#493: nixified build #1294
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
inputs: {} | |
push: | |
branches: [ "develop" ] | |
tags: [ "v**" ] | |
pull_request: | |
branches: [ "develop" ] | |
jobs: | |
checksecret: | |
runs-on: ubuntu-latest | |
outputs: | |
HAVE_SECRETS: ${{ steps.checksecret_job.outputs.HAVE_SECRETS }} | |
steps: | |
- id: checksecret_job | |
env: | |
OPENSSL_IV: ${{ secrets.OPENSSL_IV }} | |
OPENSSL_KEY: ${{ secrets.OPENSSL_KEY }} | |
run: | | |
echo "HAVE_SECRETS=${{ env.OPENSSL_IV != '' && env.OPENSSL_KEY != '' }}" >> $GITHUB_OUTPUT | |
build: | |
runs-on: ubuntu-latest | |
needs: [ 'checksecret' ] | |
strategy: | |
fail-fast: false | |
matrix: | |
java: [ '11', '17', '21' ] | |
scala: [ '2.11', '2.12', '2.13', '3' ] | |
steps: | |
- uses: 7mind/github-env@minimal | |
- name: Build and Test | |
env: | |
SCALA_VERSION: ${{ matrix.scala }} | |
JAVA_VERSION: ${{ matrix.java }} | |
run: ./build.sh nix gen test | |
- uses: dorny/test-reporter@v1 | |
if: (needs.checksecret.outputs.HAVE_SECRETS == 'true') && (success() || failure()) | |
with: | |
name: Test reports (JDK ${{ matrix.java }}, Scala ${{ matrix.scala }}) | |
path: '**/target/test-reports/TEST-*.xml' | |
reporter: java-junit | |
- name: Upload dependency graph | |
if: needs.checksecret.outputs.HAVE_SECRETS == 'true' | |
uses: scalacenter/sbt-dependency-submission@d3f139371479f7d3ca3db160b9b536cb4f9dcdd5 | |
publish-artifacts: | |
runs-on: ubuntu-latest | |
# needs: [ 'build', 'checksecret' ] | |
needs: [ 'checksecret' ] | |
if: needs.checksecret.outputs.HAVE_SECRETS == 'true' | |
strategy: | |
matrix: | |
java: [ '17' ] | |
scala: [ '2.13' ] | |
steps: | |
- uses: 7mind/github-env@minimal | |
- name: Build and Publish to Sonatype | |
env: | |
JAVA_VERSION: ${{ matrix.java }} | |
OPENSSL_IV: ${{ secrets.OPENSSL_IV }} | |
OPENSSL_KEY: ${{ secrets.OPENSSL_KEY }} | |
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
SCALA_VERSION: ${{ matrix.scala }} | |
run: | | |
if [[ "$GITHUB_REF" == refs/heads/develop || "$CI_BRANCH_TAG" =~ ^v.*$ ]] ; then | |
openssl aes-256-cbc -K ${OPENSSL_KEY} -iv ${OPENSSL_IV} -in secrets.tar.enc -out secrets.tar -d | |
tar xvf secrets.tar | |
ln -s .secrets/local.sbt local.sbt | |
rm ./.secrets/credentials.sonatype-nexus.properties | |
printf "%s\n" "realm=Sonatype Nexus Repository Manager" "host=oss.sonatype.org" "user=${SONATYPE_USERNAME}" "password=${SONATYPE_PASSWORD}" > ./.secrets/credentials.sonatype-nexus.properties | |
fi | |
./build.sh nix gen publish-scala | |
release-and-notify-docs: | |
name: Release and Notify Docs | |
runs-on: ubuntu-latest | |
continue-on-error: false | |
needs: [ 'build', 'checksecret' ] | |
if: needs.checksecret.outputs.HAVE_SECRETS == 'true' | |
#if: ${{ ((github.event_name == 'release') && (github.event.action == 'published')) || (github.event_name == 'workflow_dispatch') }} | |
strategy: | |
matrix: | |
java: [ '17' ] | |
scala: [ '2.13' ] | |
steps: | |
- uses: 7mind/github-env@minimal | |
- name: Publish Docs to NPM Registry | |
env: | |
JAVA_VERSION: ${{ matrix.java }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
SCALA_VERSION: ${{ matrix.scala }} | |
run: ./build.sh nix gen publish-ziodocs | |
- name: Notify the main repo about the new release of docs package | |
run: | | |
PACKAGE_NAME=$(cat docs/package.json | grep '"name"' | awk -F'"' '{print $4}') | |
PACKAGE_VERSION=$(npm view $PACKAGE_NAME version) | |
curl -L \ | |
-X POST \ | |
-H "Accept: application/vnd.github+json" \ | |
-H "Authorization: token ${{ secrets.PAT_TOKEN }}"\ | |
https://api.github.com/repos/zio/zio/dispatches \ | |
-d '{ | |
"event_type":"update-docs", | |
"client_payload":{ | |
"package_name":"'"${PACKAGE_NAME}"'", | |
"package_version": "'"${PACKAGE_VERSION}"'" | |
} | |
}' | |
all-good: | |
if: always() | |
runs-on: ubuntu-latest | |
needs: [ 'build' ] | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@release/v1 | |
with: | |
jobs: ${{ toJSON(needs) }} |