Added GHA to send dependency graph #455
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Wave-cli builds | |
on: | |
push: | |
branches: | |
- '*' | |
- '!refs/tags/.*' | |
tags-ignore: | |
- '*' | |
pull_request: | |
types: [opened, reopened, synchronize] | |
branches: | |
- '*' | |
- '!refs/tags/.*' | |
tags-ignore: | |
- '*' | |
jobs: | |
build: | |
name: Wave on ${{ matrix.os }} | |
if: "!contains(github.event.head_commit.message, '[skip ci]')" | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest-large, macos-latest-xlarge, windows-latest] | |
include: | |
- os: ubuntu-latest | |
fatjar: true | |
musl: true | |
- os: macos-latest-large | |
codesign: true | |
- os: macos-latest-xlarge | |
codesign: true | |
steps: | |
- name: Environment | |
run: env | sort | |
- uses: actions/checkout@v4 | |
- uses: graalvm/setup-graalvm@v1 | |
if: ${{ matrix.musl }} | |
with: | |
java-version: '21' | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
native-image-job-reports: 'true' | |
native-image-musl: 'true' | |
- uses: graalvm/setup-graalvm@v1 | |
if: ${{ !matrix.musl }} | |
with: | |
java-version: '21' | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
native-image-job-reports: 'true' | |
- name: Run tests | |
run: | | |
./gradlew test | |
- name: Build fat JAR | |
if: ${{ matrix.fatjar }} | |
run: ./gradlew shadowJar | |
- name: Upload fat JAR artifact | |
if: ${{ matrix.fatjar }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: wave-jar | |
path: ./app/build/libs/wave.jar | |
- name: Build static native | |
if: ${{ matrix.musl }} | |
run: ./gradlew app:nativeCompile | |
env: | |
PLATFORM: linux-x86_64 | |
- name: Build native | |
if: ${{ !matrix.musl }} | |
run: ./gradlew app:nativeCompile | |
- name: Codesign binary | |
if: ${{ matrix.codesign && contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'}} | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
MACOS_CERTIFICATE_NAME: ${{ secrets.MACOS_CERTIFICATE_NAME }} | |
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.MACOS_CI_KEYCHAIN_PWD }} | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
security create-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain | |
security import certificate.p12 -k build.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" build.keychain | |
/usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" --options runtime ./app/build/native/nativeCompile/wave -v | |
- name: Notarize binary | |
if: ${{ matrix.codesign && contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'}} | |
env: | |
MACOS_AC_API_CERT: ${{ secrets.MACOS_AC_API_CERT }} | |
MACOS_AC_API_ISSUER_ID: ${{ secrets.MACOS_AC_API_ISSUER_ID }} | |
MACOS_AC_API_KEY_ID: ${{ secrets.MACOS_AC_API_KEY_ID }} | |
run: | | |
echo $MACOS_AC_API_CERT | base64 --decode > AuthKey.p8 | |
xcrun notarytool store-credentials "notarytool-profile" -k AuthKey.p8 -d "$MACOS_AC_API_KEY_ID" -i "$MACOS_AC_API_ISSUER_ID" | |
ditto -c -k --keepParent "./app/build/native/nativeCompile/wave" "notarization.zip" | |
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait | |
- name: Upload Binary | |
uses: actions/upload-artifact@v4 | |
with: | |
name: nativeCompile-${{ matrix.os }} | |
path: ./app/build/native/nativeCompile | |
- name: Publish tests report | |
if: failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-reports-jdk-${{ matrix.java_version }} | |
path: | | |
**/build/reports/tests/test | |
release: | |
name: Release | |
if: "contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'" | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Download all build artifacts | |
uses: actions/download-artifact@v4 | |
- name: Setup Java for JReleaser | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'adopt' | |
- name: Version | |
id: version | |
run: | | |
VERSION=$(cat ./VERSION) | |
echo "VERSION=$VERSION" | |
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
- name: Enable Homebrew for final release | |
run: | | |
VERSION=${{ steps.version.outputs.VERSION }} | |
if [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
echo "Homebrew release enabled." | |
echo "JRELEASER_PACKAGERS_BREW_ACTIVE=ALWAYS" >> $GITHUB_ENV | |
else | |
echo "Homebrew release disabled (pre-release detected)." | |
echo "JRELEASER_PACKAGERS_BREW_ACTIVE=NEVER" >> $GITHUB_ENV | |
fi | |
- name: Run JReleaser | |
uses: jreleaser/release-action@v2 | |
env: | |
JRELEASER_GITHUB_TOKEN: ${{ secrets.JRELEASER_GITHUB_TOKEN }} | |
JRELEASER_PROJECT_VERSION: ${{ steps.version.outputs.VERSION }} | |
JRELEASER_PACKAGERS_BREW_ACTIVE: ${{ env.JRELEASER_PACKAGERS_BREW_ACTIVE }} | |
- name: JReleaser release output | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: jreleaser-release | |
path: | | |
out/jreleaser/trace.log | |
out/jreleaser/output.properties | |
... |