Archives/JetBrains_intellij-platform-plugin-template
1
0
Fork 0
mirror of https://github.com/JetBrains/intellij-platform-plugin-template.git synced 2024-10-27 20:44:05 +00:00
Code Issues Projects Releases Wiki Activity

Plugin signing

Browse Source
This commit is contained in:
Jakub Chrzanowski 2021-07-26 23:01:02 +02:00 committed by Jakub Chrzanowski
parent 423c1654d8
commit 45d1bc5c9c
10 changed files with 152 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.github/readme/draft-release.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 34 KiB

After

Width:  |  Height:  |  Size: 92 KiB

BIN
.github/readme/run-debug-configurations.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 42 KiB

After

Width:  |  Height:  |  Size: 97 KiB

BIN
.github/readme/run-debug-env.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 377 KiB

BIN
.github/readme/run-logs.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 71 KiB

After

Width:  |  Height:  |  Size: 163 KiB

BIN
.github/readme/settings-secrets.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 73 KiB

After

Width:  |  Height:  |  Size: 264 KiB

BIN
.github/readme/use-this-template.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 52 KiB

After

Width:  |  Height:  |  Size: 175 KiB

29
.run/Publish Plugin.run.xml Normal file
View File

@ -0,0 +1,29 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Publish Plugin" type="GradleRunConfiguration" factoryName="Gradle">
<ExternalSystemSettings>
<option name="env">
<map>
<entry key="CERTIFICATE_CHAIN" value="-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----" />
<entry key="PRIVATE_KEY" value="-----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----" />
<entry key="PRIVATE_KEY_PASSWORD" value="Certificate password" />
<entry key="PUBLISH_TOKEN" value="Marketplace Publishing Token value" />
</map>
</option>
<option name="executionName" />
<option name="externalProjectPath" value="$PROJECT_DIR$" />
<option name="externalSystemIdString" value="GRADLE" />
<option name="scriptParameters" value="publishPlugin" />
<option name="taskDescriptions">
<list />
</option>
<option name="taskNames">
<list />
</option>
<option name="vmOptions" />
</ExternalSystemSettings>
<ExternalSystemDebugServerProcess>true</ExternalSystemDebugServerProcess>
<ExternalSystemReattachDebugProcess>true</ExternalSystemReattachDebugProcess>
<DebugAllEnabled>false</DebugAllEnabled>
<method v="2" />
</configuration>
</component>

2
CHANGELOG.md
View File

@ -4,10 +4,12 @@
## [Unreleased]
### Added
- Plugin Signing run configuration
- GitHub Actions: UI Tests workflow
- Suppress `UnusedProperty` inspection for the `kotlin.stdlib.default.dependency` in `gradle.properties`
- Use Gradle `wrapper` task to handle Gradle updates
- JVM compatibility version extracted to `gradle.properties` file
- `Publish Plugin` run configuration
### Removed
- Removed `detekt`/`ktlint` integration

