#1696: Fixed refactoring #1841
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
workflow_dispatch: | |
push: | |
# https://github.community/t/action-does-not-run-on-master-with-tags-ignore-v/128354/4 | |
branches: | |
- '**' | |
paths-ignore: | |
- 'documentation/**' | |
- 'solicitor/**' | |
- '**.asciidoc' | |
tags-ignore: | |
- '**' | |
pull_request: | |
paths-ignore: | |
- 'documentation/**' | |
- 'solicitor/**' | |
- '**.asciidoc' | |
env: | |
# if continuously builds exiting randomly, possibly add again -Djansi.force=true -Djansi.passthrough=true | |
MVN_BATCH_MODE: '-B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn' | |
# fixing random connection reset of maven downloads as proposed here: https://github.com/actions/virtual-environments/issues/2715#issuecomment-797388909 | |
MVN_HTTP_OPTIMIZATION: '-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.httpconnectionManager.ttlSeconds=120' | |
REPOSITORY_PATH: repo | |
jobs: | |
cache-dependencies: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Enable git support for long paths on Windows | |
if: ${{ runner.os == 'Windows' }} | |
shell: cmd | |
run: git config --system core.longpaths true | |
- name: Clone Repository | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ env.REPOSITORY_PATH }} | |
- name: Checkout & Prepare | |
uses: devonfw-actions/java-maven-setup@main | |
with: | |
maven-cache-path: ./.m2/repository | |
maven-cache-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }} | |
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles | |
- name: Overwrite maven settings | |
shell: bash | |
run: | | |
mkdir -p ~/.m2 | |
cp -rf ${{ env.REPOSITORY_PATH }}/.mvn/ci-settings.xml ~/.m2/settings.xml | |
- name: Resolve non-cobigen dependencies | |
shell: bash | |
run: | | |
cd ${{ env.REPOSITORY_PATH }} | |
mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:resolve -pl !com.devonfw.cobigen:com.devonfw.cobigen.eclipse.test -DexcludeGroupIds=com.devonfw.cobigen -T1C -Pp2-build ${{ env.MVN_BATCH_MODE }} ${{ env.MVN_HTTP_OPTIMIZATION }} || true # never fail | |
mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:resolve-plugins -pl !com.devonfw.cobigen:com.devonfw.cobigen.eclipse.test -DexcludeGroupIds=com.devonfw.cobigen -T1C -Pp2-build ${{ env.MVN_BATCH_MODE }} ${{ env.MVN_HTTP_OPTIMIZATION }} || true # never fail | |
build: | |
needs: cache-dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Enable git support for long paths on Windows | |
if: ${{ runner.os == 'Windows' }} | |
shell: cmd | |
run: git config --system core.longpaths true | |
- name: Clone Repository | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ env.REPOSITORY_PATH }} | |
- name: Checkout & Prepare | |
uses: devonfw-actions/java-maven-setup@main | |
with: | |
maven-cache-path: ./.m2/repository | |
maven-cache-key: maven-${{ github.sha }}-${{ github.run_number }} # new key will cache | |
maven-cache-restore-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }} | |
java-version: 11 | |
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles | |
- name: Cache built P2 repositories | |
uses: actions/cache@v3 | |
with: | |
path: ./${{ env.REPOSITORY_PATH }}/**/target/repository/ | |
key: p2-${{ github.sha }}-${{ github.run_number }} # new key will cache | |
enableCrossOsArchive: true | |
- name: Build all artifacts | |
shell: bash | |
run: | | |
cd ${{ env.REPOSITORY_PATH }} | |
./build.sh -spb | |
test: | |
needs: build | |
strategy: | |
fail-fast: false | |
matrix: | |
component: [core, plugins, templates, maven, eclipse, cli] | |
javaVersion: [11] | |
os: [windows-latest, ubuntu-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Enable git support for long paths on Windows | |
if: ${{ runner.os == 'Windows' }} | |
shell: cmd | |
run: git config --system core.longpaths true | |
- name: Clone Repository | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ env.REPOSITORY_PATH }} | |
- uses: devonfw-actions/java-maven-setup@main | |
with: | |
maven-cache-path: ./.m2/repository | |
