Skip to content

#1696: Fixed refactoring #1839

#1696: Fixed refactoring

#1696: Fixed refactoring #1839

name: CI/CD
on:
workflow_dispatch:
push:
# https://github.community/t/action-does-not-run-on-master-with-tags-ignore-v/128354/4
branches:
- '**'
paths-ignore:
- 'documentation/**'
- 'solicitor/**'
- '**.asciidoc'
tags-ignore:
- '**'
pull_request:
paths-ignore:
- 'documentation/**'
- 'solicitor/**'
- '**.asciidoc'
env:
# if continuously builds exiting randomly, possibly add again -Djansi.force=true -Djansi.passthrough=true
MVN_BATCH_MODE: '-B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn'
# fixing random connection reset of maven downloads as proposed here: https://github.com/actions/virtual-environments/issues/2715#issuecomment-797388909
MVN_HTTP_OPTIMIZATION: '-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.httpconnectionManager.ttlSeconds=120'
REPOSITORY_PATH: repo
jobs:
cache-dependencies:
runs-on: ubuntu-latest
steps:
- name: Enable git support for long paths on Windows
if: ${{ runner.os == 'Windows' }}
shell: cmd
run: git config --system core.longpaths true
- name: Clone Repository
uses: actions/checkout@v3
with:
path: ${{ env.REPOSITORY_PATH }}
- name: Checkout & Prepare
uses: devonfw-actions/java-maven-setup@main
with:
maven-cache-path: ./.m2/repository
maven-cache-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }}
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles
- name: Overwrite maven settings
shell: bash
run: |
mkdir -p ~/.m2
cp -rf ${{ env.REPOSITORY_PATH }}/.mvn/ci-settings.xml ~/.m2/settings.xml
- name: Resolve non-cobigen dependencies
shell: bash
run: |
cd ${{ env.REPOSITORY_PATH }}
mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:resolve -pl !com.devonfw.cobigen:com.devonfw.cobigen.eclipse.test -DexcludeGroupIds=com.devonfw.cobigen -T1C -Pp2-build ${{ env.MVN_BATCH_MODE }} ${{ env.MVN_HTTP_OPTIMIZATION }} || true # never fail
mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:resolve-plugins -pl !com.devonfw.cobigen:com.devonfw.cobigen.eclipse.test -DexcludeGroupIds=com.devonfw.cobigen -T1C -Pp2-build ${{ env.MVN_BATCH_MODE }} ${{ env.MVN_HTTP_OPTIMIZATION }} || true # never fail
build:
needs: cache-dependencies
runs-on: ubuntu-latest
steps:
- name: Enable git support for long paths on Windows
if: ${{ runner.os == 'Windows' }}
shell: cmd
run: git config --system core.longpaths true
- name: Clone Repository
uses: actions/checkout@v3
with:
path: ${{ env.REPOSITORY_PATH }}
- name: Checkout & Prepare
uses: devonfw-actions/java-maven-setup@main
with:
maven-cache-path: ./.m2/repository
maven-cache-key: maven-${{ github.sha }}-${{ github.run_number }} # new key will cache
maven-cache-restore-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }}
java-version: 11
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles
- name: Cache built P2 repositories
uses: actions/cache@v3
with:
path: ./${{ env.REPOSITORY_PATH }}/**/target/repository/
key: p2-${{ github.sha }}-${{ github.run_number }} # new key will cache
enableCrossOsArchive: true
- name: Build all artifacts
shell: bash
run: |
cd ${{ env.REPOSITORY_PATH }}
./build.sh -spb
test:
needs: build
strategy:
fail-fast: false
matrix:
component: [core, plugins, templates, maven, eclipse, cli]
javaVersion: [11]
os: [windows-latest, ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Enable git support for long paths on Windows
if: ${{ runner.os == 'Windows' }}
shell: cmd
run: git config --system core.longpaths true
- name: Clone Repository
uses: actions/checkout@v3
with:
path: ${{ env.REPOSITORY_PATH }}
- uses: devonfw-actions/java-maven-setup@main
with:
maven-cache-path: ./.m2/repository
maven-cache-key: maven-${{ github.sha }}-${{ github.run_number }} # match, restore only
