Added versioning from CI

.github/actions/publish-to-sonatype/action.yaml

@@ -36,13 +36,11 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Set up JFrog credentials
-      id: setup-jfrog-cli
+    - name: Setup jfrog shell
       uses: jfrog/setup-jfrog-cli@v4
       env:
         JF_URL: ${{ inputs.jfrog-platform-url }}
       with:
-        version: 2.72.2
         oidc-provider-name: ${{ inputs.oidc-provider }}
         oidc-audience: ${{ inputs.oidc-audience }}
 
@@ -80,21 +78,21 @@ runs:
       working-directory: ${{ inputs.staging-folder }}
       run: |
         ls -laR
- 
+
     - name: Get hashes from build_info and generate files
       shell: bash
       working-directory: ${{ inputs.staging-folder }}
       run: |
         BUILD_INFO='${{ steps.get-build-info.outputs.build-info }}'
         MODULES=$(echo "${BUILD_INFO}" | jq -c '.buildInfo.modules[].artifacts[]')
         STAGE_DIR="$(find . -type f -name '*.jar' -exec realpath {} \; | head -n 1 | xargs dirname)"
-        
+
         for MODULE in ${MODULES}; do
           NAME=$(echo "${MODULE}" | jq -r ".name")
           SHA1=$(echo "${MODULE}" | jq -r ".sha1")
           SHA256=$(echo "${MODULE}" | jq -r ".sha256")
           MD5=$(echo "${MODULE}" | jq -r ".md5")
-        
+
           FILE_NAME="${STAGE_DIR}/${NAME}"
           echo "$FILE_NAME"
           echo "${SHA1}" >"${FILE_NAME}.sha1"
@@ -112,13 +110,13 @@ runs:
         # adding output variable for debug step later
         echo "artifact-name=${ARTIFACT_NAME}" >> $GITHUB_OUTPUT
         zip -r "${ARTIFACT_NAME}" .
-      
+
     - name: Debug show content of the upload archive
       shell: bash
-      working-directory:  ${{ inputs.staging-folder }}
+      working-directory: ${{ inputs.staging-folder }}
       run: |
         ARTIFACT_NAME='${{ steps.create-artifact.outputs.artifact-name }}'
-        unzip -l "${ARTIFACT_NAME}" | tail -n +4 | sort -k4,4 
+        unzip -l "${ARTIFACT_NAME}" | tail -n +4 | sort -k4,4
 
     #- name: Stage artifacts
     #  working-directory: ${{ inputs.staging-folder }}

.github/actions/run-ee-server/action.yaml

@@ -1,6 +1,10 @@
 name: "Run EE Server"
 description: "Run EE server. Returns once server is ready. Only tested on Linux and macOS"
 
+permissions:
+  # This is required for requesting the OIDC token
+  id-token: write
+
 inputs:
   # All inputs in composite actions are strings
   use-server-rc:

.github/workflows/aggregate-build.yaml

@@ -13,6 +13,9 @@ on:
       java-version:
         type: string
         required: true
+      is-snapshot:
+        type: string
+        required: true
     secrets:
       JFROG_OIDC_PROVIDER:
         required: true
@@ -33,8 +36,15 @@ jobs:
           oidc-provider-name: ${{ secrets.JFROG_OIDC_PROVIDER }}
           oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }}
 
+      - shell: bash
+        run: |
+          echo "IS_SNAPSHOT=${{ inputs.is-snapshot }}" >> $GITHUB_ENV
+
       - name: Aggregate builds
         run: |
+          # record env variables 
+          jf rt bce clients-java-push-to-dev ${{ github.run_number }}
+
           jf rt ba clients-java-push-to-dev ${{ github.run_number }} clients-java-push-to-dev_aerospike-client-bc-jdk${{ inputs.java-version }} ${{ github.run_number }}
           jf rt ba clients-java-push-to-dev ${{ github.run_number }} clients-java-push-to-dev_aerospike-client-jdk${{ inputs.java-version }} ${{ github.run_number }}
 

.github/workflows/create-release.yaml

@@ -0,0 +1,21 @@
+name: create-release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        required: true
+        description: New version to set 
+
+jobs:
+  build-stage:
+    name: Build stage
+    uses: ./.github/workflows/release-stage.yaml
+    with:
+      # This will need to change to point to staging branch
+      ref: dev/dev-ci-fixes-stage 
+      version: ${{ inputs.version }}
+      build-number: ${{ github.run_number }}
+      is-snapshot: false
+    secrets: inherit

