chore: cleanup and update gradle #1038
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Framework | |
| on: | |
| push: | |
| branches: | |
| - stable | |
| - v3 | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| env: | |
| GRADLE_CACHE_LOCAL: false | |
| GRADLE_CACHE_REMOTE: true | |
| GRADLE_CACHE_PUSH: true | |
| CACHE_ENDPOINT: "https://gradle.less.build/cache/generic/" | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| GRADLE_OPTS: "-Xmx6g -XX:MaxMetaspaceSize=1024m -XX:+UseParallelGC" | |
| jobs: | |
| ## | |
| ## Job: Pre-flight Checks | |
| ## | |
| preflight-checks: | |
| name: "Pre-flight Checks" | |
| runs-on: "ubuntu-latest" | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| steps: | |
| - name: "Setup: Checkout" | |
| uses: "actions/checkout@v3" | |
| - name: "Setup: GraalVM" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - id: "auth" | |
| name: "Setup: Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "Patch: Neutralize Yarn Lock" | |
| run: mv kotlin-js-store/yarn.lock kotlin-js-store/yarn.inert | |
| - name: "Check: Dependency Review" | |
| uses: "actions/dependency-review-action@v3" | |
| continue-on-error: true | |
| with: | |
| config-file: "./.github/dependency-review-config.yml" | |
| license-check: true | |
| vulnerability-check: true | |
| fail-on-severity: "low" | |
| base-ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || 'v3' }} | |
| - name: "Patch: Restore Yarn Lock" | |
| run: mv kotlin-js-store/yarn.inert kotlin-js-store/yarn.lock | |
| - name: "Check: Library ABI" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| id: abicheck | |
| continue-on-error: ${{ contains(github.event.pull_request.labels.*.name, 'ci:ignore-abicheck') }} | |
| env: | |
| CI: true | |
| with: | |
| cache-read-only: false | |
| arguments: | | |
| apiCheck | |
| --dependency-verification=lenient | |
| --no-daemon | |
| --warning-mode=none | |
| -Pelide.ci=true | |
| -PbuildDocs=false | |
| -PbuildSamples=false | |
| -PbuildDocsSite=false | |
| -Pversions.java.language=19 | |
| ## | |
| ## Job: Library Build | |
| ## | |
| gradle: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu] | |
| mode: ['strict'] | |
| machine: [ubuntu-latest] | |
| include: | |
| - os: macos | |
| mode: strict | |
| machine: macos-latest | |
| name: "Build" | |
| runs-on: ${{ matrix.machine }} | |
| continue-on-error: ${{ matrix.mode == 'labs' }} | |
| permissions: | |
| contents: "read" | |
| actions: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| security-events: "write" | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup: GraalVM (Java 19)" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: ${{ matrix.os == 'ubuntu' }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Setup: Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: "yarn" | |
| - name: "Setup: Yarn" | |
| run: npm install -g yarn@1.22.19 && yarn | |
| - id: "auth" | |
| name: "Setup: Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "🛠️ Build" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| id: gradlebuild | |
| continue-on-error: ${{ matrix.mode == 'labs' }} | |
| env: | |
| CI: true | |
| with: | |
| cache-read-only: false | |
| arguments: | | |
| build | |
| -x check | |
| -x test | |
| -x jvmTest | |
| -x jsTest | |
| -x jsBrowserTest | |
| -x nativeCompile | |
| --scan | |
| --no-daemon | |
| --warning-mode=none | |
| --dependency-verification=lenient | |
| --stacktrace | |
| -Pelide.ci=true | |
| -PbuildSamples=false | |
| -PbuildDocsSite=false | |
| -PbuildDocs=false | |
| -Pversions.java.minimum=11 | |
| -Pversions.java.language=19 | |
| - name: "Build reports" | |
| if: failure() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: build-reports-${{ matrix.os }}-latest-gvm-latest | |
| path: | | |
| build/reports/**/*.* | |
| - name: "Run: Detekt" | |
| if: ${{ matrix.os == 'ubuntu' }} | |
| run: ./gradlew --no-daemon --warning-mode=none detekt -Pelide.ci=true -PbuildDocs=false -PbuildSamples=true -PbuildDocsSite=false -Pversions.java.language=19 | |
| continue-on-error: true | |
| - name: "Fix: SARIF Paths" | |
| if: ${{ matrix.os == 'ubuntu' }} | |
| continue-on-error: true | |
| run: | | |
| echo "$( | |
| jq \ | |
| --arg github_workspace ${{ github.workspace }} \ | |
| '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \ | |
| ${{ github.workspace }}/build/reports/detekt/elide.sarif | |
| )" > ${{ github.workspace }}/build/reports/detekt/elide.sarif | |
| - name: "Report: SARIF" | |
| if: ${{ matrix.os == 'ubuntu' }} | |
| uses: github/codeql-action/upload-sarif@v2 | |
| continue-on-error: true | |
| with: | |
| sarif_file: ./build/reports/detekt/elide.sarif | |
| category: detekt | |
| ## | |
| ## Job: Testsuite (JVM) | |
| ## | |
| tests-jvm: | |
| name: "Tests: JVM" | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| needs: [preflight-checks, gradle] | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| steps: | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup: Git History" | |
| run: git fetch --unshallow || exit 0 | |
| - name: "Setup: GraalVM (Java 11)" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "js" | |
| version: 22.3.1 | |
| java-version: 11 | |
| set-java-home: false | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Setup: GraalVM (Java 17)" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "js" | |
| version: 22.3.1 | |
| java-version: 17 | |
| set-java-home: false | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Setup: GraalVM (Java 19)" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - id: "auth" | |
| name: "Setup: Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "Setup: Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: "yarn" | |
| - name: "Setup: Yarn" | |
| run: npm install -g yarn@1.22.19 && yarn | |
| - name: "Run Tests (JVM)" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| env: | |
| CI: true | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| TEST_EXCEPTIONS: true | |
| with: | |
| cache-read-only: false | |
| arguments: | | |
| test | |
| check | |
| jacocoTestReport | |
| koverMergedHtmlReport | |
| koverMergedXmlReport | |
| koverMergedReport | |
| :substrate:redakt:test | |
| :substrate:koverMergedXmlReport | |
| :tools:reports:reports | |
| --scan | |
| --no-daemon | |
| --warning-mode=none | |
| --dependency-verification=lenient | |
| -x apiCheck | |
| -x nativeTest | |
| -x testNativeImage | |
| -x nativeCompile | |
| -Pelide.ci=true | |
| -PbuildSamples=true | |
| -PbuildDocs=false | |
| -PbuildDocsSite=false | |
| -Pversions.java.language=19 | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: test-reports-jvm | |
| path: | | |
| **/build/reports/jacoco/test/jacocoTestReport.xml | |
| **/build/reports/jacoco/testCodeCoverageReport/jacocoTestReport.xml | |
| **/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
| build/reports/kover/merged/html/**/*.* | |
| tools/reports/build/reports/**/*.xml | |
| tools/reports/build/test-results/**/*.xml | |
| - name: "Annotate: Test Results" | |
| uses: elide-tools/action-junit-report@v3 | |
| if: always() # always run even if the previous step fails | |
| with: | |
| report_paths: "**/build/test-results/test/TEST-*.xml" | |
| - name: "Report: Codecov (Main)" | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./build/reports/kover/merged/xml/report.xml | |
| name: elide | |
| flags: jvm,lib | |
| fail_ci_if_error: false | |
| verbose: true | |
| - name: "Report: Codecov (Substrate)" | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./tools/substrate/build/reports/kover/merged/xml/report.xml | |
| name: substrate | |
| flags: jvm,substrate | |
| fail_ci_if_error: false | |
| verbose: true | |
| - name: "Report: Codecov (Plugin)" | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./tools/plugin/gradle-plugin/plugin-build/plugin/build/reports/kover/xml/report.xml | |
| name: plugin-gradle | |
| flags: jvm,plugin,gradle | |
| fail_ci_if_error: false | |
| verbose: true | |
| ## | |
| ## Job: Testsuite (Native) | |
| ## | |
| tests-native: | |
| name: "Tests: Native" | |
| runs-on: ubuntu-latest-8-cores | |
| needs: [tests-jvm, preflight-checks] | |
| continue-on-error: true | |
| if: false | |
| steps: | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup: GraalVM" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - id: "auth" | |
| name: "Setup: Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "Setup: Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: "yarn" | |
| - name: "Setup: Yarn" | |
| run: npm install -g yarn@1.22.19 && yarn | |
| - name: "Run Tests (Native)" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| continue-on-error: true | |
| env: | |
| CI: true | |
| with: | |
| cache-read-only: false | |
| arguments: | | |
| build | |
| test | |
| check | |
| jacocoTestReport | |
| koverMergedHtmlReport | |
| koverMergedXmlReport | |
| koverMergedReport | |
| :tools:reports:reports | |
| -x :packages:ssg:testNativeImage | |
| -x :packages:ssg:test | |
| --scan | |
| --no-daemon | |
| --warning-mode=none | |
| --dependency-verification=lenient | |
| -x apiCheck | |
| -Pelide.ci=true | |
| -PbuildSamples=false | |
| -PbuildDocsSite=false | |
| -PbuildDocs=false | |
| -Pversions.java.language=19 | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: test-reports-native | |
| path: | | |
| **/build/reports/jacoco/test/jacocoTestReport.xml | |
| **/build/reports/jacoco/testCodeCoverageReport/jacocoTestReport.xml | |
| **/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
| tools/reports/build/reports/**/*.xml | |
| tools/reports/build/test-results/**/*.xml | |
| ## | |
| ## Job: Docker Samples (JVM) | |
| ## | |
| docker-jvm: | |
| name: "Docker: JVM" | |
| runs-on: ubuntu-latest-8-cores | |
| needs: [gradle, preflight-checks] | |
| if: | | |
| ( | |
| github.ref == 'refs/heads/stable' || | |
| github.ref == 'refs/heads/v3' || | |
| contains(github.event.pull_request.labels.*.name, 'ci:build-img-jvm') || | |
| contains(github.event.head_commit.message, 'ci:build-img-jvm') || | |
| startsWith(github.ref, 'refs/tags/v') | |
| ) | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| project: ["server:hellocss"] | |
| include: | |
| - project: "fullstack:react-ssr:server" | |
| steps: | |
| - name: "Setup: GraalVM" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Setup: QEMU" | |
| uses: docker/setup-qemu-action@v2 | |
| - name: "Setup: Docker" | |
| uses: docker/setup-buildx-action@v2 | |
| id: buildx | |
| with: | |
| install: true | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup: Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: "Setup: Yarn" | |
| run: npm install -g yarn@1.22.19 && yarn | |
| - id: "auth" | |
| name: "Setup: Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "Setup: Setup Cloud SDK" | |
| uses: "google-github-actions/setup-gcloud@v1" | |
| with: | |
| version: 389.0.0 | |
| project_id: elide-fw | |
| - name: "Authorize Docker: GCP" | |
| run: | | |
| gcloud auth configure-docker us-docker.pkg.dev | |
| - name: "Authorize Docker: GHCR" | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: elidebot | |
| password: ${{ secrets.BUILDBOT_GHCR_TOKEN }} | |
| ## -- Samples -- ## | |
| - name: "Build/Push: '${{ matrix.project }}' (JVM)" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| with: | |
| arguments: | | |
| --no-daemon | |
| --warning-mode=none | |
| -Pelide.ci=true | |
| -PbuildSamples=true | |
| -PbuildDocs=false | |
| -Pversions.java.language=19 | |
| -Pelide.runtime=JVM | |
| -x nativeCompile | |
| -x test | |
| :samples:${{ matrix.project }}:optimizedDockerBuild | |
| :samples:${{ matrix.project }}:optimizedDockerPush | |
| ## | |
| ## Job: Docker Samples (JVM) | |
| ## | |
| docker-native: | |
| name: "Docker: Native" | |
| runs-on: ubuntu-latest-8-cores | |
| continue-on-error: true | |
| needs: [gradle, preflight-checks] | |
| if: | | |
| ( | |
| github.ref == 'refs/heads/stable' || | |
| github.ref == 'refs/heads/v3' || | |
| contains(github.event.pull_request.labels.*.name, 'ci:build-img-native') || | |
| contains(github.event.head_commit.message, 'ci:build-img-native') || | |
| startsWith(github.ref, 'refs/tags/v') | |
| ) | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| project: ["server:hellocss"] | |
| path: ["server/hellocss"] | |
| image: ["elide-fw/samples/server/hellocss/native"] | |
| include: | |
| - project: "fullstack:react-ssr:server" | |
| path: "fullstack/react-ssr/server" | |
| image: "elide-fw/samples/fullstack/react-ssr/native" | |
| steps: | |
| - name: "Setup: GraalVM" | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| components: "native-image,js" | |
| version: 22.3.1 | |
| java-version: 19 | |
| check-for-updates: false | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "Setup: QEMU" | |
| uses: docker/setup-qemu-action@v2 | |
| - name: "Setup: Docker" | |
| uses: docker/setup-buildx-action@v2 | |
| id: buildx | |
| with: | |
| install: true | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@v3 | |
| - name: "Setup: Node" | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| - name: "Setup: Yarn" | |
| run: npm install -g yarn@1.22.19 && yarn | |
| - id: "auth" | |
| name: "Authorize Service Account" | |
| uses: "google-github-actions/auth@v1" | |
| with: | |
| credentials_json: "${{ secrets.BUILDBOT_SERVICE_ACCOUNT }}" | |
| create_credentials_file: true | |
| export_environment_variables: true | |
| cleanup_credentials: true | |
| - name: "Setup: Cloud SDK" | |
| uses: "google-github-actions/setup-gcloud@v1" | |
| with: | |
| version: 389.0.0 | |
| project_id: elide-fw | |
| install_components: "beta" | |
| - name: "Authorize Docker: GCP" | |
| run: | | |
| gcloud auth configure-docker us-docker.pkg.dev | |
| - name: "Authorize Docker: GHCR" | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: elidebot | |
| password: ${{ secrets.BUILDBOT_GHCR_TOKEN }} | |
| ## -- Samples -- ## | |
| - name: "Build/Push: '${{ matrix.project }}' (Native)" | |
| uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 # v2.4.2 | |
| continue-on-error: true | |
| with: | |
| arguments: | | |
| --no-daemon | |
| --warning-mode=none | |
| -Pversions.java.language=19 | |
| -Pelide.ci=true | |
| -PbuildSamples=true | |
| -PbuildDocs=false | |
| -Pelide.runtime=NATIVE | |
| -Pelide.ci=true | |
| -x test | |
| :samples:${{ matrix.project }}:optimizedDockerBuildNative | |
| :samples:${{ matrix.project }}:optimizedDockerPushNative | |
| - name: "Build/Push: Fallback to GCB" | |
| if: failure() | |
| run: | | |
| mv ./samples/${{ matrix.path }}/build/docker/native-optimized/DockerfileNative ./samples/${{ matrix.path }}/build/docker/native-optimized/Dockerfile | |
| gcloud beta builds submit \ | |
| --machine-type e2-highcpu-32 \ | |
| --timeout=2h \ | |
| --project elide-fw \ | |
| --tag=us-docker.pkg.dev/${{ matrix.image }}:opt-latest \ | |
| ./samples/${{ matrix.path }}/build/docker/native-optimized | |
| ## | |
| ## Deploy: Samples | |
| ## | |
| deploy-samples: | |
| name: "Deploy" | |
| needs: [gradle, tests-jvm, docker-jvm, docker-native] | |
| if: | | |
| ( | |
| github.ref == 'refs/heads/stable' || | |
| github.ref == 'refs/heads/v3' || | |
| contains(github.event.pull_request.labels.*.name, 'ci:deploy-samples') || | |
| contains(github.event.pull_request.labels.*.name, 'ci:deploy') || | |
| contains(github.event.head_commit.message, 'ci:deploy-samples') || | |
| contains(github.event.head_commit.message, 'ci:deploy') || | |
| startsWith(github.ref, 'refs/tags/v') | |
| ) | |
| strategy: | |
| matrix: | |
| category: [fullstack] | |
| app: [react-ssr] | |
| variant: [native] | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| deployments: "write" | |
| statuses: "write" | |
| uses: ./.github/workflows/deploy.ci.yml | |
| secrets: inherit | |
| with: | |
| path: "samples/${{ matrix.category }}/${{ matrix.app }}" | |
| image: "us-docker.pkg.dev/elide-fw/samples/${{ matrix.category }}/${{ matrix.app }}/${{ matrix.variant }}:opt-latest" | |
| environment: samples | |
| url: https://${{ matrix.app }}.samples.elide.dev | |
| ## | |
| ## Publish: Library Snapshot | |
| ## | |
| publish-snapshot: | |
| name: "Publish: Snapshot" | |
| needs: [gradle, tests-jvm] | |
| if: | | |
| ( | |
| github.ref == 'refs/heads/stable' || | |
| contains(github.event.pull_request.labels.*.name, 'ci:publish-snapshot') || | |
| contains(github.event.head_commit.message, 'ci:publish-snapshot') | |
| ) | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| deployments: "write" | |
| statuses: "write" | |
| uses: ./.github/workflows/publish.ci.yml | |
| secrets: inherit | |
| with: | |
| environment: snapshots | |
| gcp: true | |
| snapshot: true | |
| packages: true | |
| processor: true | |
| substrate: true | |
| conventions: true | |
| url: https://console.cloud.google.com/storage/browser/elide-snapshots/repository/v3 | |
| ## | |
| ## Publish: Library OSSRH | |
| ## | |
| publish-ossrh: | |
| name: "Publish: OSSRH" | |
| needs: [publish-snapshot] | |
| if: | | |
| ( | |
| contains(github.event.pull_request.labels.*.name, 'ci:publish') || | |
| contains(github.event.head_commit.message, 'ci:publish') | |
| ) && ( | |
| false | |
| ) && ( | |
| startsWith(github.ref, 'refs/tags/v') | |
| ) | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| checks: "write" | |
| pull-requests: "write" | |
| deployments: "write" | |
| statuses: "write" | |
| uses: ./.github/workflows/publish.ci.yml | |
| secrets: inherit | |
| with: | |
| environment: central | |
| snapshot: false | |
| repo: https://s01.oss.sonatype.org |