Skip to content

ci: unify usage of gradle setup action #687

ci: unify usage of gradle setup action

ci: unify usage of gradle setup action #687

name: Build & Test Kotlin
on:
push:
branches-ignore:
# ignore temporary branches created by the merge queue.
# merge queue will trigger the workflow using the `merge_group` event.
# If the workflow was triggered twice (without ignoring temporary merge queue branches)
# two events would trigger the workflow out if which the second run cancels the first
# one causing the merge queue to detect a failed status check ultimately blocking the merge queue.
- "gh-readonly-queue/main/**"
# Run this workflow in the merge queue to pass mandatory jobs
merge_group:
types: [checks_requested]
concurrency:
group: ci-${{ github.workflow }}-${{ github.ref }}
# Only cancel previous runs unless on 'defaultBranch' (which is set in template configuration).
# defaultBranch is set to: 'main'.
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
jobs:
only-config-changed:
name: Configuration change validation
timeout-minutes: 5
runs-on: ubuntu-latest
outputs:
result: ${{ steps.only-config-changed.outputs.only_configuration_files_have_changed }}
steps:
- name: Checkout code
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
fetch-depth: ${{ (github.event.repository.default_branch == github.ref_name && 2) || 0 }}
ref: ${{ github.event.repository.default_branch }}
- name: Validate that only configuration files have been changed
shell: python
id: only-config-changed
env:
CONFIG_DIRECTORIES: '["k8s/product-staging", "k8s/product-dev", "k8s/product-production"]'
run: |
import os
import json
import subprocess
cmd_str=""
if "${{ github.event.repository.default_branch }}" == "${{ github.ref_name }}":
# This means we are in the default branch, we want the directories that changed since the previous commit
cmd_str="git diff --name-only HEAD^ HEAD | xargs dirname"
else:
# We're in a PR, we want the directories changed from the PR branch
cmd_str="git diff --name-only origin/${{ github.ref_name }} | xargs dirname"
diff=subprocess.run(cmd_str, capture_output=True, shell=True).stdout.decode('utf-8')
changed_files = str(diff).splitlines()
sanitized_changed_files = set(filter(None, changed_files))
print("Changed files: ", sanitized_changed_files)
config_directories = set(json.loads(os.getenv('CONFIG_DIRECTORIES')))
print("Config directories: ", config_directories)
only_configuration_files_have_changed = str(sanitized_changed_files.issubset(config_directories)).lower()
print(only_configuration_files_have_changed)
with open(os.environ['GITHUB_OUTPUT'], 'a') as fh:
print(f'only_configuration_files_have_changed={only_configuration_files_have_changed}', file=fh)
build:
name: Build & Test
if: ${{ needs.only-config-changed.outputs.result == 'false' }}
needs: only-config-changed
runs-on: ubuntu-latest-8-cores
timeout-minutes: 30
steps:
- name: Checkout code
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
# Login to AWS for fetching CI/CD cache.
- name: Configure AWS credentials
if: ${{ github.event.repository.visibility != 'public' }}
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CICD_S3_CACHE }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CICD_S3_CACHE }}
aws-region: eu-west-1
special-characters-workaround: true
# Check whether the current code has already been run in CI/CD.
- name: Check CI/CD cache
if: ${{ github.event.repository.visibility != 'public' }}
uses: pleo-io/s3-cache-action@a31b5deab8cbe70ec47bbc95819b5c3d61ba8723 # v3.0.0
id: s3-cache
with:
bucket-name: pleo-cicd-s3-cache
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CICD_S3_CACHE }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CICD_S3_CACHE }}
aws-region: eu-west-1
# Set up a JDK environment for building, testing and releasing.
- name: Set up JDK 17
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
java-version: 17
distribution: temurin
# Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle.
- name: Setup Gradle
uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
with:
# Cache only updated on release.
cache-read-only: true
# Check whether the project builds.
- name: Gradle Build
run: ./gradlew build -x test
env:
GRADLE_USER: ${{ secrets.GITHUB_ACTOR }}
GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
- name: Run Unit Tests
if: steps.s3-cache.outputs.processed != 'true'
run: ./gradlew check
env:
GRADLE_USER: ${{ secrets.GITHUB_ACTOR }}
GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }}
JOB_RUNR_REPO_PASSWORD: ${{ secrets.JOB_RUNR_REPO_PASSWORD }}
- name: Publish Unit Tests report to GitHub
if: steps.s3-cache.outputs.processed != 'true'
uses: mikepenz/action-junit-report@9379f0ccddcab154835d4e2487555ee79614fe95 # v4.2.1
with:
check_name: Unit Tests report
report_paths: "**/build/test-results/test/TEST-*.xml"
- name: Trigger release
if: ${{ github.ref == 'refs/heads/main' }}
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3
with:
event-type: release