175
README.md
View File

@ -19,7 +19,6 @@ If you're still not quite sure what this is all about, read our introduction: [W
> **TIP**: Click the <kbd>Watch</kbd> button on the top to be notified about releases containing new features and fixes.
### Table of contents
In this README, we will highlight the following elements of template-project creation:
@ -27,25 +26,26 @@ In this README, we will highlight the following elements of template-project cre
- [Getting started](#getting-started)
- [Gradle configuration](#gradle-configuration)
- [Plugin template structure](#plugin-template-structure)
- [Dependency on the Kotlin standard library](#dependency-on-the-kotlin-standard-library)
- [Dependency on the Kotlin standard library](#dependency-on-the-kotlin-standard-library)
- [Plugin configuration file](#plugin-configuration-file)
- [Sample code](#sample-code):
- listeners project and dynamic plugin lifecycle
- services project-related and application-related services
- actions basic action with shortcut binding
- listeners project and dynamic plugin lifecycle
- services project-related and application-related services
- actions basic action with shortcut binding
- [Predefined Run/Debug configurations](#predefined-rundebug-configurations)
- [Continuous integration](#continuous-integration) based on GitHub Actions
- [Dependencies management](#dependencies-management) with dependabot
- [Changelog maintenance](#changelog-maintenance) with the Gradle Changelog Plugin
- [Release flow](#release-flow) using GitHub Releases
- [Publishing the plugin](#publishing-the-plugin) with the Gradle IntelliJ Plugin
- [Dependencies management](#dependencies-management) with dependabot
- [Changelog maintenance](#changelog-maintenance) with the Gradle Changelog Plugin
- [Release flow](#release-flow) using GitHub Releases
- [Plugin signing](#plugin-signing) with your private certificate
- [Publishing the plugin](#publishing-the-plugin) with the Gradle IntelliJ Plugin
- [FAQ](#faq)
- [Useful links](#useful-links)
## Getting started
Before we dive into plugin development and everything related to it, it's worth mentioning the benefits of using GitHub Templates. By creating a new project using the current template, you start with no history and no reference to this repository. This allows you to create a new repository easily without having to copy and paste previous content, clone repositories, or clear the history manually.
Before we dive into plugin development and everything related to it, it's worth mentioning the benefits of using GitHub Templates. By creating a new project using the current template, you start with no history and no reference to this repository. This allows you to create a new repository easily without copying and pasting previous content, clone repositories, or clearing the history manually.
All you have to do is click the <kbd>Use this template</kbd> button.
@ -53,16 +53,16 @@ All you have to do is click the <kbd>Use this template</kbd> button.
After using the template to create your blank project, the [Template Cleanup][file:template_cleanup.yml] workflow will be triggered to override or remove any template-specific configurations, such as the plugin name, current changelog, etc. Once this is complete, the project is ready to be cloned to your local environment and opened with [IntelliJ IDEA][jb:download-ij].
For the last step, you have to manually review the configuration variables described in the [gradle.properties][file:gradle.properties] file and *optionally* move sources from the *com.github.username.repository* package to the one that works best for you. Then you can get to work implementing your ideas.
For the last step, you have to manually review the configuration variables described in the [`gradle.properties`][file:gradle.properties] file and *optionally* move sources from the *com.github.username.repository* package to the one that works best for you. Then you can get to work implementing your ideas.
> **TIP:** To use Java in your plugin, create the `/src/main/java` directory.
## Gradle configuration
The recommended method for plugin development involves using the [Gradle][gradle] setup with the [gradle-intellij-plugin][gh:gradle-intellij-plugin] installed. The gradle-intellij-plugin makes it possible to run the IDE with your plugin and publish your plugin to the Marketplace Repository.
The recommended method for plugin development involves using the [Gradle][gradle] setup with the [gradle-intellij-plugin][gh:gradle-intellij-plugin] installed. The `gradle-intellij-plugin` makes it possible to run the IDE with your plugin and publish your plugin to the Marketplace Repository.
