diff --git a/.github/workflows/gradle_task.yml b/.github/workflows/gradle_task.yml deleted file mode 100644 index 1f01d71..0000000 --- a/.github/workflows/gradle_task.yml +++ /dev/null @@ -1,94 +0,0 @@ -name: Gradle Task -run-name: "Gradle Task ${{ inputs.gradle-task }} @ ${{ inputs.runs-on }}" - -# Reusable Workflow for running a Gradle task - -on: - workflow_dispatch: - - workflow_call: - inputs: - gradle-task: - description: "The Gradle task to run, including any flags" - required: true - type: string - runs-on: - description: "OSes to run the task on" - required: true - type: string - github-environment: - description: "GitHub Environment name" - required: false - type: string - github-environment-url: - description: "GitHub Environment display URL" - required: false - type: string - secrets: - SONATYPE_SIGNING_KEY_ID: - description: Sonatype signing key ID - required: false - SONATYPE_SIGNING_KEY: - description: Sonatype signing key - required: false - SONATYPE_SIGNING_PASSWORD: - description: Sonatype signing password - required: false - SONATYPE_REPO_USERNAME: - description: Sonatype repository password - required: false - SONATYPE_REPO_PASSWORD: - description: Sonatype repository password - required: false - - -concurrency: - # note: the Workflow inputs are also included in the concurrency group - group: "${{ github.workflow }} ${{ join(inputs.*) }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" - cancel-in-progress: true - - -permissions: - contents: read - - -jobs: - - run-task: - runs-on: ${{ inputs.runs-on }} - name: "./gradlew ${{ inputs.gradle-task}} @ ${{ inputs.runs-on }}" - timeout-minutes: 60 - environment: - name: ${{ inputs.github-environment }} - url: ${{ inputs.github-environment-url }} - steps: - - name: Checkout the repo - uses: actions/checkout@v3 - - - name: Setup JDK - uses: actions/setup-java@v3 - with: - distribution: temurin - java-version: 11 - - - uses: gradle/gradle-build-action@v2 - with: - gradle-home-cache-cleanup: true - - - name: Run ${{ inputs.gradle-task }} - run: >- - ./gradlew ${{ inputs.gradle-task }} - env: - ORG_GRADLE_PROJECT_signing.keyId: ${{ secrets.SONATYPE_SIGNING_KEY_ID }} - ORG_GRADLE_PROJECT_signing.key: ${{ secrets.SONATYPE_SIGNING_KEY }} - ORG_GRADLE_PROJECT_signing.password: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} - ORG_GRADLE_PROJECT_sonatypeRepositoryUsername: ${{ secrets.SONATYPE_REPO_USERNAME }} - ORG_GRADLE_PROJECT_sonatypeRepositoryPassword: ${{ secrets.SONATYPE_REPO_PASSWORD }} - - - name: Upload build reports - if: failure() - uses: actions/upload-artifact@v3 - with: - name: build-report-${{ runner.os }}-${{ github.action }} - path: "**/build/reports/" - if-no-files-found: ignore diff --git a/.github/workflows/publish-maven.yml b/.github/workflows/publish-maven.yml deleted file mode 100644 index b5e33b7..0000000 --- a/.github/workflows/publish-maven.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Publish Maven Publications - -on: - workflow_dispatch: - push: - tags: - - "v[0-9]+.[0-9]+.[0-9]+" - branches: - - main - -concurrency: - group: "Maven Publishing on ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" - cancel-in-progress: true - -permissions: - contents: read - -jobs: - tests: - uses: ./.github/workflows/tests.yml - - publish: - needs: tests - uses: ./.github/workflows/gradle_task.yml - with: - runs-on: ubuntu-latest - gradle-task: >- - publishAllPublicationsToSonatypeRepository - --no-parallel - --no-configuration-cache - github-environment: sonatype-publish - github-environment-url: https://s01.oss.sonatype.org/ - secrets: - SONATYPE_SIGNING_KEY_ID: ${{ secrets.SONATYPE_SIGNING_KEY_ID }} - SONATYPE_SIGNING_KEY: ${{ secrets.SONATYPE_SIGNING_KEY }} - SONATYPE_SIGNING_PASSWORD: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} - SONATYPE_REPO_USERNAME: ${{ secrets.SONATYPE_REPO_USERNAME }} - SONATYPE_REPO_PASSWORD: ${{ secrets.SONATYPE_REPO_PASSWORD }} diff --git a/.github/workflows/run_gradle_task.yml b/.github/workflows/run_gradle_task.yml new file mode 100644 index 0000000..d061a39 --- /dev/null +++ b/.github/workflows/run_gradle_task.yml @@ -0,0 +1,100 @@ +name: Gradle Task +run-name: "Gradle Task ${{ inputs.gradle-task }} @ ${{ inputs.runs-on }}" + +# Reusable Workflow for running a Gradle task + +on: + workflow_dispatch: + inputs: + gradle-task: + description: "The Gradle task to run, including any flags" + required: true + type: string + runs-on: + description: "OS to run the task on" + required: true + type: string + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + workflow_call: + inputs: + gradle-task: + description: "The Gradle task to run, including any flags" + required: true + type: string + runs-on: + description: "OS to run the task on" + required: true + type: string + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + + +concurrency: + # note: the Workflow inputs are also included in the concurrency group + group: "Gradle Task: ${{ github.workflow }} ${{ join(inputs.*) }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + cancel-in-progress: true + + +permissions: + contents: read + checks: write # required by mikepenz/action-junit-report + + +jobs: + + run-task: + runs-on: ${{ inputs.runs-on }} + name: "./gradlew ${{ inputs.gradle-task}} @ ${{ inputs.runs-on }}" + timeout-minutes: 60 + steps: + + ### Gradle task ### + + - name: Checkout the repo + uses: actions/checkout@v3 + with: + ref: ${{ inputs.checkout-ref || github.event.repository.default_branch }} + + - name: Validate Gradle Wrapper + uses: gradle/wrapper-validation-action@v1 + + - name: Setup JDK + uses: actions/setup-java@v3 + with: + distribution: temurin + java-version: 11 + + - uses: gradle/gradle-build-action@v2 + with: + gradle-home-cache-cleanup: true + arguments: ${{ inputs.gradle-task }} + env: + "ORG_GRADLE_PROJECT_signing.keyId": ${{ secrets.MAVEN_SONATYPE_SIGNING_KEY_ID }} + "ORG_GRADLE_PROJECT_signing.key": ${{ secrets.MAVEN_SONATYPE_SIGNING_KEY }} + "ORG_GRADLE_PROJECT_signing.password": ${{ secrets.MAVEN_SONATYPE_SIGNING_PASSWORD }} + ORG_GRADLE_PROJECT_sonatypeRepositoryUsername: ${{ secrets.MAVEN_SONATYPE_USERNAME }} + ORG_GRADLE_PROJECT_sonatypeRepositoryPassword: ${{ secrets.MAVEN_SONATYPE_PASSWORD }} + + - name: Upload build reports + if: failure() + uses: actions/upload-artifact@v3 + with: + name: build-report-${{ runner.os }}${{ github.action }} + path: | + **/build/reports/ + **/*.hprof + **/*.log + if-no-files-found: ignore + + - name: Publish Test Reports + uses: mikepenz/action-junit-report@v3 + if: always() + with: + report_paths: | + **/build/test-results/**/TEST-*.xml + require_tests: false diff --git a/.github/workflows/run_publish_maven.yml b/.github/workflows/run_publish_maven.yml new file mode 100644 index 0000000..f627987 --- /dev/null +++ b/.github/workflows/run_publish_maven.yml @@ -0,0 +1,42 @@ +name: Publish Maven + +on: + workflow_dispatch: + inputs: + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + workflow_call: + inputs: + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + + +concurrency: + group: "Publish Maven: ${{ github.workflow }}" + cancel-in-progress: false + + +permissions: + contents: write + packages: write + checks: write + + +jobs: + + sonatype-release: + permissions: + contents: read + packages: write + checks: write + uses: ./.github/workflows/run_gradle_task.yml + secrets: inherit + with: + runs-on: macos-latest # only macOS supports building all Kotlin targets + gradle-task: >- + publishAllPublicationsToSonatypeReleaseRepository --stacktrace --no-configuration-cache --no-parallel + checkout-ref: ${{ inputs.checkout-ref || github.event.repository.default_branch }} diff --git a/.github/workflows/deploy-site.yml b/.github/workflows/run_publish_site.yml similarity index 62% rename from .github/workflows/deploy-site.yml rename to .github/workflows/run_publish_site.yml index 728ee95..160e70e 100644 --- a/.github/workflows/deploy-site.yml +++ b/.github/workflows/run_publish_site.yml @@ -1,14 +1,22 @@ -name: Deploy Site +name: Publish Site on: workflow_dispatch: - push: - tags: - - "v[0-9]+.