chore: cleanup and update gradle #1038
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Framework | |
on: | |
push: | |
branches: | |
- stable | |
- v3 | |
pull_request: | |
types: [opened, reopened, synchronize] | |
env: | |
GRADLE_CACHE_LOCAL: false | |
GRADLE_CACHE_REMOTE: true | |
GRADLE_CACHE_PUSH: true | |
CACHE_ENDPOINT: "https://gradle.less.build/cache/generic/" | |
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
GRADLE_OPTS: "-Xmx6g -XX:MaxMetaspaceSize=1024m -XX:+UseParallelGC" | |
jobs: | |
## | |
## Job: Pre-flight Checks | |
## | |
preflight-checks: | |
name: "Pre-flight Checks" | |
runs-on: "ubuntu-latest" | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
steps: | |
- name: "Setup: Checkout" | |
uses: "actions/checkout@v3" | |
- name: "Setup: GraalVM" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- id: "auth" | |
name: "Setup: Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "Patch: Neutralize Yarn Lock" | |
run: mv kotlin-js-store/yarn.lock kotlin-js-store/yarn.inert | |
- name: "Check: Dependency Review" | |
uses: "actions/dependency-review-action@v3" | |
continue-on-error: true | |
with: | |
config-file: "./.github/dependency-review-config.yml" | |
license-check: true | |
vulnerability-check: true | |
fail-on-severity: "low" | |
base-ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || 'v3' }} | |
- name: "Patch: Restore Yarn Lock" | |
run: mv kotlin-js-store/yarn.inert kotlin-js-store/yarn.lock | |
- name: "Check: Library ABI" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
id: abicheck | |
continue-on-error: ${{ contains(github.event.pull_request.labels.*.name, 'ci:ignore-abicheck') }} | |
env: | |
CI: true | |
with: | |
cache-read-only: false | |
arguments: | | |
apiCheck | |
--dependency-verification=lenient | |
--no-daemon | |
--warning-mode=none | |
-Pelide.ci=true | |
-PbuildDocs=false | |
-PbuildSamples=false | |
-PbuildDocsSite=false | |
-Pversions.java.language=19 | |
## | |
## Job: Library Build | |
## | |
gradle: | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu] | |
mode: ['strict'] | |
machine: [ubuntu-latest] | |
include: | |
- os: macos | |
mode: strict | |
machine: macos-latest | |
name: "Build" | |
runs-on: ${{ matrix.machine }} | |
continue-on-error: ${{ matrix.mode == 'labs' }} | |
permissions: | |
contents: "read" | |
actions: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
security-events: "write" | |
defaults: | |
run: | |
shell: bash | |
steps: | |
- name: "Setup: Checkout" | |
uses: actions/checkout@v3 | |
- name: "Setup: GraalVM (Java 19)" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: ${{ matrix.os == 'ubuntu' }} | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Setup: Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: "yarn" | |
- name: "Setup: Yarn" | |
run: npm install -g yarn@1.22.19 && yarn | |
- id: "auth" | |
name: "Setup: Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "🛠️ Build" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
id: gradlebuild | |
continue-on-error: ${{ matrix.mode == 'labs' }} | |
env: | |
CI: true | |
with: | |
cache-read-only: false | |
arguments: | | |
build | |
-x check | |
-x test | |
-x jvmTest | |
-x jsTest | |
-x jsBrowserTest | |
-x nativeCompile | |
--scan | |
--no-daemon | |
--warning-mode=none | |
--dependency-verification=lenient | |
--stacktrace | |
-Pelide.ci=true | |
-PbuildSamples=false | |
-PbuildDocsSite=false | |
-PbuildDocs=false | |
-Pversions.java.minimum=11 | |
-Pversions.java.language=19 | |
- name: "Build reports" | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-reports-${{ matrix.os }}-latest-gvm-latest | |
path: | | |
build/reports/**/*.* | |
- name: "Run: Detekt" | |
if: ${{ matrix.os == 'ubuntu' }} | |
run: ./gradlew --no-daemon --warning-mode=none detekt -Pelide.ci=true -PbuildDocs=false -PbuildSamples=true -PbuildDocsSite=false -Pversions.java.language=19 | |
continue-on-error: true | |
- name: "Fix: SARIF Paths" | |
if: ${{ matrix.os == 'ubuntu' }} | |
continue-on-error: true | |
run: | | |
echo "$( | |
jq \ | |
--arg github_workspace ${{ github.workspace }} \ | |
'. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \ | |
${{ github.workspace }}/build/reports/detekt/elide.sarif | |
