Added versioning from CI

.github/actions/publish-to-sonatype/action.yaml

@@ -36,16 +36,6 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Set up JFrog credentials
-      id: setup-jfrog-cli
-      uses: jfrog/setup-jfrog-cli@v4
-      env:
-        JF_URL: ${{ inputs.jfrog-platform-url }}
-      with:
-        version: 2.72.2
-        oidc-provider-name: ${{ inputs.oidc-provider }}
-        oidc-audience: ${{ inputs.oidc-audience }}
-
     - name: Get info
       shell: bash
       id: get-build-info

.github/actions/run-ee-server/action.yaml

@@ -1,6 +1,10 @@
 name: "Run EE Server"
 description: "Run EE server. Returns once server is ready. Only tested on Linux and macOS"
 
+permissions:
+  # This is required for requesting the OIDC token
+  id-token: write
+
 inputs:
   # All inputs in composite actions are strings
   use-server-rc:

.github/workflows/aggregate-build.yaml

@@ -13,6 +13,9 @@ on:
       java-version:
         type: string
         required: true
+      is-snapshot:
+        type: string
+        required: true
     secrets:
       JFROG_OIDC_PROVIDER:
         required: true
@@ -33,8 +36,15 @@ jobs:
           oidc-provider-name: ${{ secrets.JFROG_OIDC_PROVIDER }}
           oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }}
 
+      - shell: bash
+        run: |
+          echo "IS_SNAPSHOT=${{ inputs.is-snapshot }}" >> $GITHUB_ENV
+
       - name: Aggregate builds
         run: |
+          # record env variables 
+          jf rt bce clients-java-push-to-dev ${{ github.run_number }}
+
           jf rt ba clients-java-push-to-dev ${{ github.run_number }} clients-java-push-to-dev_aerospike-client-bc-jdk${{ inputs.java-version }} ${{ github.run_number }}
           jf rt ba clients-java-push-to-dev ${{ github.run_number }} clients-java-push-to-dev_aerospike-client-jdk${{ inputs.java-version }} ${{ github.run_number }}
 

.github/workflows/create-release.yaml

@@ -0,0 +1,21 @@
+name: create-release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        required: true
+        description: New version to set 
+
+jobs:
+  build-stage:
+    name: Build stage
+    uses: ./.github/workflows/release-stage.yaml
+    with:
+      # This will need to change to point to staging branch
+      ref: dev/dev-ci-fixes-stage 
+      version: ${{ inputs.version }}
+      build-number: ${{ github.run_number }}
+      is-snapshot: false
+    secrets: inherit

.github/workflows/promote-prod.yaml

@@ -11,13 +11,18 @@ on:
       build-number:
         type: number
         description: Build number used to build artifact to be promoted
+      target-branch:
+        type: choice
+        description: Target branch to promote to
+        options:
+          - dev-stage
 
 jobs:
   promote-from-stage-to-prod:
-    name: Promot from stage to prod
+    name: Promote from stage to prod
     uses: ./.github/workflows/promote.yaml
     with:
       build-number: ${{ inputs.build-number }}
       target-repository: clients-maven-stage-local
-      target-branch: dev-stage
+      target-branch: ${{ inputs.target-branch }}
     secrets: inherit

.github/workflows/promote.yaml

@@ -12,6 +12,10 @@ on:
       target-branch:
         type: string
         description: Target branch to promote token
+      jf-target-build:
+        type: string
+        description: Target build name
+        default: clients-java-push-to-dev
     secrets:
       SONATYPE_MAVEN_USER:
         required: true
@@ -42,7 +46,7 @@ jobs:
       - name: Get info
         id: get-build-info
         run: |
-          echo build-info=$(jf rt curl /api/build/clients-java-push-to-dev/${{ inputs.build-number }}) >> $GITHUB_OUTPUT
+          echo build-info=$(jf rt curl /api/build/${{ inputs.jf-target-build }}/${{ inputs.build-number }}) >> $GITHUB_OUTPUT
 
       - name: Get commit hash from repo
         id: get-commit-hash
@@ -59,38 +63,13 @@ jobs:
           echo "commit-hash: '${{ steps.get-commit-hash.outputs.commit-hash }}'"
           echo "build-names: '${{ steps.get-build-name.outputs.build-names }}'"
 
