plantuml/.github/workflows/ci.yml

name: CI

on:
  create:
  pull_request:
    types: [ opened, synchronize, reopened ]
    paths-ignore:
      - '*.md'
      - 'docs/**'
  push:
    branches:
      - master
    paths-ignore:
      - '*.md'
      - 'docs/**'
  workflow_dispatch:

defaults:
  run:
    shell: bash

jobs:
  workflow_config:
    runs-on: ubuntu-latest
    outputs:
      do_release: ${{ steps.config.outputs.do_release }}
      do_snapshot_release: ${{ steps.config.outputs.do_snapshot_release }}
      pom_version: ${{ steps.config.outputs.pom_version }}
    steps:
      - name: Checkout the repository
        uses: actions/checkout@v3

      - name: Configure workflow
        id: config
        env:
          ACTOR: ${{ github.actor }}
          EVENT_ACTION: ${{ github.event.action }}
          REF_TYPE: ${{ github.event.ref_type }}
          REF: ${{ github.event.ref }}
        run: |
          cat <<-EOF
            ::group::Debug Info
            GITHUB_EVENT_NAME       : '${GITHUB_EVENT_NAME}'
            EVENT_ACTION            : '${EVENT_ACTION}'
            REF_TYPE                : '${REF_TYPE}'
            REF                     : '${REF}'
            ACTOR                   : '${ACTOR}'
            GITHUB_REPOSITORY_OWNER : '${GITHUB_REPOSITORY_OWNER}'
            ::endgroup::
          EOF

          # Do a release when a git tag starting with 'v' has been created by a suitable user.
          # (We match against github.repository_owner as a kludge so that forked repos can release themselves when testing the workflow)

          if [[ "${GITHUB_EVENT_NAME}" == "create" && "${REF_TYPE}" == "tag" && "${REF}" == v* && \
                ( "${ACTOR}" == "arnaudroques" || "${ACTOR}" == "${GITHUB_REPOSITORY_OWNER}" ) \
             ]]; then
            echo "::notice title=::This run will release '${REF}'"
            echo "::set-output name=do_release::true"
            echo "::set-output name=pom_version::${REF#v}"  # pom_version is the tag without the 'v' prefix

          elif [[ "${GITHUB_EVENT_NAME}" =~ push|workflow_dispatch && "${REF}" == "refs/heads/master" ]]; then
            echo "::notice title=::This run will release a snapshot"
            echo "::set-output name=do_snapshot_release::true"
            V=$(perl -ne 'if (/return (\d{6,7});/) {$v=$1} if (/final int beta = (\d+);/) {$b=$1} END{print(substr($v, 0, 1),".", substr($v, 1, 4),"."); if ($b) {print(int(substr($v+1, 5)), "beta", $b);} else {print(int(substr($v, 5)))}}' src/net/sourceforge/plantuml/version/Version.java)
            echo "::set-output name=pom_version::$V-SNAPSHOT"  # pom_version is taken from Version.java

          else
            echo "This run will NOT make a release"
          fi          

  # We run the tests on many OS / Java combinations but also the Compile step because some users build
  # their own jars from source, so it is good for CI to check that is working on all combinations.
  test:
    needs: workflow_config
    strategy:
      fail-fast: false
      matrix:
        java_version: [ 8, 11, 17 ]
        os: [ ubuntu-20.04, ubuntu-22.04, windows-2019, windows-2022 ]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout the repository
        uses: actions/checkout@v3

      - name: Set up java
        uses: actions/setup-java@v3.5.0
        with:
          java-version: ${{ matrix.java_version }}
          distribution: temurin
          cache: gradle

      # Compile / Test / Package are separate steps so the reason for any failure is more obvious in GitHub UI
      - name: Compile
        run: gradle -q compileJava --no-daemon

      - name: Test
        run: gradle test --no-daemon -i

      - name: Upload test reports
        uses: actions/upload-artifact@v3
        if: ${{ always() }}
        with:
          # Using github.run_number here to reduce confusion when downloading & comparing from several builds
          name: ${{ github.run_number }}-${{ matrix.os }}-java-${{ matrix.java_version }}-test-reports
          path: build/reports/tests/

  upload:
    needs: [ workflow_config, test ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
        uses: actions/checkout@v2

      - name: Set up java
        uses: actions/setup-java@v3.5.0
        with:
          java-version: 17
          distribution: temurin
          cache: gradle

      - name: Set version from tag
        if: env.POM_VERSION
        env:
          POM_VERSION: ${{ needs.workflow_config.outputs.pom_version }}
        run: sed -i "s/version = .*/version = $POM_VERSION/" gradle.properties

      - name: Build artifacts
        run: |
          gradle -q clean build \
            pdfJar \
            generateMetadataFileForMavenPublication generatePomFileForMavenPublication \
            -x test          

      - name: Sign artifacts
        if: env.ORG_GRADLE_PROJECT_signingKey
        env:
          ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }}
          ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
        run: |
          gradle -i signMavenPublication signPdfJar          

      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with:
          # Using github.run_number here to reduce confusion when downloading & comparing artifacts from several builds
          name: ${{ github.run_number }}-artifacts
          path: |
            build/libs/*
            build/publications/maven/*            

      - name: Create snapshot release
        if: needs.workflow_config.outputs.do_snapshot_release == 'true'
        env:
          GITHUB_TOKEN: ${{ github.token }}
          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
        run: |
          .github/scripts/release-snapshot.sh
          gradle publish          

      - name: Create release in GitHub
        if: needs.workflow_config.outputs.do_release == 'true'
        env:
          GITHUB_TOKEN: ${{ github.token }}
          TAG: ${{ github.event.ref }}
          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
        run: |
          .github/scripts/release.sh
          gradle publish          

  push_to_registry:
    needs: [ workflow_config, test, upload ]
    if: needs.workflow_config.outputs.do_release == 'true'
    runs-on: ubuntu-latest
    steps:
      - name: Check out the repo
        uses: actions/checkout@v3
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v4
        with:
          # list of Docker images to use as base name for tags
          images: |
            ${{ github.repository }}
            ghcr.io/${{ github.repository }}            
          # generate Docker tags based on the following events/attributes
          tags: |
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=sha            
      - name: Log into Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Log in to GitHub Docker Registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Build/push container image
        uses: docker/build-push-action@v3
        with:
          context: .
          push: true
          build-args: |
            PLANTUML_VERSION=${{ github.event.ref }}            
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}