cloudbuild_release.yaml

# Access the id_github file from Secret Manager, and setup SSH
steps:
  - name: 'gcr.io/cloud-builders/git'
    secretEnv: ['SSH_KEY']
    entrypoint: 'bash'
    args:
      - -c
      - |
        echo "$$SSH_KEY" >> /root/.ssh/id_rsa
        chmod 400 /root/.ssh/id_rsa
        cp known_hosts.github /root/.ssh/known_hosts
    volumes:
      - name: 'ssh'
        path: /root/.ssh

  - name: maven:3.9.0-eclipse-temurin-17-focal
    entrypoint: bash
    env:
      - 'REPO_USERNAME=$_REPO_USER'
      - 'REPO_API_TOKEN=$_REPO_TOKEN'
      - 'BUILD_ID=$BUILD_ID'
      - 'BRANCH_NAME=$BRANCH_NAME'
      - 'SHORT_SHA=$SHORT_SHA'
    args:
      - -c
      - |
        apt -y update && apt -y install openssh-client && \
        git config --global user.name "cloudbuild" && \
        git config --global user.email "cloudbuild@example.com" && \
        git config --global init.defaultBranch main && \
        git branch -m ${BRANCH_NAME} && \
        mvn -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
          -gs maven/settings.xml \
          release:prepare \
          -DbranchName=${BRANCH_NAME} \
          -Dproject.build=${BUILD_ID} \
          -Dproject.commit=${SHORT_SHA} \
          -Dproject.branch=${BRANCH_NAME} \
          -DskipTests \
          -Darguments="-DskipTests -Dmaven.javadoc.skip=true" \
          -DtagNameFormat="v@{project.version}" \
          -DscmCommentPrefix="[maven-release-plugin][ci skip]" && \
        mvn -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
          -gs maven/settings.xml \
          release:perform \
          -DbranchName=${BRANCH_NAME} \
          -Dproject.build=${BUILD_ID} \
          -Dproject.commit=${SHORT_SHA} \
          -Dproject.branch=${BRANCH_NAME} \
          -DskipTests \
          -Darguments="-DskipTests -Dmaven.javadoc.skip=true"
    volumes:
      - name: 'ssh'
        path: /root/.ssh

    # Docker Build
  - name: "gcr.io/cloud-builders/docker:20.10.14"
    args: ["build", "-t", "${_ARTIFACT_REGISTRY_REPO}/tide:3.0.30", "."]

  # Docker push to Google Artifact Registry
  - name: "gcr.io/cloud-builders/docker:20.10.14"
    args: ["push", "-a", "${_ARTIFACT_REGISTRY_REPO}/tide"]

availableSecrets:
  secretManager:
    - versionName: projects/som-irt-scci-dev/secrets/tide-github-key/versions/latest
      env: 'SSH_KEY'

logsBucket: 'gs://cloud-build-dev.starr-data.us'