-      # Needed since we are using actions which are part of the repository
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          # Fetch the whole history to prevent unrelated history errors
-          fetch-depth: "0"
-          ref: ${{ inputs.target-branch }}
-          token: ${{ secrets.CLIENT_BOT_PAT }}
-
-      - name: Fast forward
-        shell: bash
-        run: git merge --ff-only ${{ inputs.ref-to-merge }}
-
-      - name: Add tagging message
-        uses: stefanzweifel/git-auto-commit-action@v4
-        with:
-          commit_message: "Promote to prod [skip ci]"
-          commit_author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
-          tagging_message: Promote to PROD
-          branch: ${{ inputs.target-branch }}
-
-      - name: Upload changes to remote head branch
-        shell: bash
-        run: git push
-
       - name: Promote build
         shell: bash
         run: |
           BUILD_NAMES=(${{ steps.get-build-name.outputs.build-names }})
 
           if [ ${#MODULES[@]} -eq 0 ];then
-            echo "Missing build names for modules in 'clients-java-push-to-dev'"
+            echo "Missing build names for modules in '${{ inputs.jf-target-build }}'"
           fi
 
           for BUILD_NAME in "${BUILD_NAMES[@]}"; do
@@ -114,6 +93,31 @@ jobs:
           echo "build-name-number: ${{ steps.get-build-name-number.outputs.build-name-number }}"
           echo "artifact-version: ${{ steps.get-artifact-version.output.artifact-version }}"
 
+      - name: Fast forward
+        shell: bash
+        run: git merge --ff-only ${{ inputs.ref-to-merge }}
+
+      - name: Add tagging message
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          commit_message: "Promote to prod [skip ci]"
+          commit_author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
+          tagging_message: Promote to PROD
+          branch: ${{ inputs.target-branch }}
+
+      - name: Upload changes to remote head branch
+        shell: bash
+        run: git push
+
+      # Needed since we are using actions which are part of the repository
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          # Fetch the whole history to prevent unrelated history errors
+          fetch-depth: "0"
+          ref: ${{ inputs.target-branch }}
+          token: ${{ secrets.CLIENT_BOT_PAT }}
+
   publish-to-sonatype:
     runs-on: ${{ vars.BUILD_CONTAINER_DISTRO_VERSION }}
     needs: promote

.github/workflows/pull-request-open.yaml

@@ -1,5 +1,9 @@
 name: PR open
 
+permissions:
+  # This is required for requesting the OIDC token
+  id-token: write
+
 on:
   pull_request:
     branches:

.github/workflows/push-to-stage.yaml

@@ -11,5 +11,6 @@ jobs:
     name: Build stage
     uses: ./.github/workflows/release-stage.yaml
     with:
-      branch: ${{ github.ref }}
+      ref: ${{ github.ref }}
+      build-number: ${{ github.run_number }}
     secrets: inherit

.github/workflows/release-stage.yaml

@@ -1,7 +1,10 @@
 on:
   workflow_call:
     inputs:
-      branch:
+      ref:
+        type: string
+        required: true
+      build-number:
         type: string
         required: true
 
@@ -11,19 +14,21 @@ jobs:
     steps:
       - name: debug
         run: |
-          echo "${{ inputs.branch }}"
+          echo "${{ inputs.ref }}"
           echo "${{ github.base_ref }}"
 
-  java-version:
+  pre-requisites:
     needs: debug-job
     runs-on: ${{ vars.BUILD_CONTAINER_DISTRO_VERSION }}
     outputs:
       java-version: ${{ steps.get-java-version.outputs.java-version }}
+      is-snapshot: ${{ steps.get-is-snapshot.outputs.is-snapshot }}
     steps:
       - name: Checkout client
         uses: actions/checkout@v4
         with:
-          ref: ${{ inputs.branch }}
+          fetch-depth: 0
+          ref: ${{ inputs.ref }}
 
       - name: Get java version
         id: get-java-version
@@ -34,21 +39,50 @@ jobs:
         run: |
           echo ${{ steps.get-java-version.outputs.java-version }}
 
