add sigstore-maven-plugin 1.1.0 #756
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| pull_request_target: | |
| branches: [ "master" ] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Checkout PR | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh pr checkout ${{ github.event.pull_request.number }} | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "Reproducible Central CI" | |
| git config --local advice.detachedHead false | |
| - name: Set up Docker Buildx | |
| uses: docker/[email protected] | |
| - name: Log into ghcr.io registry | |
| uses: docker/[email protected] | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: List changed files | |
| id: changed-files | |
| uses: tj-actions/changed-files@v45 | |
| - name: Build from buildspec | |
| run: | | |
| for file in ${{ steps.changed-files.outputs.all_changed_files }}; do | |
| if [[ $file == *.buildspec ]]; then | |
| . $file | |
| if [[ "$command" == SHELL* ]] | |
| then | |
| # don't even try to automatically build, but prepare message for PR comment | |
| echo "command=$command" | |
| echo "Configured build command requires interactive shell: | |
| \`\`\` | |
| command=$command | |
| \`\`\` | |
| Run | |
| \`\`\` | |
| git switch $artifactId-$version | |
| ./rebuild.sh $file | |
| ( ... interactive shell ... ) | |
| git add $(dirname $file) | |
| git commit -m './rebuild.sh $file' | |
| git push | |
| gh pr merge -m | |
| \`\`\`" >> PRcomment.txt | |
| cat PRcomment.txt | |
| continue | |
| fi | |
| sudo apt-get -qq install -y dos2unix 2>&1 > /dev/null | |
| ./rebuild.sh $file | |
| bin/update-project-summary.sh "$(dirname $file)" | |
| git add "$(dirname $file)" | |
| git commit -m "./rebuild.sh $file" | |
| git push | |
| buildcompare="$(dirname $file)/$(basename $buildinfo .buildinfo).buildcompare" | |
| echo '```' >> PRcomment.txt | |
| grep -v okFiles "$buildcompare" >> PRcomment.txt | |
| echo '```' >> PRcomment.txt | |
| if [ $(grep "ko=0" PRcomment.txt | wc -l) -eq 0 ] | |
| then | |
| ./build_diffoscope.sh "$buildcompare" buildcache/$artifactId | |
| diffoscope="$(dirname $file)/$(basename $buildinfo .buildinfo).diffoscope" | |
| [ -f $diffoscope ] && mv "$diffoscope" . \ | |
| && echo ":mag: diffoscope analysis uploaded to ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> PRcomment.txt | |
| fi | |
| echo '```' >> PRcomment.txt | |
| cat time.txt >> PRcomment.txt | |
| echo '```' >> PRcomment.txt | |
| rm -f time.txt | |
| fi | |
| done | |
| - name: Add PR comment with results | |
| if: ${{ hashFiles('PRcomment.txt') != '' }} | |
| uses: mshick/add-pr-comment@v2 | |
| with: | |
| message-path: | | |
| PRcomment.txt | |
| - name: Merge PR | |
| if: ${{ hashFiles('PRcomment.txt') != '' }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| if [ $(grep "ko=0" PRcomment.txt | wc -l) -eq 1 ] | |
| then | |
| gh pr merge -m -d | |
| fi | |
| - name: Archive diffoscope output | |
| if: ${{ hashFiles('*.diffoscope') != '' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: diffoscope | |
| path: "*.diffoscope" |