Bump actions/checkout from 4.1.7 to 4.2.0 #153
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Licensed to the Apache Software Foundation (ASF) under one or more | |
# contributor license agreements. See the NOTICE file distributed with | |
# this work for additional information regarding copyright ownership. | |
# The ASF licenses this file to You under the Apache License, Version 2.0 | |
# (the "License"); you may not use this file except in compliance with | |
# the License. You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
name: Java Cross Test | |
# Builds native binaries for various Linux and Windows architectures using Linux and Docker | |
# These are then combined with a macOS build to produce a combined set of binaries and jars | |
# The resulting binaries are then tested | |
on: | |
# allow direct trigger | |
workflow_dispatch: | |
push: | |
paths: | |
- '**/native/**' | |
- 'Makefile*' | |
- '**/OpenSslNative.java' | |
- '**/OpenSslCryptoRandomNative.java' | |
- '**/OpenSslInfoNative.java' | |
- '**/workflows/maven_crosstest.yml' | |
- 'src/docker/*' | |
- '!src/docker/Dockerfile*' | |
# Don't trigger on docker change; will be started after build | |
workflow_run: | |
workflows: ['Docker images'] | |
types: [completed] | |
permissions: | |
contents: read | |
env: | |
REGISTRY: ghcr.io | |
# Output from build-cross-linux | |
CACHE-LINUX: crypto-target-linux | |
# Output from package-macos | |
CACHE-ALL: crypto-target-all | |
jobs: | |
# Remove any existing caches | |
cleanup: | |
runs-on: ubuntu-latest | |
permissions: | |
# `actions:write` permission is required to delete caches | |
# See also: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#delete-a-github-actions-cache-for-a-repository-using-a-cache-id | |
actions: write | |
contents: read | |
steps: | |
- name: clear cache | |
env: | |
GH_TOKEN: ${{ github.token }} | |
run: | | |
gh extension install actions/gh-actions-cache | |
gh actions-cache delete ${{ env.CACHE-LINUX }} -R ${{ github.repository }} -B ${{ github.ref_name }} --confirm || true | |
gh actions-cache delete ${{ env.CACHE-ALL }} -R ${{ github.repository }} -B ${{ github.ref_name }} --confirm || true | |
# Use Linux and Docker to build Linux and Windows binaries | |
build-cross-linux: | |
needs: cleanup | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
with: | |
persist-credentials: false | |
- uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Image prefix (lower case) | |
run: | | |
echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV | |
- name: Build 64 bit native code | |
run: | | |
time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh src/docker/build.sh | |
- name: Build 32 bit native code | |
run: | | |
time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh src/docker/build_linux32.sh | |
ls -l target | |
- name: Save generated Linux binaries | |
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
key: ${{ env.CACHE-LINUX }} | |
path: target | |
# Use macOS to build its native binaries and package them with the Linux/Windows ones | |
package-macos: | |
needs: build-cross-linux | |
runs-on: macos-13 # macos-14 does not have Java 8 | |
steps: | |
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
with: | |
persist-credentials: false | |
- name: Set up JDK | |
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 | |
with: | |
distribution: 'temurin' | |
java-version: 8 | |
# these values cause the plugin to set up the Maven settings.xml file | |
server-id: apache.snapshots.https # Value of the distributionManagement/repository/id field of the pom.xml | |
server-username: NEXUS_USER # env variable for username in deploy | |
server-password: NEXUS_PW # env variable for token in deploy | |
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Build on macOS | |
run: | | |
mvn -V -B -ntp test -DskipTests | |
# build 64 bit macOS libraries | |
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=mac64 | |
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=macArm64 | |
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=mac-aarch64 | |
ls -l target | |
- name: Retrieve saved Linux binaries | |
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
key: ${{ env.CACHE-LINUX }} | |
path: target | |
- name: Package and deploy to Maven Central on macOS | |
if: github.repository == 'apache/commons-crypto' && github.ref_name == 'master' | |
env: | |
NEXUS_USER: ${{ secrets.NEXUS_USER }} | |
NEXUS_PW: ${{ secrets.NEXUS_PW }} | |
# Speed up builds by disabling unnecessary plugins | |
# Note: spdx.skip requires version 0.7.1+ | |
run: | | |
ls -l target | |
mvn -V -B -ntp deploy -DskipTests -Drat.skip -Djacoco.skip -DbuildNumber.skip -Danimal.sniffer.skip -Dcyclonedx.skip -Dspdx.skip | |
ls -l target | |
# At some point would like to run the cross tests using only the jars | |
# In the meantime, use the target class structure | |
- name: Save generated Linux + macOS binaries | |
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
key: ${{ env.CACHE-ALL }} | |
path: target | |
# This is only visible on the Workflow summary page | |
- name: Upload packaged jars for external testing | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: crypto-package | |
path: target/*.jar | |
retention-days: 7 | |
# Test Jobs that don't use Docker | |
standalone: | |
needs: package-macos | |
runs-on: ${{ matrix.os }} | |
# continue-on-error: ${{ matrix.experimental }} | |
strategy: | |
matrix: | |
include: | |
- os: macos-13 # macos-14 does not have Java 8 | |
java: 8 | |
expectedPath: Mac/x86_64 | |
- os: ubuntu-latest | |
java: 8 | |
expectedPath: Linux/x86_64 | |
- os: windows-latest | |
java: 8 | |
expectedPath: Windows/x86_64 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
with: | |
persist-credentials: false | |
- name: Retrieve saved target tree | |
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
key: ${{ env.CACHE-ALL }} | |
path: target | |
enableCrossOsArchive: true | |
fail-on-cache-miss: true | |
- name: Show files | |
run: ls -l target | |
- name: Cache Maven | |
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Set up JDK ${{ matrix.java }} | |
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
- name: OpenSSL version (default) | |
run: openssl version -a | |
- name: OpenSSL engine (macOS) | |
# need to override the libarary path on macOS to avoid 'unsafe load' complaint | |
if: ${{ runner.os == 'macOS' }} | |
# set up ENGINESDIR from openssl | |
run: | | |
echo $(openssl version -e | sed -n -e 's/engines-.*//' -e 's/: "/=/p') >> "$GITHUB_ENV" | |
- name: Test on ${{ matrix.os }} ${{ matrix.expectedPath }} (Java ${{ matrix.java }}) | |
run: > | |
mvn -V -B -ntp surefire:test -Ptest-with-jar -D"jni.library.path=$ENGINESDIR" -D"jna.library.path=$ENGINESDIR" | |
-D"OsInfoTest.expectedPath=${{ matrix.expectedPath }}" | |
# use Linux and Docker to test some additional OS arch combinations | |
test-cross-linux: | |
needs: package-macos | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
with: | |
persist-credentials: false | |
- name: Docker setup QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Image prefix (lower case) | |
run: | | |
echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV | |
- name: Retrieve saved target tree | |
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 | |
with: | |
key: ${{ env.CACHE-ALL }} | |
path: target | |
- name: Run on Linux/aarch64 | |
run: | | |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-aarch64-gh \ | |
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/aarch64 | |
- name: Run on riscv64 | |
# See https://github.com/java-native-access/jna/issues/1557 | |
run: | | |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-riscv64-gh \ | |
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/riscv64 -Djna.version=5.12.0 | |
- name: Run on Linux/x86_64 | |
run: | | |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh \ | |
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/x86_64 |