A project built using the IntelliJ Platform Plugin Template includes a Gradle configuration that's already been set up. Feel free to read through the [Using Gradle][docs:using-gradle] articles to better understand your build and learn how to customize it.
A project built using the IntelliJ Platform Plugin Template includes a Gradle configuration that's already been set up. Feel free to read through the [Using Gradle][docs:using-gradle] articles to understand your build better and learn how to customize it.
The most significant parts of the current configuration are:
- Configuration written with [Gradle Kotlin DSL][gradle-kotlin-dsl].
@ -71,24 +71,59 @@ The most significant parts of the current configuration are:
- Integration with the [gradle-intellij-plugin][gh:gradle-intellij-plugin] for smoother development.
- [Plugin publishing][docs:publishing] using the token.
For more details regarding Kotlin integration, please see [Kotlin for Plugin Developers][kotlin-for-plugin-developers] section in the IntelliJ Platform Plugin SDK documentation.
### Gradle properties
The project-specific configuration file [gradle.properties][file:gradle.properties] contains:
| Property name | Description |
| ------------------------- | --------------------------------------------------------------------------------------------------------- |
| `pluginGroup` | Package name - after *using* the template, this will be set to `com.github.username.repo`. |
| `pluginName` | Plugin name displayed in the Marketplace and the Plugins Repository. |
| `pluginVersion` | The current version of the plugin. |
| `pluginSinceBuild` | The `since-build` attribute of the <idea-version> tag. |
| `pluginUntilBuild` | The `until-build` attribute of the <idea-version> tag. |
| `platformType` | The type of IDE distribution. |
| `platformVersion` | The version of the IntelliJ Platform IDE that will be used to build the plugin. |
| `platformDownloadSources` | IDE sources downloaded while initializing the Gradle build. |
| `platformPlugins` | Comma-separated list of dependencies to the bundled IDE plugins and plugins from the Plugin Repositories. |
| Property name | Description |
| --------------------------- | ----------------------------------------------------------------------------------------------------------- |
| `pluginGroup` | Package name - after *using* the template, this will be set to `com.github.username.repo`. |
| `pluginName` | Plugin name displayed in the Marketplace and the Plugins Repository. |
| `pluginVersion` | The current version of the plugin. |
| `pluginSinceBuild` | The `since-build` attribute of the <idea-version> tag. |
| `pluginUntilBuild` | The `until-build` attribute of the <idea-version> tag. |
| `pluginVerifierIdeVersions` | Versions of the IDEs that will be used with Plugin Verifier. |
| `platformType` | The type of IDE distribution. |
| `platformVersion` | The version of the IntelliJ Platform IDE will be used to build the plugin. |
| `platformDownloadSources` | IDE sources downloaded while initializing the Gradle build. |
| `platformPlugins` | Comma-separated list of dependencies to the bundled IDE plugins and plugins from the Plugin Repositories. |
| `javaVersion` | Java language level used to compile sources and generate the files for - Java 11 is required since 2020.3. |
| `gradleVersion` | Version of Gradle used for plugin development. |
The properties listed define the plugin itself or configure the [gradle-intellij-plugin][gh:gradle-intellij-plugin] check its documentation for more details.
For more details regarding Kotlin integration, please see: [Kotlin for Plugin Developers][kotlin-for-plugin-developers] section in the IntelliJ Platform Plugin SDK documentation.
### Environment variables
Some values used for the Gradle configuration shouldn't be stored in files to avoid publishing them to the Version Control System.
To avoid that, environment variables are introduced, which can be provided within the *Run/Debug Configuration* within the IDE, or on the CI like for GitHub: `⚙️ Settings > Secrets`.
Environment variables used by the current project are related to the [plugin signing](#plugin-signing) and [publishing](#publishing-the-plugin).
| Environment variable name | Description |
| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
| `PRIVATE_KEY` | Certificate private key, should contain: <code>-----BEGIN ENCRYPTED PRIVATE KEY-----<br/>...<br/>-----END ENCRYPTED PRIVATE KEY-----</code> |
| `PRIVATE_KEY_PASSWORD` | Password used for encrypting the certificate file. |
| `CERTIFICATE_CHAIN` | Certificate chain, should contain: <code>-----BEGIN CERTIFICATE-----<br/>...<br/>-----END CERTIFICATE----</code> |