.github/workflows/promote-prod.yaml

@@ -11,13 +11,18 @@ on:
       build-number:
         type: number
         description: Build number used to build artifact to be promoted
+      target-branch:
+        type: choice
+        description: Target branch to promote to
+        options:
+          - dev-stage
 
 jobs:
   promote-from-stage-to-prod:
-    name: Promot from stage to prod
+    name: Promote from stage to prod
     uses: ./.github/workflows/promote.yaml
     with:
       build-number: ${{ inputs.build-number }}
       target-repository: clients-maven-stage-local
-      target-branch: dev-stage
+      target-branch: ${{ inputs.target-branch }}
     secrets: inherit

.github/workflows/promote.yaml

@@ -12,6 +12,10 @@ on:
       target-branch:
         type: string
         description: Target branch to promote token
+      jf-target-build:
+        type: string
+        description: Target build name
+        default: clients-java-push-to-dev
     secrets:
       SONATYPE_MAVEN_USER:
         required: true
@@ -39,10 +43,28 @@ jobs:
           oidc-provider-name: ${{ secrets.JFROG_OIDC_PROVIDER }}
           oidc-audience: ${{ secrets.JFROG_OIDC_AUDIENCE }}
 
+      # Needed since we are using actions which are part of the repository
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          # Fetch the whole history to prevent unrelated history errors
+          fetch-depth: "0"
+          ref: ${{ inputs.target-branch }}
+          token: ${{ secrets.CLIENT_BOT_PAT }}
+
       - name: Get info
         id: get-build-info
         run: |
-          echo build-info=$(jf rt curl /api/build/clients-java-push-to-dev/${{ inputs.build-number }}) >> $GITHUB_OUTPUT
+          echo build-info=$(jf rt curl /api/build/${{ inputs.jf-target-build }}/${{ inputs.build-number }}) >> $GITHUB_OUTPUT
+
+      - name: Check if snapshot build
+        run: |
+          IS_SNAPSHOT=$(echo '${{ steps.get-build-info.outputs.build-info }}' | jq -cr '.buildInfo.properties."buildInfo.env.IS_SNAPSHOT"')
+          if [ $IS_SNAPSHOT == 'true' ];then
+            echo "Error build ${{ inputs.jf-target-build }} with build number ${{ inputs.build-number }} is a SNAPSHOT build. Snapshots are not promoted to production."
+
+            exit 1
+          fi
 
       - name: Get commit hash from repo
         id: get-commit-hash
@@ -59,38 +81,13 @@ jobs:
           echo "commit-hash: '${{ steps.get-commit-hash.outputs.commit-hash }}'"
           echo "build-names: '${{ steps.get-build-name.outputs.build-names }}'"
 
-      # Needed since we are using actions which are part of the repository
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          # Fetch the whole history to prevent unrelated history errors
-          fetch-depth: "0"
-          ref: ${{ inputs.target-branch }}
-          token: ${{ secrets.CLIENT_BOT_PAT }}
-
-      - name: Fast forward
-        shell: bash
-        run: git merge --ff-only ${{ inputs.ref-to-merge }}
-
-      - name: Add tagging message
-        uses: stefanzweifel/git-auto-commit-action@v4
-        with:
-          commit_message: "Promote to prod [skip ci]"
-          commit_author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
-          tagging_message: Promote to PROD
-          branch: ${{ inputs.target-branch }}
-
-      - name: Upload changes to remote head branch
-        shell: bash
-        run: git push
-
       - name: Promote build
         shell: bash
         run: |
           BUILD_NAMES=(${{ steps.get-build-name.outputs.build-names }})
 
           if [ ${#MODULES[@]} -eq 0 ];then
-            echo "Missing build names for modules in 'clients-java-push-to-dev'"
+            echo "Missing build names for modules in '${{ inputs.jf-target-build }}'"
           fi
 
           for BUILD_NAME in "${BUILD_NAMES[@]}"; do
@@ -114,6 +111,22 @@ jobs:
           echo "build-name-number: ${{ steps.get-build-name-number.outputs.build-name-number }}"
           echo "artifact-version: ${{ steps.get-artifact-version.output.artifact-version }}"
 