java-version: ${{ matrix.javaVersion }}
jacoco-cache-key: jacoco-${{ github.sha }}-${{ matrix.component }} # new key will cache
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles
- name: Restore built P2 repositories
uses: actions/cache@v3
with:
path: ./${{ env.REPOSITORY_PATH }}/**/target/repository/
key: p2-${{ github.sha }}-${{ github.run_number }} # match, restore only
enableCrossOsArchive: true
# need to overwrite global settings file to cath all mvn executions properly in tests
- name: Overwrite maven settings
shell: bash
run: |
mkdir -p ~/.m2
cp -rf ${{ env.REPOSITORY_PATH }}/.mvn/ci-settings.xml ~/.m2/settings.xml
- name: Test
shell: bash
env:
M2_REPO: ${{ github.workspace }}/.m2/repository # fix for https://github.com/m-m-m/code/issues/43
run: |
cd ${{ env.REPOSITORY_PATH }}
if [[ "${{ matrix.component }}" == "eclipse" && "${{ matrix.os }}" == "ubuntu-latest" ]]
then
xvfb-run -a ./build.sh -sdtcb --components ${{ matrix.component }}
else
./build.sh -sdtcb --components ${{ matrix.component }}
fi
# Sonar Analysis is done in separate workflow (https://github.com/devonfw/cobigen/blob/master/.github/workflows/sonar-analysis.yml)
# as of a workaround of potential secret leaking on PRs (https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
sonar-analysis-preparation:
needs: [test]
runs-on: ubuntu-latest
steps:
- name: 'Prepare workflow context for transfer'
env:
# As a precaution, reference this value by an interpolated ENV var;
# instead of interpolating user controllable input directly in the shell script.
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
# Save ENV for transfer
{
echo "PR_HEADSHA=${{ github.event.pull_request.head.sha }}"
echo "PR_NUMBER=${{ github.event.pull_request.number }}"
echo "PR_TITLE=${PR_TITLE}"
} >> workflow.env
tar --zstd -cf workflow.tar.zst workflow.env
- name: 'Upload workflow context artifact'
uses: actions/upload-artifact@v3
with:
name: maven-build-test-workflow-context
path: workflow.tar.zst
retention-days: 1
release:
needs: [test]
runs-on: ubuntu-latest
if: ${{ startsWith(github.repository, 'devonfw/') && github.ref == 'refs/heads/master' }}
continue-on-error: true
environment:
name: maven-central
outputs:
release_tag: ${{ steps.get_tag.outputs.tag }}
steps:
- name: Clone Repository
uses: actions/checkout@v3
with:
path: ${{ env.REPOSITORY_PATH }}
- uses: devonfw-actions/java-maven-setup@main
with:
maven-cache-path: ./.m2/repository
maven-cache-key: cobigen-dep-${{ hashFiles(format('{0}/**/pom.xml', env.REPOSITORY_PATH)) }}
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
BUILD_USER: ${{ secrets.BUILD_USER }}
BUILD_USER_PASSWD: ${{ secrets.BUILD_USER_PASSWD }}
BUILD_USER_EMAIL: ${{ secrets.BUILD_USER_EMAIL }}
clone: false # checkout in a separate / earlier step to allow eager evaluation of parameter expression like workspace or hashFiles
- name: Release
id: release
shell: bash
env:
GPG_KEY: ${{ secrets.GPG_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
BUILD_USER: ${{ secrets.BUILD_USER }}
BUILD_USER_PASSWD: ${{ secrets.BUILD_USER_PASSWD }}
BUILD_USER_EMAIL: ${{ secrets.BUILD_USER_EMAIL }}
run: |
cd ${{ env.REPOSITORY_PATH }}
./release.sh -syb skip-qa
- name: 'Get release tag'
id: get_tag
uses: "WyriHaximus/github-action-get-previous-tag@v1.1.0"
env:
GITHUB_TOKEN: "${{ secrets.GHA_TOKEN }}"
github-release:
needs: release
runs-on: ubuntu-latest
if: ${{ startsWith(github.repository, 'devonfw/') && github.ref == 'refs/heads/master' && needs.release.outputs.release_tag != '' }}
steps:
- uses: devonfw-actions/create-github-release@v1
with:
release_version: ${{ needs.release.outputs.release_tag }}
GHA_TOKEN: ${{ secrets.GHA_TOKEN }}