| `PUBLISH_TOKEN` | Publishing token generated in your Marketplace profile dashboard. |
For more details on how to generate proper values, check the relevant sections mentioned above.
To configure GitHub secret environment variables, go to the `⚙️ Settings > Secrets` section of your project repository:
![Settings > Secrets][file:settings-secrets.png]
There's a `Publish Plugin` preconfigured *Run/Debug Configuration* available within the project, so you can also run the publishing flow from your local environment.
To provide all required secrets, go to the `Publish Plugin` settings and edit the `Environment variables` section:
![Settings > Secrets][file:run-debug-env.png]
> **IMPORTANT:** Git tracks changes in the `Publish Plugin` configuration file. To ignore changes (tokens, certificates), run:
> ```bash
> git update-index --assume-unchanged ".run/Publish Plugin.run.xml"
> ```
## Plugin template structure
@ -96,21 +131,24 @@ A generated IntelliJ Platform Plugin Template repository contains the following
```
.
├── .github GitHub Actions workflows and Dependabot configuration files
├── .run Predefined Run/Debug Configurations
├── CHANGELOG.md Full change history.
├── LICENSE License, MIT by default
├── README.md README
├── build/ Output build directory
├── build.gradle.kts Gradle configuration
├── gradle
│ └── wrapper/ Gradle Wrapper
├── build/ Output build directory
├── src Plugin sources
│ └── main
│ ├── kotlin/ Kotlin source files
│ └── resources/ Resources - plugin.xml, icons, messages
├── .gitignore Git ignoring rules
├── build.gradle.kts Gradle configuration
├── CHANGELOG.md Full change history.
├── gradle.properties Gradle configuration properties
├── gradlew *nix Gradle Wrapper binary
├── gradlew.bat Windows Gradle Wrapper binary
└── src Plugin sources
└── main
├── kotlin/ Kotlin source files
└── resources/ Resources - plugin.xml, icons, messages
├── LICENSE License, MIT by default
├── README.md README
└── settings.gradle.kts Grade project settings
```
In addition to the configuration files, the most crucial part is the `src` directory, which contains our implementation and the manifest for our plugin [plugin.xml][file:plugin.xml].
@ -145,7 +183,7 @@ You can read more about this file in the [Plugin Configuration File][docs:plugin
## Sample code
The prepared template provides as little code as possible because it is impossible for a general scaffold to fulfill all the specific requirements for all types of plugins (language support, build tools, VCS related tools). The template contains only the following files:
The prepared template provides as little code as possible because it is impossible for a general scaffold to fulfill all the specific requirements for all types of plugins (language support, build tools, VCS related tools). Therefore, the template contains only the following files:
```
.
@ -170,15 +208,16 @@ Within the default project structure, there is a `.run` directory provided conta
![Run/Debug configurations][file:run-debug-configurations.png]
| Configuration name | Description |
| Configuration name | Description |
| ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Run Plugin | Runs [`:runIde`][gh:gradle-intellij-plugin-running-dsl] Gradle IntelliJ Plugin task. Use the *Debug* icon for plugin debugging. |
| Run Tests | Runs [`:test`][gradle-lifecycle-tasks] Gradle task. |
| Run Verifications | Runs [`:runPluginVerifier`][gh:gradle-intellij-plugin-verifier-dsl] Gradle IntelliJ Plugin task to check the plugin compatibility against the specified IntelliJ IDEs. |
| Run Verifications | Runs [`:runPluginVerifier`][gh:gradle-intellij-plugin-verifier-dsl] Gradle IntelliJ Plugin task to check the plugin compatibility against the specified IntelliJ IDEs. |
| Publish Plugin | Runs `signPlugin` and `publishPlugin` Gradle tasks. Check [Environment variables](#environment-variables) section for more details on how to configure it. |
> **TIP:** You can find the logs from the running task in the `idea.log` tab.
>
>
> ![Run/Debug configuration logs][file:run-logs.png]
@ -189,22 +228,23 @@ Continuous integration depends on [GitHub Actions][gh:actions], a set of workflo
In the `.github/workflows` directory, you can find definitions for the following GitHub Actions workflows:
- [Build](.github/workflows/build.yml)
- Triggered on `push` and `pull_request` events.
- Runs the *Gradle Wrapper Validation Action* to verify the wrapper's checksum.
- Runs the `verifyPlugin` and `test` Gradle tasks.
- Builds the plugin with the `buildPlugin` Gradle task and provides the artifact for the next jobs in the workflow.
- Verifies the plugin using the *IntelliJ Plugin Verifier* tool.
