-
Notifications
You must be signed in to change notification settings - Fork 305
167 lines (151 loc) · 5.78 KB
/
ci-build-artifacts-no-push-maven.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: Build, Test (JDK 23)
on:
push:
branches:
- main
#- v2
pull_request:
branches:
- main
#- v2
jobs:
# This is a matrix build {'java', 'javascript'},
# where only the 'java' part triggers the Maven build,
# and only the 'javascript' part triggers the CodeQL autobuild.
# Those builds must run in between the "CodeQL: Initialize" and "CodeQL: Perform Analysis" steps!
# CodeQL can be disabled via SKIP_CODE_QL: true
build:
name: build-local-no-push
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
matrix:
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
language: [ 'java', 'javascript' ]
env:
# to be shared among all steps of this job
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
BASELINE: 3.2.0
PROJECT_ROOT_PATH: ${{ github.workspace }}
CI_SCRIPTS_PATH: ${{ github.workspace }}/scripts/ci
# not used, would be nice if we could transform the TIMESTAMP string into the REVISION
# variable here, but it seems github not yet has any string expression manipulation
# operators other than concatination
TIMESTAMP: ${{ github.event.head_commit.timestamp }}
# set this to 'deploy' when intent is to push the built packages to a repo
# requires 'secrets' which we don't have yet
MVN_STAGES: install
# options
# CodeQL action seems broken on JDK22, waiting for updates
SKIP_CODE_QL: true
steps:
- uses: actions/checkout@v4
- name: Set up JDK (zulu 23)
if: matrix.language == 'java'
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: 23
- name: Set up Maven (3.9.9)
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.9.9
- name: Print Maven Version
if: matrix.language == 'java'
run: mvn --version
- name: Activate Cache for Maven Downloads
if: matrix.language == 'java'
uses: actions/cache@v4
env:
# change the cache-name if we want to rebuild the cache
# can be reset via github action page
cache-name: maven-shared
with:
path: ~/.m2/repository
key: ${{ runner.os }}-${{ env.cache-name }}
restore-keys: |
${{ runner.os }}-${{ env.cache-name }}
${{ runner.os }}-
- name: Setup Script Environment
if: matrix.language == 'java'
shell: bash
run: |
echo ============== ENV =================
echo BRANCH_NAME \: $BRANCH_NAME
echo BASELINE \: $BASELINE
echo TIMESTAMP \: $TIMESTAMP
echo PROJECT_ROOT_PATH\: $PROJECT_ROOT_PATH
echo CI_SCRIPTS_PATH \: $CI_SCRIPTS_PATH
echo MVN_STAGES \: $MVN_STAGES
echo ======================================
# CodeQL Analysis (https://codeql.github.com/docs/codeql-overview/about-codeql/)
- name: "CodeQL: Initialize"
if: env.SKIP_CODE_QL != 'true'
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Build Artifacts
if: matrix.language == 'java'
shell: bash
run: bash $CI_SCRIPTS_PATH/build-artifacts.sh
env:
# -Dmodule-all ... build all modules (default if all is well)
# -Dmodule-all-except-incubator ... build all modules except 'incubator'
# -Dmodule-all-except-kroviz ... build all modules except 'kroviz' (eg. when kroviz build fails)
# -Dmaven.compiler.proc=full ... required to enable annotation processing for javac since JDK23
# -Denforcer.failFast=true ... fail fast on convergence issues (enforcer plugin)
# -Dmaven.source.skip=true ... no need for the CI build to pull sources
# -Dproject.build.outputTimestamp=2023-01-01T00:00:00Z see https://maven.apache.org/guides/mini/guide-reproducible-builds.html
# -T 1C ... 1 build thread per core
MVN_ADDITIONAL_OPTS: >-
-Dmodule-all
-Dmaven.compiler.proc=full
-Denforcer.failFast=true
-Dmaven.source.skip=true
-Dproject.build.outputTimestamp=2023-01-01T00:00:00Z
-e
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually
- name: "CodeQL: Autobuild"
if: env.SKIP_CODE_QL != 'true' && matrix.language == 'javascript'
uses: github/codeql-action/autobuild@v3
- name: "CodeQL: Perform Analysis"
if: env.SKIP_CODE_QL != 'true'
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"
# FOR DEBUG USE
# - name: Dump GitHub context
# env:
# ENV_CONTEXT: ${{ toJson(env) }}
# run: echo "$ENV_CONTEXT"
# - name: Dump GitHub context
# env:
# GITHUB_CONTEXT: ${{ toJson(github) }}
# run: echo "$GITHUB_CONTEXT"
# - name: Dump job context
# env:
# JOB_CONTEXT: ${{ toJson(job) }}
# run: echo "$JOB_CONTEXT"
# - name: Dump steps context
# env:
# STEPS_CONTEXT: ${{ toJson(steps) }}
# run: echo "$STEPS_CONTEXT"
# - name: Dump runner context
# env:
# RUNNER_CONTEXT: ${{ toJson(runner) }}
# run: echo "$RUNNER_CONTEXT"
# - name: Dump strategy context
# env:
# STRATEGY_CONTEXT: ${{ toJson(strategy) }}
# run: echo "$STRATEGY_CONTEXT"
# - name: Dump matrix context
# env:
# MATRIX_CONTEXT: ${{ toJson(matrix) }}
# run: echo "$MATRIX_CONTEXT"