)" > ${{ github.workspace }}/build/reports/detekt/elide.sarif | |
- name: "Report: SARIF" | |
if: ${{ matrix.os == 'ubuntu' }} | |
uses: github/codeql-action/upload-sarif@v2 | |
continue-on-error: true | |
with: | |
sarif_file: ./build/reports/detekt/elide.sarif | |
category: detekt | |
## | |
## Job: Testsuite (JVM) | |
## | |
tests-jvm: | |
name: "Tests: JVM" | |
runs-on: ubuntu-latest | |
continue-on-error: true | |
needs: [preflight-checks, gradle] | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
steps: | |
- name: "Setup: Checkout" | |
uses: actions/checkout@v3 | |
- name: "Setup: Git History" | |
run: git fetch --unshallow || exit 0 | |
- name: "Setup: GraalVM (Java 11)" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "js" | |
version: 22.3.1 | |
java-version: 11 | |
set-java-home: false | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Setup: GraalVM (Java 17)" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "js" | |
version: 22.3.1 | |
java-version: 17 | |
set-java-home: false | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Setup: GraalVM (Java 19)" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- id: "auth" | |
name: "Setup: Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "Setup: Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: "yarn" | |
- name: "Setup: Yarn" | |
run: npm install -g yarn@1.22.19 && yarn | |
- name: "Run Tests (JVM)" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
env: | |
CI: true | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
TEST_EXCEPTIONS: true | |
with: | |
cache-read-only: false | |
arguments: | | |
test | |
check | |
jacocoTestReport | |
koverMergedHtmlReport | |
koverMergedXmlReport | |
koverMergedReport | |
:substrate:redakt:test | |
:substrate:koverMergedXmlReport | |
:tools:reports:reports | |
--scan | |
--no-daemon | |
--warning-mode=none | |
--dependency-verification=lenient | |
-x apiCheck | |
-x nativeTest | |
-x testNativeImage | |
-x nativeCompile | |
-Pelide.ci=true | |
-PbuildSamples=true | |
-PbuildDocs=false | |
-PbuildDocsSite=false | |
-Pversions.java.language=19 | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: test-reports-jvm | |
path: | | |
**/build/reports/jacoco/test/jacocoTestReport.xml | |
**/build/reports/jacoco/testCodeCoverageReport/jacocoTestReport.xml | |
**/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
build/reports/kover/merged/html/**/*.* | |
tools/reports/build/reports/**/*.xml | |
tools/reports/build/test-results/**/*.xml | |
- name: "Annotate: Test Results" | |
uses: elide-tools/action-junit-report@v3 | |
if: always() # always run even if the previous step fails | |
with: | |
report_paths: "**/build/test-results/test/TEST-*.xml" | |
- name: "Report: Codecov (Main)" | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./build/reports/kover/merged/xml/report.xml | |
name: elide | |
flags: jvm,lib | |
fail_ci_if_error: false | |
verbose: true | |
- name: "Report: Codecov (Substrate)" | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./tools/substrate/build/reports/kover/merged/xml/report.xml | |
name: substrate | |
flags: jvm,substrate | |
fail_ci_if_error: false | |
verbose: true | |
- name: "Report: Codecov (Plugin)" | |
uses: codecov/codecov-action@v3 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./tools/plugin/gradle-plugin/plugin-build/plugin/build/reports/kover/xml/report.xml | |
name: plugin-gradle | |
flags: jvm,plugin,gradle | |
fail_ci_if_error: false | |
verbose: true | |
## | |
## Job: Testsuite (Native) | |
## | |
tests-native: | |
name: "Tests: Native" | |
runs-on: ubuntu-latest-8-cores | |
needs: [tests-jvm, preflight-checks] | |
continue-on-error: true | |
if: false | |
steps: | |
- name: "Setup: Checkout" | |
uses: actions/checkout@v3 | |
- name: "Setup: GraalVM" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- id: "auth" | |
name: "Setup: Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "Setup: Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: "yarn" | |
- name: "Setup: Yarn" | |
run: npm install -g yarn@1.22.19 && yarn | |
- name: "Run Tests (Native)" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
continue-on-error: true | |
env: | |
CI: true | |
with: | |