- Prepares a draft release of the GitHub Releases page for manual verification.
- Triggered on `push` and `pull_request` events.
- Runs the *Gradle Wrapper Validation Action* to verify the wrapper's checksum.
- Runs the `verifyPlugin` and `test` Gradle tasks.
- Builds the plugin with the `buildPlugin` Gradle task and provides the artifact for the next jobs in the workflow.
- Verifies the plugin using the *IntelliJ Plugin Verifier* tool.
- Prepares a draft release of the GitHub Releases page for manual verification.
- [Release](.github/workflows/release.yml)
- Triggered on `released` event.
- Publishes the plugin to the Marketplace using the provided `PUBLISH_TOKEN`.
- Sets publish channel depending on the plugin version, i.e. `1.0.0-beta` -> `beta` channel.
- Patches the Changelog and commits.
- [Template Cleanup](.github/workflows/template-cleanup.yml)
- Triggered once on the `push` event when a new template-based repository has been created.
- Overrides the scaffold with files from the `.github/template-cleanup` directory.
- Overrides JetBrains-specific sentences or package names with ones specific to the target repository.
- Removes redundant files.
- Triggered on `released` event.
- Signs the plugin with a provided certificate before publishing.
- Publishes the plugin to the Marketplace using the provided `PUBLISH_TOKEN`.
- Sets publish channel depending on the plugin version, i.e. `1.0.0-beta` -> `beta` channel.
- Patches the Changelog and commits.
- [Template Cleanup](.github/workflows/template-cleanup.yml)
- Triggered once on the `push` event when a new template-based repository has been created.
- Overrides the scaffold with files from the `.github/template-cleanup` directory.
- Overrides JetBrains-specific sentences or package names with ones specific to the target repository.
- Removes redundant files.
All the workflow files have accurate documentation, so it's a good idea to take a look through their sources.
@ -228,7 +268,7 @@ Dependabot is a bot provided by GitHub for checking the build configuration file
### Changelog maintenance
When releasing an update, it is important to let your users know what the new version offers. The best way to do this is to provide release notes.
When releasing an update, it is essential to let your users know what the new version offers. The best way to do this is to provide release notes.
The changelog is a curated list that contains information about any new features, fixes, and deprecations. When they are provided, these lists are available in a few different places: the [CHANGELOG.md](./CHANGELOG.md) file, the [Releases page][gh:releases], the *What's new* section of the Marketplace Plugin page, and inside of the Plugin Manager's item details.
@ -240,19 +280,28 @@ The release process depends on the workflows already described above. When your
![Release draft][file:draft-release.png]
The draft release is a working copy of a release, which you can review before publishing. It includes a predefined title and git tag, which is the current version of the plugin, for example, `v0.0.1`. The changelog is provided automatically using the [gradle-changelog-plugin][gh:gradle-changelog-plugin]. An artifact file is also built with the plugin attached. Every new Build overrides the previous draft to keep your *Releases* page clean.
The draft release is a working copy of a release, which you can review before publishing. It includes a predefined title and git tag, the current version of the plugin, for example, `v0.0.1`. The changelog is provided automatically using the [gradle-changelog-plugin][gh:gradle-changelog-plugin]. An artifact file is also built with the plugin attached. Every new Build overrides the previous draft to keep your *Releases* page clean.
When you edit the draft and use the <kbd>Publish release</kbd> button, GitHub will tag your repository with the given version and add a new entry to the Releases tab. Next, it will notify users that are *watching* the repository, and it will trigger the final [Release](.github/workflows/release.yml) workflow.
### Plugin signing
Plugin Signing is a mechanism introduced in the 2021.2 release cycle to increase security in [JetBrains Marketplace](https://plugins.jetbrains.com) and all of our IntelliJ-based IDEs.
The Marketplace signing is designed to ensure that plugins are not modified over the course of the publishing and delivery pipeline.
The current project provides a predefined plugin signing configuration that lets you sign and publish your plugin from the CI and local environments.
All the configuration related to the signing should be provided using [environment variables](#environment-variables).