[0-9]+.[0-9]+" + inputs: + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + workflow_call: + inputs: + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string concurrency: - group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + group: "Publish Site: ${{ github.workflow }}" cancel-in-progress: true @@ -19,6 +27,11 @@ jobs: steps: - name: Checkout the repo uses: actions/checkout@v3 + with: + ref: ${{ inputs.checkout-ref || github.event.repository.default_branch }} + + - name: Validate Gradle Wrapper + uses: gradle/wrapper-validation-action@v1 - name: Setup JDK uses: actions/setup-java@v3 @@ -48,4 +61,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v1 + uses: actions/deploy-pages@v2 diff --git a/.github/workflows/tests.yml b/.github/workflows/run_tests.yml similarity index 50% rename from .github/workflows/tests.yml rename to .github/workflows/run_tests.yml index c2a68d7..4b4f505 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/run_tests.yml @@ -1,17 +1,17 @@ name: Tests on: - pull_request: workflow_dispatch: workflow_call: concurrency: - group: "Tests on ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + group: "Tests: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" cancel-in-progress: true permissions: contents: read + checks: write # required by mikepenz/action-junit-report jobs: @@ -19,9 +19,9 @@ jobs: gradle-check: strategy: matrix: - os: [ ubuntu-latest, macos-11, windows-latest ] + os: [ ubuntu-latest, macos-latest, windows-latest ] fail-fast: false - uses: ./.github/workflows/gradle_task.yml + uses: ./.github/workflows/run_gradle_task.yml with: runs-on: ${{ matrix.os }} gradle-task: >- diff --git a/.github/workflows/workflow_pull_request.yml b/.github/workflows/workflow_pull_request.yml new file mode 100644 index 0000000..04e0d53 --- /dev/null +++ b/.github/workflows/workflow_pull_request.yml @@ -0,0 +1,21 @@ +name: Pull Requests + + +on: + workflow_dispatch: + pull_request: + merge_group: + + +concurrency: + group: "Pull Requests: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + cancel-in-progress: true + + +jobs: + + tests: + uses: ./.github/workflows/run_tests.yml + permissions: + contents: read + checks: write diff --git a/.github/workflows/workflow_release.yml b/.github/workflows/workflow_release.yml new file mode 100644 index 0000000..04ddda4 --- /dev/null +++ b/.github/workflows/workflow_release.yml @@ -0,0 +1,54 @@ +name: Releases + + +on: + workflow_dispatch: + inputs: + checkout-ref: + description: "The repository reference to checkout" + required: false + type: string + push: + branches: [ main ] + release: + types: [ created ] + + +concurrency: + group: "Releases: ${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}" + cancel-in-progress: true + + +jobs: + + tests: + uses: ./.github/workflows/run_tests.yml + permissions: + checks: write + contents: read + + publish-maven: + needs: tests + if: github.ref == 'refs/heads/main' + uses: ./.github/workflows/run_publish_maven.yml + secrets: inherit + permissions: + checks: write + contents: write + packages: write + with: + checkout-ref: ${{ inputs.checkout-ref || github.event.repository.default_branch }} + + publish-site: + needs: tests + # only publish site when releasing + if: github.ref == 'refs/heads/main' && github.event_name == 'release' && github.event.action == 'created' + uses: ./.github/workflows/run_publish_site.yml + permissions: + checks: write + contents: read + id-token: write # to verify the deployment originates from an appropriate source + packages: write + pages: write # to deploy to Pages + with: + checkout-ref: ${{ inputs.checkout-ref || github.event.repository.default_branch }}