maven-cache-key: maven-${{ github.sha }}-${{ github.run_number }} # match, restore only | |
java-version: ${{ matrix.javaVersion }} | |
jacoco-cache-key: jacoco-${{ github.sha }}-${{ matrix.component }} # new key will cache | |
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles | |
- name: Restore built P2 repositories | |
uses: actions/cache@v3 | |
with: | |
path: ./${{ env.REPOSITORY_PATH }}/**/target/repository/ | |
key: p2-${{ github.sha }}-${{ github.run_number }} # match, restore only | |
enableCrossOsArchive: true | |
# need to overwrite global settings file to cath all mvn executions properly in tests | |
- name: Overwrite maven settings | |
shell: bash | |
run: | | |
mkdir -p ~/.m2 | |
cp -rf ${{ env.REPOSITORY_PATH }}/.mvn/ci-settings.xml ~/.m2/settings.xml | |
- name: Test | |
shell: bash | |
env: | |
M2_REPO: ${{ github.workspace }}/.m2/repository # fix for https://github.com/m-m-m/code/issues/43 | |
run: | | |
cd ${{ env.REPOSITORY_PATH }} | |
if [[ "${{ matrix.component }}" == "eclipse" && "${{ matrix.os }}" == "ubuntu-latest" ]] | |
then | |
xvfb-run -a ./build.sh -sdtcb --components ${{ matrix.component }} | |
else | |
./build.sh -sdtcb --components ${{ matrix.component }} | |
fi | |
# Sonar Analysis is done in separate workflow (https://github.com/devonfw/cobigen/blob/master/.github/workflows/sonar-analysis.yml) | |
# as of a workaround of potential secret leaking on PRs (https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) | |
sonar-analysis-preparation: | |
needs: [test] | |
runs-on: ubuntu-latest | |
steps: | |
- name: 'Prepare workflow context for transfer' | |
env: | |
# As a precaution, reference this value by an interpolated ENV var; | |
# instead of interpolating user controllable input directly in the shell script. | |
PR_TITLE: ${{ github.event.pull_request.title }} | |
run: | | |
# Save ENV for transfer | |
{ | |
echo "PR_HEADSHA=${{ github.event.pull_request.head.sha }}" | |
echo "PR_NUMBER=${{ github.event.pull_request.number }}" | |
echo "PR_TITLE=${PR_TITLE}" | |
} >> workflow.env | |
tar --zstd -cf workflow.tar.zst workflow.env | |
- name: 'Upload workflow context artifact' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: maven-build-test-workflow-context | |
path: workflow.tar.zst | |
retention-days: 1 | |
release: | |
needs: [test] | |
runs-on: ubuntu-latest | |
if: ${{ startsWith(github.repository, 'devonfw/') && github.ref == 'refs/heads/master' }} | |
continue-on-error: true | |
environment: | |
name: maven-central | |
outputs: | |
release_tag: ${{ steps.get_tag.outputs.tag }} | |
steps: | |
- name: Clone Repository | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ env.REPOSITORY_PATH }} | |
- uses: devonfw-actions/java-maven-setup@main | |
with: | |
maven-cache-path: ./.m2/repository | |
maven-cache-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }} | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
BUILD_USER: ${{ secrets.BUILD_USER }} | |
BUILD_USER_PASSWD: ${{ secrets.BUILD_USER_PASSWD }} | |
BUILD_USER_EMAIL: ${{ secrets.BUILD_USER_EMAIL }} | |
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles | |
- name: Release | |
id: release | |
shell: bash | |
env: | |
GPG_KEY: ${{ secrets.GPG_KEY }} | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
BUILD_USER: ${{ secrets.BUILD_USER }} | |
BUILD_USER_PASSWD: ${{ secrets.BUILD_USER_PASSWD }} | |
BUILD_USER_EMAIL: ${{ secrets.BUILD_USER_EMAIL }} | |
run: | | |
cd ${{ env.REPOSITORY_PATH }} | |
./release.sh -syb skip-qa | |
- name: 'Get release tag' | |
id: get_tag | |
uses: "WyriHaximus/github-action-get-previous-tag@v1.1.0" | |
env: | |
GITHUB_TOKEN: "${{ secrets.GHA_TOKEN }}" | |
github-release: | |
needs: release | |
runs-on: ubuntu-latest | |
if: ${{ startsWith(github.repository, 'devonfw/') && github.ref == 'refs/heads/master' && needs.release.outputs.release_tag != '' }} | |
steps: | |
- uses: devonfw-actions/create-github-release@v1 | |
with: | |
release_version: ${{ needs.release.outputs.release_tag }} | |
GHA_TOKEN: ${{ secrets.GHA_TOKEN }} | |