+      - name: Detect if snapshot
+        id: get-is-snapshot
+        shell: bash
+        run: |
+          # Getting previous commit
+          COMMIT_REF="HEAD~1"
+
+          # Checking if previous commit contains pom.xml. This should always return true
+          if ! git show "${COMMIT_REF}:pom.xml" &>/dev/null; then
+            echo "Error: pom.xml not found in commit ${COMMIT_REF}"
+            exit 1
+          fi
+
+          # Getting previous version
+          OLD_VERSIONS=$(git show "${COMMIT_REF}:pom.xml" |
+            sed -n 's/.*<revision>\([^<]*\)<\/revision>.*/\1/p')
+
+          # Getting current version
+          NEW_VERSIONS=$(sed -n 's/.*<revision>\([^<]*\)<\/revision>.*/\1/p' pom.xml)
+
+          # Compare the extracted versions. CI will not commit snapshot version.
+          if [[ "${OLD_VERSIONS}" != "${NEW_VERSIONS}" ]]; then
+            echo "is-snapshot='false'" >> $GITHUB_OUTPUT
+          else
+            echo "is-snapshot='true'" >> $GITHUB_OUTPUT
+          fi
+
   build:
     uses: ./.github/workflows/release.yaml
-    needs: java-version
+    needs: pre-requisites
     strategy:
       matrix:
         crypto-type: [bouncycastle, gnu]
     with:
-      java-version: ${{ needs.java-version.outputs.java-version }}
-      branch: ${{ inputs.branch }}
+      ref: ${{ inputs.ref }}
+      java-version: ${{ needs.pre-requisites.outputs.java-version }}
       crypto-type: ${{ matrix.crypto-type }}
+      is-snapshot: ${{ needs.pre-requisites.outputs.is-snapshot }}
     secrets: inherit
 
   aggregate-published-artifacts:
     uses: ./.github/workflows/aggregate-build.yaml
-    needs: [java-version, build]
+    needs: [pre-requisites, build]
     secrets: inherit
     with:
-      java-version: ${{ needs.java-version.outputs.java-version }}
+      java-version: ${{ needs.pre-requisites.outputs.java-version }}
+      is-snapshot: ${{ needs.pre-requisites.outputs.is-snapshot }}

.github/workflows/release.yaml

@@ -5,7 +5,7 @@ permissions:
 on:
   workflow_call:
     inputs:
-      branch:
+      ref:
         type: string
         required: true
       java-version:
@@ -14,6 +14,9 @@ on:
       crypto-type:
         type: string
         required: true
+      is-snapshot:
+        type: string
+        required: true
     secrets:
       GPG_SECRET_KEY_ORG:
         required: true
@@ -31,7 +34,8 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          ref: ${{ inputs.branch }}
+          fetch-depth: 0
+          ref: ${{ inputs.ref }}
 
       # Java plugin will setup gpg but we are not using maven to deploy do JFrog.
       # - jf mvn clean install on publish does not publish POM we would like to publish
@@ -43,9 +47,25 @@ jobs:
           gpg-private-key: ${{ secrets.GPG_SECRET_KEY_ORG }}
           gpg-passphrase: GPG_PASS
 
+      - name: Get release or snapshot-version
+        id: get-release-version
+        shell: bash
+        run: |
+          IS_SNAPSHOT=${{ inputs.is-snapshot }}
+          if [ $IS_SNAPSHOT == 'true' ];then
+            echo release-version="$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)-SNAPSHOT_$GITHUB_SHA" >> $GITHUB_OUTPUT
+          else
+            echo release-version="$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Set version
+        shell: bash
+        run: |
+          ./set_version ${{ steps.get-release-version.outputs.release-version }} ${{ inputs.crypto-type }}
+
       - name: Build all modules
         shell: bash
-        run: mvn clean install -P ${{ inputs.crypto-type }} # The crypto profile is usually set with set_crypto but since we need to toggle multiple prfiles set_crypto option is not being picked up
+        run: mvn clean install -P ${{ inputs.crypto-type }} # The crypto profile is usually set with set_crypto but since we need to toggle multiple profiles set_crypto option is not being picked up
 
       - name: Stage artifacts for publish
         working-directory: client