cache-read-only: false | |
arguments: | | |
build | |
test | |
check | |
jacocoTestReport | |
koverMergedHtmlReport | |
koverMergedXmlReport | |
koverMergedReport | |
:tools:reports:reports | |
-x :packages:ssg:testNativeImage | |
-x :packages:ssg:test | |
--scan | |
--no-daemon | |
--warning-mode=none | |
--dependency-verification=lenient | |
-x apiCheck | |
-Pelide.ci=true | |
-PbuildSamples=false | |
-PbuildDocsSite=false | |
-PbuildDocs=false | |
-Pversions.java.language=19 | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: test-reports-native | |
path: | | |
**/build/reports/jacoco/test/jacocoTestReport.xml | |
**/build/reports/jacoco/testCodeCoverageReport/jacocoTestReport.xml | |
**/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
tools/reports/build/reports/**/*.xml | |
tools/reports/build/test-results/**/*.xml | |
## | |
## Job: Docker Samples (JVM) | |
## | |
docker-jvm: | |
name: "Docker: JVM" | |
runs-on: ubuntu-latest-8-cores | |
needs: [gradle, preflight-checks] | |
if: | | |
( | |
github.ref == 'refs/heads/stable' || | |
github.ref == 'refs/heads/v3' || | |
contains(github.event.pull_request.labels.*.name, 'ci:build-img-jvm') || | |
contains(github.event.head_commit.message, 'ci:build-img-jvm') || | |
startsWith(github.ref, 'refs/tags/v') | |
) | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
strategy: | |
fail-fast: false | |
matrix: | |
project: ["server:hellocss"] | |
include: | |
- project: "fullstack:react-ssr:server" | |
steps: | |
- name: "Setup: GraalVM" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Setup: QEMU" | |
uses: docker/setup-qemu-action@v2 | |
- name: "Setup: Docker" | |
uses: docker/setup-buildx-action@v2 | |
id: buildx | |
with: | |
install: true | |
- name: "Setup: Checkout" | |
uses: actions/checkout@v3 | |
- name: "Setup: Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: "Setup: Yarn" | |
run: npm install -g yarn@1.22.19 && yarn | |
- id: "auth" | |
name: "Setup: Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "Setup: Setup Cloud SDK" | |
uses: "google-github-actions/setup-gcloud@v1" | |
with: | |
version: 389.0.0 | |
project_id: elide-fw | |
- name: "Authorize Docker: GCP" | |
run: | | |
gcloud auth configure-docker us-docker.pkg.dev | |
- name: "Authorize Docker: GHCR" | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: elidebot | |
password: ${{ secrets.BUILDBOT_GHCR_TOKEN }} | |
## -- Samples -- ## | |
- name: "Build/Push: '${{ matrix.project }}' (JVM)" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
with: | |
arguments: | | |
--no-daemon | |
--warning-mode=none | |
-Pelide.ci=true | |
-PbuildSamples=true | |
-PbuildDocs=false | |
-Pversions.java.language=19 | |
-Pelide.runtime=JVM | |
-x nativeCompile | |
-x test | |
:samples:${{ matrix.project }}:optimizedDockerBuild | |
:samples:${{ matrix.project }}:optimizedDockerPush | |
## | |
## Job: Docker Samples (JVM) | |
## | |
docker-native: | |
name: "Docker: Native" | |
runs-on: ubuntu-latest-8-cores | |
continue-on-error: true | |
needs: [gradle, preflight-checks] | |
if: | | |
( | |
github.ref == 'refs/heads/stable' || | |
github.ref == 'refs/heads/v3' || | |
contains(github.event.pull_request.labels.*.name, 'ci:build-img-native') || | |
contains(github.event.head_commit.message, 'ci:build-img-native') || | |
startsWith(github.ref, 'refs/tags/v') | |
) | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
strategy: | |
fail-fast: false | |
matrix: | |
project: ["server:hellocss"] | |
path: ["server/hellocss"] | |
image: ["elide-fw/samples/server/hellocss/native"] | |
include: | |
- project: "fullstack:react-ssr:server" | |
path: "fullstack/react-ssr/server" | |
image: "elide-fw/samples/fullstack/react-ssr/native" | |
steps: | |
- name: "Setup: GraalVM" | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
components: "native-image,js" | |
version: 22.3.1 | |
java-version: 19 | |
check-for-updates: false | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Setup: QEMU" | |
uses: docker/setup-qemu-action@v2 | |
- name: "Setup: Docker" | |
uses: docker/setup-buildx-action@v2 | |
id: buildx | |
with: | |
install: true | |
- name: "Setup: Checkout" | |
uses: actions/checkout@v3 | |
- name: "Setup: Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: "Setup: Yarn" | |