To find out how to generate signing certificates, check the [Plugin Signing][docs:plugin-signing] section in the IntelliJ Platform Plugin SDK documentation.
### Publishing the plugin
Releasing a plugin to the Marketplace is a straightforward operation that uses the `publishPlugin` Gradle task provided by the [gradle-intellij-plugin][gh:gradle-intellij-plugin]. The [Release](.github/workflows/release.yml) workflow automates this process by running the task when a new release appears in the GitHub Releases section.
Releasing a plugin to the Marketplace is a straightforward operation that uses the `publishPlugin` Gradle task provided by the [gradle-intellij-plugin][gh:gradle-intellij-plugin]. In addition, the [Release](.github/workflows/release.yml) workflow automates this process by running the task when a new release appears in the GitHub Releases section.
> **TIP**: Set a suffix to the plugin version to publish it in the custom repository channel, i.e. `v1.0.0-beta` will push your plugin to the `beta` [release channel][docs:release-channel].
The authorization process relies on the `PUBLISH_TOKEN` secret environment variable, which has to be acquired through the Secrets section of the repository Settings.
![Settings > Secrets][file:settings-secrets.png]
The authorization process relies on the `PUBLISH_TOKEN` secret environment variable, which must be specified in the _Secrets_ section of the repository _Settings_.
You can get that token in the [My Tokens][jb:my-tokens] tab within your Marketplace profile dashboard.
@ -266,10 +315,10 @@ You can get that token in the [My Tokens][jb:my-tokens] tab within your Marketpl
### How to use Java in my project?
Java language is supported by default along with Kotlin.
Initially, there's `/src/main/kotlin` directory available with some minimal examples.
You can still replace it or add next to it the `/src/main/java` to start working with Java language instead.
Initially, the `/src/main/kotlin` directory is available with minimal examples.
You can still replace it or add the `/src/main/java` directory to start working with Java language instead.
### How to disable tests or build job using the `[skip ci]` commit message?
### How to disable *tests *or *build* job using the `[skip ci]` commit message?
Since the February 2021, GitHub Actions [support the skip CI feature][github-actions-skip-ci].
If the message contains one of the following strings: `[skip ci]`, `[ci skip]`, `[no ci]`, `[skip actions]`, or `[actions skip]` workflows will not be triggered.
@ -297,6 +346,7 @@ If the message contains one of the following strings: `[skip ci]`, `[ci skip]`,
[docs:publishing]: https://plugins.jetbrains.com/docs/intellij/publishing-plugin.html?from=IJPluginTemplate
[docs:release-channel]: https://plugins.jetbrains.com/docs/intellij/deployment.html?from=IJPluginTemplate#specifying-a-release-channel
[docs:using-gradle]: https://plugins.jetbrains.com/docs/intellij/gradle-build-system.html?from=IJPluginTemplate
[docs:plugin-signing]: https://plugins.jetbrains.com/docs/intellij/plugin-signing.html?from=IJPluginTemplate
[file:use-this-template.png]: .github/readme/use-this-template.png
[file:draft-release.png]: .github/readme/draft-release.png
@ -305,6 +355,7 @@ If the message contains one of the following strings: `[skip ci]`, `[ci skip]`,
[file:plugin.xml]: ./src/main/resources/META-INF/plugin.xml
[file:run-debug-configurations.png]: .github/readme/run-debug-configurations.png
[file:settings-secrets.png]: .github/readme/settings-secrets.png
[file:run-debug-env.png]: .github/readme/run-debug-env.png
[file:template_cleanup.yml]: ./.github/workflows/template-cleanup.yml
[gh:actions]: https://help.github.com/en/actions

10
build.gradle.kts
View File

@ -42,8 +42,6 @@ changelog {
groups.set(emptyList())
}
// Configure UI tests plugin
// Read more: https://github.com/JetBrains/intellij-ui-test-robot
tasks {
// Set the JVM compatibility versions
properties("javaVersion").let {
@ -86,6 +84,8 @@ tasks {
ideVersions.set(properties("pluginVerifierIdeVersions").split(',').map(String::trim).filter(String::isNotEmpty))
}
// Configure UI tests plugin
// Read more: https://github.com/JetBrains/intellij-ui-test-robot
runIdeForUiTests {
systemProperty("robot-server.port", "8082")
systemProperty("ide.mac.message.dialogs.as.sheets", "false")
@ -93,6 +93,12 @@ tasks {
systemProperty("jb.consents.confirmation.enabled", "false")
}
signPlugin {
certificateChain.set(System.getenv("CERTIFICATE_CHAIN"))
privateKey.set(System.getenv("PRIVATE_KEY"))
password.set(System.getenv("PRIVATE_KEY_PASSWORD"))
}
publishPlugin {
dependsOn("patchChangelog")
token.set(System.getenv("PUBLISH_TOKEN"))