: From 3217e01afa2bf44ba82d91cb46dcc9b44ebe0909 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Mon, 12 May 2025 10:17:56 +0200 Subject: [PATCH 07/10] Use correct task --- .github/actions/android/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/android/action.yml b/.github/actions/android/action.yml index a90d1cf..f973471 100644 --- a/.github/actions/android/action.yml +++ b/.github/actions/android/action.yml @@ -39,7 +39,7 @@ runs: if: ${{ inputs.sign-publication == '1' }} run: | cd android - ./gradlew build publishAllPublicationsToHereRepository -PgpgKey=${{ inputs.gpg-key }} -PgpgPassword=${{ inputs.gpg-password }} + ./gradlew build zipPublication -PgpgKey=${{ inputs.gpg-key }} -PgpgPassword=${{ inputs.gpg-password }} ls -lh build/outputs/aar find build/repository @@ -48,7 +48,7 @@ runs: if: ${{ inputs.sign-publication == '0' }} run: | cd android - ./gradlew build publishAllPublicationsToHereRepository -PsignPublication=0 + ./gradlew build zipPublication -PsignPublication=0 ls -lh build/outputs/aar find build/repository From 1f4d941dd3eb82e873003f5d1e4461bf94c34b12 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Thu, 3 Jul 2025 14:32:41 -0600 Subject: [PATCH 08/10] Fix group id and file name --- .github/workflows/release.yml | 5 +++-- android/build.gradle.kts | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 16ca07c..06d2c66 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -59,14 +59,15 @@ jobs: fetch-depth: 0 - uses: actions/download-artifact@v4 - name: android-library + with: + name: android-library - name: Publish to Maven Central if: ${{ inputs.publish }} run: | curl --request POST \ --header 'Authorization: Bearer ${{ secrets.CENTRAL_AUTH }}' \ - --form bundle=@powersync-android.zip \ + --form bundle=@powersync_android.zip \ https://central.sonatype.com/api/v1/publisher/upload - name: Upload binary diff --git a/android/build.gradle.kts b/android/build.gradle.kts index 4aec08f..9c24197 100644 --- a/android/build.gradle.kts +++ b/android/build.gradle.kts @@ -12,7 +12,7 @@ plugins { id("signing") } -group = "co.powersync" +group = "com.powersync" version = "0.4.1" description = "PowerSync Core SQLite Extension" From 5a490351fbd1b2524668c5d4e1e14267cc5a2e03 Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Tue, 8 Jul 2025 10:38:17 +0200 Subject: [PATCH 09/10] Enable automatic publishing --- .github/workflows/release.yml | 4 ++-- RELEASING.md | 11 +---------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 06d2c66..1884314 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -68,8 +68,8 @@ jobs: curl --request POST \ --header 'Authorization: Bearer ${{ secrets.CENTRAL_AUTH }}' \ --form bundle=@powersync_android.zip \ - https://central.sonatype.com/api/v1/publisher/upload - + 'https://central.sonatype.com/api/v1/publisher/upload?publishingType=AUTOMATIC' + - name: Upload binary uses: ./.github/actions/upload with: diff --git a/RELEASING.md b/RELEASING.md index 009a4f3..275dd12 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -28,16 +28,7 @@ The above does the following: 1. Create a draft GitHub release. 2. Build the xcframework for iOS and macOS, and upload to GitHub (attached to the above release). -3. Build and publish an Android aar to Sonatype staging. - -Once that is done, go to the Maven staging repository, and "Close", wait, and "Release" the -repository: - -https://s01.oss.sonatype.org/#stagingRepositories - -Docs: https://central.sonatype.org/publish/release/ - -Go to GitHub Releases on the repository, update the description, then "Publish Release". +3. Build and publish an Android aar to Sonatype. Afterwards,you can monitor the status of the publishing step [here](https://central.sonatype.com/publishing/deployments). Publish the cocoapod: From 982ac19f274a2d22dc97edfdf989335df394e00f Mon Sep 17 00:00:00 2001 From: Simon Binder Date: Tue, 8 Jul 2025 10:39:53 +0200 Subject: [PATCH 10/10] Typo --- RELEASING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/RELEASING.md b/RELEASING.md index 275dd12..3240c69 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -28,7 +28,7 @@ The above does the following: 1. Create a draft GitHub release. 2. Build the xcframework for iOS and macOS, and upload to GitHub (attached to the above release). -3. Build and publish an Android aar to Sonatype. Afterwards,you can monitor the status of the publishing step [here](https://central.sonatype.com/publishing/deployments). +3. Build and publish an Android aar to Sonatype. Afterwards, you can monitor the status of the publishing step [here](https://central.sonatype.com/publishing/deployments). Publish the cocoapod: