Skip to content

Commit

Permalink
Merge branch 'develop'
Browse files Browse the repository at this point in the history
  • Loading branch information
guillermocalvo committed Apr 28, 2024
2 parents aa8cdff + cdddc73 commit f118a11
Show file tree
Hide file tree
Showing 10 changed files with 222 additions and 116 deletions.
21 changes: 21 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
version: 2

updates:

# ================================
# UPDATE GRADLE DEPENDENCIES
# ================================
- package-ecosystem: gradle
directory: /
target-branch: develop
schedule:
interval: weekly

# ================================
# UPDATE GITHUB ACTIONS
# ================================
- package-ecosystem: github-actions
directory: /
target-branch: develop
schedule:
interval: weekly
86 changes: 57 additions & 29 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ on:
jobs:
build:

name: Build on JDK${{ matrix.jdk }}
name: Build ${{ github.ref_name }} on JDK${{ matrix.jdk }}
runs-on: ubuntu-latest

strategy:
Expand All @@ -27,19 +27,26 @@ jobs:
# SHALLOW CLONE
# ================================
- name: Shallow clone
if: ${{ matrix.jdk != 21 }}
if: ${{ matrix.jdk != 21 || github.event_name != 'push' }}
uses: actions/checkout@v4

# ================================
# CHECKOUT
# ================================
- name: Checkout git branch
if: ${{ matrix.jdk == 21 }}
if: ${{ matrix.jdk == 21 && github.event_name == 'push' }}
uses: actions/checkout@v4
with:
# Fetch all history for all tags and branches (recommended by SonarQube)
fetch-depth: 0

# ================================
# VALIDATE GRADLE WRAPPER
# ================================
- name: Validate Gradle Wrapper files
if: ${{ matrix.jdk == 21 }}
uses: gradle/actions/wrapper-validation@v3

# ================================
# SET UP JDK
# ================================
Expand All @@ -51,56 +58,77 @@ jobs:
java-version: ${{ matrix.jdk }}

# ================================
# CACHE SONARCLOUD PACKAGES
# SET UP GRADLE
# ================================
- name: Cache SonarCloud packages
uses: actions/cache@v4
- name: Set up Gradle
uses: gradle/actions/setup-gradle@v3
with:
key: ${{ runner.os }}-sonar
path: |
~/.sonar/cache
restore-keys: |
${{ runner.os }}-sonar
build-scan-publish: true
build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
build-scan-terms-of-use-agree: "yes"
cache-read-only: ${{ github.event_name != 'push' }}

# ================================
# SETUP GRADLE
# EXPORT GRADLE PROPERTIES
# ================================
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Export Gradle properties
id: properties
uses: guillermocalvo/gradle-properties@v3
with:
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}
output_file: ${{ github.output }}
export: version,previousVersion

# ================================
# BUILD
# ================================
- name: Build
uses: gradle/actions/setup-gradle@v3
with:
arguments: build -x check --info --scan
- name: Build version ${{ steps.properties.outputs.version }}
run: ./gradlew build -x check --info

# ================================
# CHECK
# ================================
- name: Check
uses: gradle/actions/setup-gradle@v3
with:
arguments: check --info --scan
run: ./gradlew check --info

# ================================
# COMPATIBILITY REPORT
# ================================
- name: Compatibility report
- name: Compatibility with version ${{ steps.properties.outputs.previousVersion }}
if: ${{ matrix.jdk == 21 }}
run: cat ./api-compatibility/build/report.txt >> $GITHUB_STEP_SUMMARY

# ================================
# ANALYZE
# CACHE SONARCLOUD PACKAGES
# ================================
- name: Analyze
if: ${{ matrix.jdk == 21 }}
- name: Cache SonarCloud packages
if: ${{ matrix.jdk == 21 && github.event_name == 'push' }}
uses: actions/cache@v4
with:
key: ${{ runner.os }}-sonar
path: |
~/.sonar/cache
restore-keys: |
${{ runner.os }}-sonar
# ================================
# ANALYZE WITH SONARCLOUD
# ================================
- name: Analyze with SonarCloud
if: ${{ matrix.jdk == 21 && github.event_name == 'push' }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: https://sonarcloud.io
SONAR_ORGANIZATION: leakyabstractions
uses: gradle/actions/setup-gradle@v3
with:
arguments: sonarqube --info --scan
run: ./gradlew sonarqube --info

# ================================
# PUBLISH SNAPSHOT
# ================================
- name: Publish snapshot version ${{ steps.properties.outputs.version }}
if: ${{ matrix.jdk == 21 && github.event_name == 'push' && github.ref_name == github.event.repository.default_branch && endsWith(steps.properties.outputs.version, '-SNAPSHOT') }}
env:
ORG_GRADLE_PROJECT_githubUsername: ${{ secrets.PUBLISH_USERNAME }}
ORG_GRADLE_PROJECT_githubPassword: ${{ secrets.PUBLISH_PASSWORD }}
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
run: ./gradlew publish -Psnapshot --info
49 changes: 49 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@

# Discover vulnerabilities with CodeQL
name: CodeQL

on:
push:
branches:
- main
- develop
pull_request:
branches:
- main
- develop
schedule:
- cron: '0 8 * * 0'

jobs:
analyze:

name: Analyze Java
runs-on: ubuntu-latest
timeout-minutes: 360
permissions:
security-events: write

steps:

# ================================
# SHALLOW CLONE
# ================================
- name: Shallow clone
uses: actions/checkout@v4

# ================================
# SET UP CODEQL
# ================================
- name: Set up CodeQL
uses: github/codeql-action/init@v3
with:
languages: java-kotlin
build-mode: none

# ================================
# ANALYZE
# ================================
- name: Analyze with CodeQL
uses: github/codeql-action/analyze@v3
with:
category: "/language:java-kotlin"
41 changes: 41 additions & 0 deletions .github/workflows/dependencies.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@

# Submit dependencies
name: Dependencies

on:
push:
branches:
- main

permissions:
contents: write

jobs:
dependencies:

name: Submit dependencies
runs-on: ubuntu-latest

steps:

# ================================
# SHALLOW CLONE
# ================================
- name: Shallow clone
uses: actions/checkout@v4

# ================================
# SET UP JDK
# ================================
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-package: jdk
java-version: 21

# ================================
# SUBMIT DEPENDENCIES
# ================================
- name: Generate and submit dependency graph
uses: gradle/actions/dependency-submission@v3
28 changes: 18 additions & 10 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,17 +7,17 @@ on:
tags: ['[0-9]+.[0-9]+.[0-9]+.[0-9]+*']

jobs:
build:
publish:

name: Publish
name: Publish release version ${{ github.ref_name }}
runs-on: ubuntu-latest

steps:

# ================================
# CHECKOUT
# SHALLOW CLONE
# ================================
- name: Checkout git tag
- name: Shallow clone
uses: actions/checkout@v4

# ================================
Expand All @@ -31,10 +31,14 @@ jobs:
java-version: 21

# ================================
# CREATE RELEASE
# SET UP GRADLE
# ================================
- name: Create Release
uses: softprops/action-gh-release@v1
- name: Set up Gradle
uses: gradle/actions/setup-gradle@v3
with:
build-scan-publish: true
build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
build-scan-terms-of-use-agree: "yes"

# ================================
# PUBLISH
Expand All @@ -48,6 +52,10 @@ jobs:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
ORG_GRADLE_PROJECT_sonatypeStagingProfileId: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }}
uses: gradle/actions/setup-gradle@v3
with:
arguments: publish -Prelease --info --scan
run: ./gradlew publish -Prelease --info

# ================================
# CREATE RELEASE
# ================================
- name: Create Release
uses: softprops/action-gh-release@v2
53 changes: 0 additions & 53 deletions .github/workflows/snapshot.yml

This file was deleted.

32 changes: 32 additions & 0 deletions .github/workflows/update-gradle-wrapper.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@

# Schedule Gradle Wrapper updates
name: Update Gradle Wrapper

on:
schedule:
- cron: "0 8 * * *"
workflow_dispatch:

jobs:
update-gradle-wrapper:

name: Update Gradle Wrapper
runs-on: ubuntu-latest

steps:

# ================================
# SHALLOW CLONE
# ================================
- name: Shallow clone
uses: actions/checkout@v4

# ================================
# UPDATE GRADLE WRAPPER
# ================================
- name: Update Gradle Wrapper
uses: gradle-update/update-gradle-wrapper-action@v1
with:
release-channel: stable
base-branch: main
target-branch: develop
Loading

0 comments on commit f118a11

Please sign in to comment.