name: CI gradle on: # create: # pull_request: # types: [ opened, synchronize, reopened ] # paths-ignore: # - '*.md' # - 'docs/**' # push: # branches: # - master # paths-ignore: # - '*.md' # - 'docs/**' workflow_dispatch: defaults: run: shell: bash jobs: workflow_config: runs-on: ubuntu-latest outputs: do_release: ${{ steps.config.outputs.do_release }} do_snapshot_release: ${{ steps.config.outputs.do_snapshot_release }} pom_version: ${{ steps.config.outputs.pom_version }} steps: - name: Configure workflow id: config env: ACTOR: ${{ github.actor }} EVENT_ACTION: ${{ github.event.action }} REF_TYPE: ${{ github.event.ref_type }} REF: ${{ github.event.ref }} run: | cat <<-EOF ::group::Debug Info GITHUB_EVENT_NAME : '${GITHUB_EVENT_NAME}' EVENT_ACTION : '${EVENT_ACTION}' REF_TYPE : '${REF_TYPE}' REF : '${REF}' ACTOR : '${ACTOR}' GITHUB_REPOSITORY_OWNER : '${GITHUB_REPOSITORY_OWNER}' ::endgroup:: EOF # Do a release when a git tag starting with 'v' has been created by a suitable user. # (We match against github.repository_owner as a kludge so that forked repos can release themselves when testing the workflow) if [[ "${GITHUB_EVENT_NAME}" == "create" && "${REF_TYPE}" == "tag" && "${REF}" == v* && \ ( "${ACTOR}" == "arnaudroques" || "${ACTOR}" == "${GITHUB_REPOSITORY_OWNER}" ) \ ]]; then echo "::notice title=::This run will release '${REF}'" echo "::set-output name=do_release::true" echo "::set-output name=pom_version::${REF#v}" # pom_version is the tag without the 'v' prefix elif [[ "${GITHUB_EVENT_NAME}" =~ push|workflow_dispatch && "${REF}" == "refs/heads/master" ]]; then echo "::notice title=::This run will release a snapshot" echo "::set-output name=do_snapshot_release::true" else echo "This run will NOT make a release" fi # We run the tests on many OS / Java combinations but also the Compile step because some users build # their own jars from source, so it is good for CI to check that is working on all combinations. build: needs: workflow_config strategy: fail-fast: false matrix: java_version: [ 8, 11, 17 ] os: [ macos-10.15, macos-11, ubuntu-18.04, ubuntu-20.04, windows-2019, windows-2022 ] include: - release_from_this_build: true os: ubuntu-20.04 java_version: 8 runs-on: ${{ matrix.os }} env: SIGN_ARTIFACTS: ${{ secrets.ARTIFACT_SIGNING_KEY != '' }} steps: - name: Checkout the repository uses: actions/checkout@v2 - name: Set up java uses: actions/setup-java@v2.5.0 with: java-version: ${{ matrix.java_version }} distribution: temurin cache: gradle # Compile / Test / Package are separate steps so the reason for any failure is more obvious in GitHub UI - name: Compile run: gradle -q compileJava - name: Test run: gradle -q test # The repeated "matrix.release_from_this_build" checks are messy, but I have not found a simple way to avoid them # See https://github.com/actions/runner/issues/662 - name: Setup gpg if: matrix.release_from_this_build && env.ARTIFACT_SIGNING_KEY id: gpg env: ARTIFACT_SIGNING_KEY: ${{ secrets.ARTIFACT_SIGNING_KEY }} run: | echo "Importing key ..." echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --import --import-options import-show echo "Getting key id ..." key_id="$(echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --show-keys --with-colons | awk -F: '$1 == "sec" { print $5 }')" echo "::set-output name=key_id::${key_id}" - name: Create artifacts if: matrix.release_from_this_build env: GPG_KEYNAME: ${{ steps.gpg.outputs.key_id }} GPG_PASSPHRASE: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }} run: | gradle sign "-Pversion=${POM_VERSION}"\ "-Psigning.gnupg.keyName=${GPG_KEYNAME}" \ "-Psigning.gnupg.passphrase=${GPG_PASSPHRASE}" - name: Upload artifacts if: matrix.release_from_this_build uses: actions/upload-artifact@v2 with: # Using github.run_number here to reduce confusion when downloading & comparing artifacts from several builds name: ${{ github.run_number }}-artifacts path: | build/libs/* build/publications/maven/* release: needs: [ workflow_config, build ] if: needs.workflow_config.outputs.do_release == 'true' || needs.workflow_config.outputs.do_snapshot_release == 'true' runs-on: ubuntu-latest steps: - name: Checkout the repository uses: actions/checkout@v2 - name: Download artifacts uses: actions/download-artifact@v2 with: name: ${{ github.run_number }}-artifacts path: build - name: Create snapshot release if: needs.workflow_config.outputs.do_snapshot_release == 'true' env: GITHUB_TOKEN: ${{ github.token }} run: .github/scripts/release-gradle-snapshot.sh - name: Create release in GitHub if: needs.workflow_config.outputs.do_release == 'true' env: GITHUB_TOKEN: ${{ github.token }} POM_VERSION: ${{ needs.workflow_config.outputs.pom_version }} TAG: ${{ github.event.ref }} run: .github/scripts/release-gradle.sh