run: npm install -g yarn@1.22.19 && yarn | |
- id: "auth" | |
name: "Authorize Service Account" | |
uses: "google-github-actions/auth@v1" | |
with: | |
credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
create_credentials_file: true | |
export_environment_variables: true | |
cleanup_credentials: true | |
- name: "Setup: Cloud SDK" | |
uses: "google-github-actions/setup-gcloud@v1" | |
with: | |
version: 389.0.0 | |
project_id: elide-fw | |
install_components: "beta" | |
- name: "Authorize Docker: GCP" | |
run: | | |
gcloud auth configure-docker us-docker.pkg.dev | |
- name: "Authorize Docker: GHCR" | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: elidebot | |
password: ${{ secrets.BUILDBOT_GHCR_TOKEN }} | |
## -- Samples -- ## | |
- name: "Build/Push: '${{ matrix.project }}' (Native)" | |
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
continue-on-error: true | |
with: | |
arguments: | | |
--no-daemon | |
--warning-mode=none | |
-Pversions.java.language=19 | |
-Pelide.ci=true | |
-PbuildSamples=true | |
-PbuildDocs=false | |
-Pelide.runtime=NATIVE | |
-Pelide.ci=true | |
-x test | |
:samples:${{ matrix.project }}:optimizedDockerBuildNative | |
:samples:${{ matrix.project }}:optimizedDockerPushNative | |
- name: "Build/Push: Fallback to GCB" | |
if: failure() | |
run: | | |
mv ./samples/${{ matrix.path }}/build/docker/native-optimized/DockerfileNative ./samples/${{ matrix.path }}/build/docker/native-optimized/Dockerfile | |
gcloud beta builds submit \ | |
--machine-type e2-highcpu-32 \ | |
--timeout=2h \ | |
--project elide-fw \ | |
--tag=us-docker.pkg.dev/${{ matrix.image }}:opt-latest \ | |
./samples/${{ matrix.path }}/build/docker/native-optimized | |
## | |
## Deploy: Samples | |
## | |
deploy-samples: | |
name: "Deploy" | |
needs: [gradle, tests-jvm, docker-jvm, docker-native] | |
if: | | |
( | |
github.ref == 'refs/heads/stable' || | |
github.ref == 'refs/heads/v3' || | |
contains(github.event.pull_request.labels.*.name, 'ci:deploy-samples') || | |
contains(github.event.pull_request.labels.*.name, 'ci:deploy') || | |
contains(github.event.head_commit.message, 'ci:deploy-samples') || | |
contains(github.event.head_commit.message, 'ci:deploy') || | |
startsWith(github.ref, 'refs/tags/v') | |
) | |
strategy: | |
matrix: | |
category: [fullstack] | |
app: [react-ssr] | |
variant: [native] | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
deployments: "write" | |
statuses: "write" | |
uses: ./.github/workflows/deploy.ci.yml | |
secrets: inherit | |
with: | |
path: "samples/${{ matrix.category }}/${{ matrix.app }}" | |
image: "us-docker.pkg.dev/elide-fw/samples/${{ matrix.category }}/${{ matrix.app }}/${{ matrix.variant }}:opt-latest" | |
environment: samples | |
url: https://${{ matrix.app }}.samples.elide.dev | |
## | |
## Publish: Library Snapshot | |
## | |
publish-snapshot: | |
name: "Publish: Snapshot" | |
needs: [gradle, tests-jvm] | |
if: | | |
( | |
github.ref == 'refs/heads/stable' || | |
contains(github.event.pull_request.labels.*.name, 'ci:publish-snapshot') || | |
contains(github.event.head_commit.message, 'ci:publish-snapshot') | |
) | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
deployments: "write" | |
statuses: "write" | |
uses: ./.github/workflows/publish.ci.yml | |
secrets: inherit | |
with: | |
environment: snapshots | |
gcp: true | |
snapshot: true | |
packages: true | |
processor: true | |
substrate: true | |
conventions: true | |
url: https://console.cloud.google.com/storage/browser/elide-snapshots/repository/v3 | |
## | |
## Publish: Library OSSRH | |
## | |
publish-ossrh: | |
name: "Publish: OSSRH" | |
needs: [publish-snapshot] | |
if: | | |
( | |
contains(github.event.pull_request.labels.*.name, 'ci:publish') || | |
contains(github.event.head_commit.message, 'ci:publish') | |
) && ( | |
false | |
) && ( | |
startsWith(github.ref, 'refs/tags/v') | |
) | |
permissions: | |
contents: "read" | |
id-token: "write" | |
checks: "write" | |
pull-requests: "write" | |
deployments: "write" | |
statuses: "write" | |
uses: ./.github/workflows/publish.ci.yml | |
secrets: inherit | |
with: | |
environment: central | |
snapshot: false | |
repo: https://s01.oss.sonatype.org |