name: Publish

on:
  release:
    types:
      - created

jobs:
  publish:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        package:
          - fastapi
          - fastapi-slim
    permissions:
      id-token: write
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v4

    if (name.endsWith("ToRemoteRepository")) {
        failEarlyIfUrlOrCredentialsAreNotSet(this)
    }
}

@Suppress("ThrowsCount")
fun Project.failEarlyIfUrlOrCredentialsAreNotSet(publish: Task) {
    gradle.taskGraph.whenReady {
        if (hasTask(publish)) {
            if (artifactoryUrl.isEmpty()) {
                throw GradleException("artifactoryUrl is not set!")
            }
            if (artifactoryUserName.isNullOrEmpty()) {

    tasks.named("publishLocalPublicationToRemoteRepository") {
        enabled = false // don't publish normalized local version to remote repository when using 'publish' lifecycle task
    }
    tasks.named("publishGradleDistributionPublicationToLocalRepository") {
        enabled = false // this should not be used so we disable it to avoid confusion when using 'publish' lifecycle task
    }

			Description:     "publish bucket notifications to webhook endpoints",
			MultipleTargets: true,
		},
		config.HelpKV{
			Key:             config.NotifyAMQPSubSys,
			Description:     "publish bucket notifications to AMQP endpoints",
			MultipleTargets: true,
		},
		config.HelpKV{
			Key:             config.NotifyKafkaSubSys,
			Description:     "publish bucket notifications to Kafka endpoints",

        uses: actions/checkout@v4

      - name: Generate Release Notes and Publish
        id: generate_release_notes
        uses: release-drafter/release-drafter@v6
        with:
          config-name: 'release-drafter.yml'
          name: "Release ${{ github.ref_name }}"
          tag: ${{ github.ref_name }}
          publish: true
          prerelease: false
        env:

					"name":"TeamCityParallelTests",
					"numberOfBatches":1
				},
				"subprojects":[
					"plugins-java",
					"publish",
					"plugins-java-base",
					"build-cache",
					"tooling-native",
					"plugins-test-report-aggregation",
					"instrumentation-agent-services",
					"public-api-tests",
					"java-platform",
					"testing-base",
					"unit-test-fixtures"
				]
			},
			{

          # - you want to enable the Branch-Protection check on a *public* repository, or
          # - you are installing Scorecard on a *private* repository
          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
          # repo_token: ${{ secrets.SCORECARD_TOKEN }}

          # Public repositories:
          #   - Publish results to OpenSSF REST API for easy access by consumers

        password("env.ORG_GRADLE_PROJECT_gradleS3SecretKey", "%gradleS3SecretKey%")
        password("env.ORG_GRADLE_PROJECT_artifactoryUserPassword", "%gradle.internal.repository.build-tool.publish.password%")
        password("env.DOTCOM_DEV_DOCS_AWS_ACCESS_KEY", "%dotcomDevDocsAwsAccessKey%")
        password("env.DOTCOM_DEV_DOCS_AWS_SECRET_KEY", "%dotcomDevDocsAwsSecretKey%")

        run: ./util/print_surefire_reports.sh
      - name: 'Integration Test'
        if: matrix.java == 11
        shell: bash
        run: util/gradle_integration_tests.sh

  publish_snapshot:
    name: 'Publish snapshot'
    needs: test
    if: github.event_name == 'push' && github.repository == 'google/guava'
    runs-on: ubuntu-latest
    steps:
      - name: 'Check out repository'

    name: Scorecards analysis
    runs-on: ubuntu-latest
    permissions:
      # Needed to upload the results to code-scanning dashboard.
      security-events: write
      # Needed to publish results and get a badge (see publish_results below).
      id-token: write

    steps:
      - name: "Checkout code"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with: