Update actions #439
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - "main" | |
| paths-ignore: | |
| - '**.gitignore' | |
| - 'CODEOWNERS' | |
| - 'LICENSE' | |
| - '**.md' | |
| - '**.adoc' | |
| - '**.txt' | |
| - '.all-contributorsrc' | |
| pull_request: | |
| paths-ignore: | |
| - '**.gitignore' | |
| - 'CODEOWNERS' | |
| - 'LICENSE' | |
| - '**.md' | |
| - '**.adoc' | |
| - '**.txt' | |
| - '.all-contributorsrc' | |
| concurrency: | |
| group: "workflow = ${{ github.workflow }}, ref = ${{ github.event.ref }}, pr = ${{ github.event.pull_request.id }}" | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' || github.repository != 'turing85/advent-of-code-2022' }} | |
| permissions: | |
| actions: write | |
| checks: write | |
| pull-requests: write | |
| jobs: | |
| recreate-comment: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Publish Report | |
| uses: turing85/publish-report@v2 | |
| with: | |
| checkout: true | |
| recreate-comment: true | |
| determine-projects: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| projects: ${{ steps.determine-projects.outputs.projects }} | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| - name: Determine Test Projects | |
| id: determine-projects | |
| run: | | |
| pom_file=pom.xml | |
| exclude_package_type=pom | |
| current_dir="$(pwd)" | |
| mapfile -t candidates < <( | |
| find "${current_dir}" -type f -name "${pom_file}" \ | |
| | sed "s|^\(.*\)/${pom_file}$|\1|" \ | |
| | sort \ | |
| | uniq) | |
| results=() | |
| for candidate in "${candidates[@]}" | |
| do | |
| pom_packaging=0 | |
| grep --quiet \ | |
| "<packaging>${exclude_package_type}</packaging>" \ | |
| "${candidate}/${pom_file}" \ | |
| || pom_packaging="${?}" | |
| if [[ "${pom_packaging}" -ne 0 ]] | |
| then | |
| results+=( $( \ | |
| echo "${candidate}" \ | |
| | sed "s|^${current_dir}/\(.*\)$|\1|g") ) | |
| fi | |
| done | |
| projects="$( \ | |
| echo "${results[@]}" \ | |
| | jq \ | |
| --raw-input \ | |
| --compact-output \ | |
| 'split(" ")')" | |
| echo "projects=${projects}" >> "${GITHUB_OUTPUT}" | |
| populate-cache: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| - name: Populate Cache | |
| uses: ./.github/actions/populate-cache | |
| with: | |
| nvd-api-key: ${{ secrets.NVD_API_KEY }} | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - determine-projects | |
| - populate-cache | |
| strategy: | |
| matrix: | |
| project: ${{ fromJson(needs.determine-projects.outputs.projects) }} | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| cache: 'maven' | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Set up Maven 3.9.4 | |
| uses: stCarolas/setup-maven@v4.5 | |
| with: | |
| maven-version: 3.9.4 | |
| - name: Build | |
| run: | | |
| mvn \ | |
| --batch-mode \ | |
| --define ci-build \ | |
| --projects ${{ matrix.project }} \ | |
| package | |
| - name: Upload Maven State (${{ matrix.project }}) | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ always() }} | |
| with: | |
| if-no-files-found: error | |
| name: maven-state-${{ matrix.project }} | |
| path: '**/target/maven-*' | |
| retention-days: 2 | |
| - name: Upload Compiled Classes (${{ matrix.project }}) | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ always() }} | |
| with: | |
| if-no-files-found: error | |
| name: compiled-classes-${{ matrix.project }} | |
| path: '**/target/*classes' | |
| retention-days: 2 | |
| - name: Upload JARs (${{ matrix.project }}) | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ always() }} | |
| with: | |
| if-no-files-found: error | |
| name: jars-${{ matrix.project }} | |
| path: '**/target/*.jar' | |
| retention-days: 2 | |
| - name: Cancel Build | |
| if: ${{ failure() }} | |
| uses: andymckay/cancel-action@0.4 | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - determine-projects | |
| - build | |
| continue-on-error: true | |
| strategy: | |
| matrix: | |
| project: ${{ fromJson(needs.determine-projects.outputs.projects) }} | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| cache: 'maven' | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Set up Maven 3.9.4 | |
| uses: stCarolas/setup-maven@v4.5 | |
| with: | |
| maven-version: 3.9.4 | |
| - name: Download Maven State | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: maven-state-${{ matrix.project }} | |
| - name: Download Compiled Classes | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: compiled-classes-${{ matrix.project }} | |
| - name: Download JARs | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jars-${{ matrix.project }} | |
| - name: Run Tests | |
| run: | | |
| mvn \ | |
| --batch-mode \ | |
| --define ci-test \ | |
| --projects ${{ matrix.project }} \ | |
| package | |
| - name: Upload Test Report | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ always() }} | |
| with: | |
| if-no-files-found: error | |
| name: test-report-${{ matrix.project }} | |
| path: '**/target/surefire-reports/TEST*.xml' | |
| retention-days: 2 | |
| - name: Upload Coverage Report | |
| if: ${{ always() }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| if-no-files-found: error | |
| name: coverage-report-${{ matrix.project }} | |
| path: '**/target/jacoco/**/*.xml' | |
| retention-days: 2 | |
| test-report: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - recreate-comment | |
| - test | |
| steps: | |
| - uses: turing85/publish-report@v2 | |
| with: | |
| checkout: true | |
| download-artifact-pattern: test-report-* | |
| download-artifact-merge-multiple: true | |
| report-name: JUnit Test | |
| report-only-summary: true | |
| report-path: '**/target/surefire-reports/TEST*.xml' | |
| sonar: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - test | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| cache: 'maven' | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Set up Maven 3.9.4 | |
| uses: stCarolas/setup-maven@v4.5 | |
| with: | |
| maven-version: 3.9.4 | |
| - name: Download Maven State | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: maven-state-* | |
| merge-multiple: true | |
| - name: Download Compiled Classes | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: compiled-classes-* | |
| merge-multiple: true | |
| - name: Download JARs | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: jars-* | |
| merge-multiple: true | |
| - name: Download Coverage Report | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: coverage-report-* | |
| merge-multiple: true | |
| - name: Sonar Analysis | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| mvn \ | |
| --batch-mode \ | |
| --define ci-build \ | |
| --define sonar.host.url=https://sonarcloud.io \ | |
| --define sonar.token=${SONAR_TOKEN} \ | |
| --define sonar.organization=turing85-pure \ | |
| --define sonar.projectKey=turing85_advent-of-code-2022 \ | |
| --define sonar.sourceEncoding=UTF-8 \ | |
| package \ | |
| sonar:sonar | |
| - name: Cancel Build | |
| if: ${{ failure() }} | |
| uses: andymckay/cancel-action@0.4 | |
| owasp: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - recreate-comment | |
| - build | |
| steps: | |
| - name: Git checkout | |
| uses: actions/checkout@v4 | |
| - name: OWASP Scan | |
| uses: ./.github/actions/owasp-scan | |
| with: | |
| nvd-api-key: ${{ secrets.NVD_API_KEY }} |