Skip to content

4.14.0

4.14.0 #82

Workflow file for this run

name: sonar-release
# This workflow is triggered when publishing a new github release
on:
release:
types:
- published
env:
PYTHONUNBUFFERED: 1
jobs:
release:
permissions:
id-token: write
contents: write
uses: SonarSource/gh-action_release/.github/workflows/main.yaml@v5
with:
publishToBinaries: false
mavenCentralSync: false
slackChannel: squad-ide-vscode
deploy_to_microsoft_marketplace:
permissions:
id-token: write
contents: write
runs-on: ubuntu-latest
name: Deploy to Visual Studio marketplace
needs: release
strategy:
# Deployment jobs are executed sequentially to make sure that the universal package is the last one deployed
max-parallel: 1
matrix:
platform: ['win32-x64', 'linux-x64', 'darwin-x64', 'darwin-arm64', 'universal']
env:
ARTIFACTORY_URL: https://repox.jfrog.io/artifactory
steps:
- name: Checkout custom actions
uses: actions/checkout@v4
with:
clean: false
- name: Use Node 20
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Get vault secrets
id: secrets
uses: SonarSource/vault-action-wrapper@3.0.1
with:
secrets: |
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN;
development/kv/data/visualstudio VSCE_TOKEN | VISUALSTUDIO_PAT;
- name: Install dependencies for vsce-publish
run: |
cp ${GITHUB_WORKSPACE}/.cirrus/.npmrc ./.npmrc
export ARTIFACTORY_ACCESS_TOKEN=${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
npm install
working-directory: ./.github/actions/vsce-publish
- name: Extract version, file name and download URL
id: extract_version
shell: python
run: |
import os
#
# Extract version, build file name and download URL from GH ref
#
# See https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
tagName = '${{ github.ref_name }}'
# tagName = <version>+<buildId>
version = tagName.split('+')[0]
platform = '${{ matrix.platform }}'
artifactoryPublicRepo = 'https://repox.jfrog.io/artifactory/sonarsource-public-releases'
slvscodeBaseUrl = f'{artifactoryPublicRepo}/org/sonarsource/sonarlint/vscode/sonarlint-vscode'
if platform == 'universal':
artifactName = f'sonarlint-vscode-{version}.vsix'
else:
artifactName = f'sonarlint-vscode-{platform}-{version}.vsix'
artifactUrl = f'{slvscodeBaseUrl}/{version}/{artifactName}'
with open(os.environ['GITHUB_OUTPUT'], 'a') as githubOutput:
print(f'artifactUrl={artifactUrl}', file=githubOutput)
print(f'artifactName={artifactName}', file=githubOutput)
- name: Download promoted file
id: download_artifact
run: |
curl -s -o ${{ steps.extract_version.outputs.artifactName }} -H 'Authorization: Bearer ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}' ${{ steps.extract_version.outputs.artifactUrl }}
echo 'artifactFile='$(pwd)/${{ steps.extract_version.outputs.artifactName }} >> ${GITHUB_OUTPUT}
- name: Publish to Visual Studio Marketplace
if: success()
id: vsce_publish
env:
ARTIFACT_FILE: ${{ steps.download_artifact.outputs.artifactFile }}
TARGET_PLATFORM: ${{ matrix.platform }}
VSCE_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).VISUALSTUDIO_PAT }}
uses: ./.github/actions/vsce-publish
deploy_to_openvsx:
permissions:
id-token: write
contents: write
runs-on: ubuntu-latest
name: Deploy to OpenVSX
needs: release
env:
ARTIFACTORY_URL: https://repox.jfrog.io/artifactory
steps:
- name: Checkout custom actions
uses: actions/checkout@v4
- name: Use Node 20
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Get vault secrets
id: secrets
uses: SonarSource/vault-action-wrapper@3.0.1
with:
secrets: |
development/artifactory/token/{REPO_OWNER_NAME_DASH}-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN;
development/team/sonarlint/kv/data/openvsx token | OPENVSX_TOKEN;
- name: Install dependencies for ovsx-publish
run: |
cp ${GITHUB_WORKSPACE}/.cirrus/.npmrc ./.npmrc
export ARTIFACTORY_ACCESS_TOKEN=${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
npm install
working-directory: ./.github/actions/ovsx-publish
- name: Extract version, file name and download URL
id: extract_version
shell: python
run: |
import os
#
# Extract version, build file name and download URL from GH ref
#
# See https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
tagName = '${{ github.ref_name }}'
# tagName = <version>+<buildId>
version = tagName.split('+')[0]
artifactoryPublicRepo = 'https://repox.jfrog.io/artifactory/sonarsource-public-releases'
slvscodeBaseUrl = f'{artifactoryPublicRepo}/org/sonarsource/sonarlint/vscode/sonarlint-vscode'
artifactName = f'sonarlint-vscode-{version}.vsix'
artifactUrl = f'{slvscodeBaseUrl}/{version}/{artifactName}'
with open(os.environ['GITHUB_OUTPUT'], 'a') as githubOutput:
print(f'artifactUrl={artifactUrl}', file=githubOutput)
print(f'artifactName={artifactName}', file=githubOutput)
- name: Download promoted file
id: download_artifact
run: |
curl -s -o ${{ steps.extract_version.outputs.artifactName }} -H 'Authorization: Bearer ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}' ${{ steps.extract_version.outputs.artifactUrl }}
echo 'artifactFile='$(pwd)/${{ steps.extract_version.outputs.artifactName }} >> ${GITHUB_OUTPUT}
- name: Publish to OpenVSX
if: success()
id: ovsx_publish
env:
ARTIFACT_FILE: ${{ steps.download_artifact.outputs.artifactFile }}
OPENVSX_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).OPENVSX_TOKEN }}
uses: ./.github/actions/ovsx-publish