+      - name: Fast forward
+        shell: bash
+        run: git merge --ff-only ${{ inputs.ref-to-merge }}
+
+      - name: Add tagging message
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          commit_message: "Promote to prod [skip ci]"
+          commit_author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
+          tagging_message: Promote to PROD
+          branch: ${{ inputs.target-branch }}
+
+      - name: Upload changes to remote head branch
+        shell: bash
+        run: git push
+
   publish-to-sonatype:
     runs-on: ${{ vars.BUILD_CONTAINER_DISTRO_VERSION }}
     needs: promote

.github/workflows/pull-request-open.yaml

@@ -1,5 +1,9 @@
 name: PR open
 
+permissions:
+  # This is required for requesting the OIDC token
+  id-token: write
+
 on:
   pull_request:
     branches:

.github/workflows/push-to-stage.yaml

@@ -11,5 +11,6 @@ jobs:
     name: Build stage
     uses: ./.github/workflows/release-stage.yaml
     with:
-      branch: ${{ github.ref }}
+      ref: ${{ github.ref }}
+      build-number: ${{ github.run_number }}
     secrets: inherit

.github/workflows/release-stage.yaml

@@ -1,7 +1,10 @@
 on:
   workflow_call:
     inputs:
-      branch:
+      ref:
+        type: string
+        required: true
+      build-number:
         type: string
         required: true
 
@@ -11,19 +14,21 @@ jobs:
     steps:
       - name: debug
         run: |
-          echo "${{ inputs.branch }}"
+          echo "${{ inputs.ref }}"
           echo "${{ github.base_ref }}"
 
-  java-version:
+  pre-requisites:
     needs: debug-job
     runs-on: ${{ vars.BUILD_CONTAINER_DISTRO_VERSION }}
     outputs:
       java-version: ${{ steps.get-java-version.outputs.java-version }}
+      is-snapshot: ${{ steps.get-is-snapshot.outputs.is-snapshot }}
     steps:
       - name: Checkout client
         uses: actions/checkout@v4
         with:
-          ref: ${{ inputs.branch }}
+          fetch-depth: 0
+          ref: ${{ inputs.ref }}
 
       - name: Get java version
         id: get-java-version
@@ -34,21 +39,50 @@ jobs:
         run: |
           echo ${{ steps.get-java-version.outputs.java-version }}
 
+      - name: Detect if snapshot
+        id: get-is-snapshot
+        shell: bash
+        run: |
+          # Getting previous commit
+          COMMIT_REF="HEAD~1"
+
+          # Checking if previous commit contains pom.xml. This should always return true
+          if ! git show "${COMMIT_REF}:pom.xml" &>/dev/null; then
+            echo "Error: pom.xml not found in commit ${COMMIT_REF}"
+            exit 1
+          fi
+
+          # Getting previous version
+          OLD_VERSIONS=$(git show "${COMMIT_REF}:pom.xml" |
+            sed -n 's/.*<revision>\([^<]*\)<\/revision>.*/\1/p')
+
+          # Getting current version
+          NEW_VERSIONS=$(sed -n 's/.*<revision>\([^<]*\)<\/revision>.*/\1/p' pom.xml)
+
+          # Compare the extracted versions. CI will not commit snapshot version.
+          if [[ "${OLD_VERSIONS}" != "${NEW_VERSIONS}" ]]; then
+            echo "is-snapshot='false'" >> $GITHUB_OUTPUT
+          else
+            echo "is-snapshot='true'" >> $GITHUB_OUTPUT
+          fi
+
   build:
     uses: ./.github/workflows/release.yaml
-    needs: java-version
+    needs: pre-requisites
     strategy:
       matrix:
         crypto-type: [bouncycastle, gnu]
     with:
-      java-version: ${{ needs.java-version.outputs.java-version }}
-      branch: ${{ inputs.branch }}
+      ref: ${{ inputs.ref }}
+      java-version: ${{ needs.pre-requisites.outputs.java-version }}
       crypto-type: ${{ matrix.crypto-type }}
+      is-snapshot: ${{ needs.pre-requisites.outputs.is-snapshot }}
     secrets: inherit
 
   aggregate-published-artifacts:
     uses: ./.github/workflows/aggregate-build.yaml
-    needs: [java-version, build]
+    needs: [pre-requisites, build]
     secrets: inherit
     with:
-      java-version: ${{ needs.java-version.outputs.java-version }}
+      java-version: ${{ needs.pre-requisites.outputs.java-version }}
+      is-snapshot: ${{ needs.pre-requisites.outputs.is-snapshot }}