Skip to content

Commit

Permalink
Use Milestones and GitHub Action Sync (#235)
Browse files Browse the repository at this point in the history 
* build: Micronaut Framework 4.0.0-M1

* build: Micronaut Serde 2.0.0-M1

* build: Micronaut Validation 4.0.0-M2

* ci: GitHub Actions sync
  • Loading branch information
@sdelamo
sdelamo authored Mar 24, 2023
1 parent a1e8b3a commit e3be532
Show file tree
Hide file tree
Showing 8 changed files with 80 additions and 252 deletions.
2 changes: 1 addition & 1 deletion .github/renovate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"extends": [
"config:base"
],
"addLabels": ["dependency-upgrade"],
"addLabels": ["type: dependency-upgrade"],
"schedule": [
"every weekend"
],
Expand Down
81 changes: 0 additions & 81 deletions .github/workflows/graalvm.yml
View file

This file was deleted.

86 changes: 46 additions & 40 deletions .github/workflows/gradle.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,82 +19,88 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
graalvm: [ 'latest']
java: ['17']
env:
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }}
GH_USERNAME: ${{ secrets.GH_USERNAME }}
TESTCONTAINERS_RYUK_DISABLED: true
PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}"
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
# https://github.com/actions/virtual-environments/issues/709
- name: Free disk space
- name: "🗑 Free disk space"
run: |
sudo rm -rf "/usr/local/share/boost"
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
sudo apt-get clean
df -h
- uses: actions/checkout@v3
- name: Set up JDK
uses: actions/setup-java@v3
- name: "📥 Checkout repository"
uses: actions/checkout@v3
with:
distribution: 'temurin'
fetch-depth: 0

- name: "🔧 Setup GraalVM CE"
uses: graalvm/setup-graalvm@v1
with:
version: ${{ matrix.graalvm }}
java-version: ${{ matrix.java }}
- name: Setup Gradle
uses: gradle/[email protected]
- name: Optional setup step
env:
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
components: 'native-image'
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: "🔧 Setup Gradle"
uses: gradle/gradle-build-action@v2

- name: "❓ Optional setup step"
run: |
[ -f ./setup.sh ] && ./setup.sh || true
- name: Build with Gradle
[ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ]
- name: "🛠 Build with Gradle"
id: gradle
run: |
./gradlew check --no-daemon --parallel --continue
env:
TESTCONTAINERS_RYUK_DISABLED: true
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}"
- name: Add build scan URL as PR comment
uses: actions/github-script@v5
if: github.event_name == 'pull_request' && failure()
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: '❌ ${{ github.workflow }} failed: ${{ steps.gradle.outputs.build-scan-url }}'
})
- name: Publish Test Report
- name: "🔎 Run static analysis"
if: env.SONAR_TOKEN != ''
run: |
./gradlew sonar
- name: "📊 Publish Test Report"
if: always()
uses: mikepenz/action-junit-report@v3.7.1
uses: mikepenz/action-junit-report@v3
with:
check_name: Java CI / Test Report (${{ matrix.java }})
report_paths: '**/build/test-results/test/TEST-*.xml'
check_retries: 'true'

- name: "📜 Upload binary compatibility check results"
if: always()
uses: actions/upload-artifact@v3
with:
name: binary-compatibility-reports
path: "**/build/reports/binary-compatibility-*.html"
- name: Publish to Sonatype Snapshots

- name: "📦 Publish to Sonatype Snapshots"
if: success() && github.event_name == 'push' && matrix.java == '17'
env:
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
run: ./gradlew publishToSonatype docs --no-daemon
- name: Determine docs target repository

- name: "❓ Determine docs target repository"
uses: haya14busa/action-cond@v1
id: docs_target
with:
cond: ${{ github.repository == 'micronaut-projects/micronaut-core' }}
if_true: "micronaut-projects/micronaut-docs"
if_false: ${{ github.repository }}
- name: Publish to Github Pages

- name: "📑 Publish to Github Pages"
if: success() && github.event_name == 'push' && matrix.java == '17'
uses: micronaut-projects/github-pages-deploy-action@master
env:
Expand Down
50 changes: 0 additions & 50 deletions .github/workflows/release-notes.yml
View file

This file was deleted.

34 changes: 18 additions & 16 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
java-version: '17'
- name: Set the current release version
id: release_version
run: echo ::set-output name=release_version::${GITHUB_REF:11}
run: echo "release_version=${GITHUB_REF:11}" >> $GITHUB_OUTPUT
- name: Run pre-release
uses: micronaut-projects/github-actions/pre-release@master
env:
Expand Down Expand Up @@ -66,23 +66,25 @@ jobs:
# Store the hash in a file, which is uploaded as a workflow artifact.
echo $(sha256sum $ARTIFACTS | base64 -w0) > artifacts-sha256
- name: Upload build artifacts
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
uses: actions/upload-artifact@v3
with:
name: gradle-build-outputs
path: build/repo/${{ steps.publish.outputs.group }}/*/${{ steps.publish.outputs.version }}/*
retention-days: 5
- name: Upload artifacts-sha256
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
uses: actions/upload-artifact@v3
with:
name: artifacts-sha256
path: artifacts-sha256
retention-days: 5
- name: Generate docs
run: ./gradlew docs
env:
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }}
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }}
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
run: ./gradlew docs
GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }}
GH_USERNAME: ${{ secrets.GH_USERNAME }}
- name: Export Gradle Properties
uses: micronaut-projects/github-actions/export-gradle-properties@master
- name: Publish to Github Pages
Expand Down Expand Up @@ -128,7 +130,7 @@ jobs:
artifacts-sha256: ${{ steps.set-hash.outputs.artifacts-sha256 }}
steps:
- name: Download artifacts-sha256
uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1
uses: actions/download-artifact@v3
with:
name: artifacts-sha256
# The SLSA provenance generator expects the hash digest of artifacts to be passed as a job
Expand All @@ -147,7 +149,7 @@ jobs:
actions: read # To read the workflow path.
id-token: write # To sign the provenance.
contents: write # To add assets to a release.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.4.0
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0
with:
base64-subjects: "${{ needs.provenance-subject.outputs.artifacts-sha256 }}"
upload-assets: true # Upload to a new release.
Expand All @@ -159,18 +161,18 @@ jobs:
if: startsWith(github.ref, 'refs/tags/')
steps:
- name: Checkout repository
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Download artifacts
uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: gradle-build-outputs
path: build/repo
- name: Create artifacts archive
shell: bash
run: find build/repo -regextype sed -regex '\(.*\.jar\|.*\.pom\|.*\.module\|.*\.toml\)' | xargs zip artifacts.zip
- name: Upload assets
# Upload the artifacts and SLSA L3 provenance as assets to the existing
# release. Note that the provenance will attest to each artifact file and
# not the aggregated ZIP file.
run: |
find build/repo -regextype sed -regex '\(.*\.jar\|.*\.pom\|.*\.module\|.*\.toml\)' | xargs zip artifacts.zip
gh release upload ${{ github.ref_name }} artifacts.zip
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Upload the artifacts to the existing release. Note that the SLSA provenance will
# attest to each artifact file and not the aggregated ZIP file.
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with:
files: artifacts.zip
Loading

0 comments on commit e3be532

Please sign in to comment.