plantuml/.github/workflows/ci-gradle.yml

name: CI gradle

on:
  create:
  pull_request:
    types: [ opened, synchronize, reopened ]
    paths-ignore:
      - '*.md'
      - 'docs/**'
  push:
    branches:
      - master
    paths-ignore:
      - '*.md'
      - 'docs/**'
  workflow_dispatch:

defaults:
  run:
    shell: bash

jobs:
  workflow_config:
    runs-on: ubuntu-latest
    outputs:
      do_release: ${{ steps.config.outputs.do_release }}
      do_snapshot_release: ${{ steps.config.outputs.do_snapshot_release }}
      pom_version: ${{ steps.config.outputs.pom_version }}
    steps:
      - name: Configure workflow
        id: config
        env:
          ACTOR: ${{ github.actor }}
          EVENT_ACTION: ${{ github.event.action }}
          REF_TYPE: ${{ github.event.ref_type }}
          REF: ${{ github.event.ref }}
        run: |
          cat <<-EOF
            ::group::Debug Info
            GITHUB_EVENT_NAME       : '${GITHUB_EVENT_NAME}'
            EVENT_ACTION            : '${EVENT_ACTION}'
            REF_TYPE                : '${REF_TYPE}'
            REF                     : '${REF}'
            ACTOR                   : '${ACTOR}'
            GITHUB_REPOSITORY_OWNER : '${GITHUB_REPOSITORY_OWNER}'
            ::endgroup::
          EOF

          # Do a release when a git tag starting with 'v' has been created by a suitable user.
          # (We match against github.repository_owner as a kludge so that forked repos can release themselves when testing the workflow)

          if [[ "${GITHUB_EVENT_NAME}" == "create" && "${REF_TYPE}" == "tag" && "${REF}" == v* && \
                ( "${ACTOR}" == "arnaudroques" || "${ACTOR}" == "${GITHUB_REPOSITORY_OWNER}" ) \
             ]]; then
            echo "::notice title=::This run will release '${REF}'"
            echo "::set-output name=do_release::true"
            echo "::set-output name=pom_version::${REF#v}"  # pom_version is the tag without the 'v' prefix

          elif [[ "${GITHUB_EVENT_NAME}" =~ push|workflow_dispatch && "${REF}" == "refs/heads/master" ]]; then
            echo "::notice title=::This run will release a snapshot"
            echo "::set-output name=do_snapshot_release::true"

          else
            echo "This run will NOT make a release"
          fi          

  # We run the tests on many OS / Java combinations but also the Compile step because some users build
  # their own jars from source, so it is good for CI to check that is working on all combinations.
  test:
    needs: workflow_config
    strategy:
      fail-fast: false
      matrix:
        java_version: [ 8, 11, 17 ]
        os: [ macos-10.15,  macos-11, ubuntu-18.04, ubuntu-20.04, windows-2019, windows-2022 ]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout the repository
        uses: actions/checkout@v2

      - name: Set up java
        uses: actions/setup-java@v2.5.0
        with:
          java-version: ${{ matrix.java_version }}
          distribution: temurin
          cache: gradle

      # Compile / Test / Package are separate steps so the reason for any failure is more obvious in GitHub UI
      - name: Compile
        run: gradle -q compileJava --no-daemon

      - name: Test
        run: gradle -q test --no-daemon

  upload:
    needs: [ workflow_config, test ]
    if: needs.workflow_config.outputs.do_release == 'true' || needs.workflow_config.outputs.do_snapshot_release == 'true'
    runs-on: ubuntu-latest
    steps:
      - name: Checkout the repository
        uses: actions/checkout@v2

      - name: Set up java
        uses: actions/setup-java@v2.5.0
        with:
          java-version: 17
          distribution: temurin
          cache: gradle

      - name: Set version from tag
        if: env.POM_VERSION
        env:
          POM_VERSION: ${{ needs.workflow_config.outputs.pom_version }}
        run: sed -i "s/version = .*/version = $POM_VERSION/" gradle.properties

      - name: Build artifacts
        run: gradle -q clean build generateMetadataFileForMavenPublication generatePomFileForMavenPublication -x test

      - name: Setup gpg
        if: env.ARTIFACT_SIGNING_KEY
        id: gpg
        env:
          ARTIFACT_SIGNING_KEY: ${{ secrets.ARTIFACT_SIGNING_KEY }}
        run: |
          echo "Importing key ..."
          echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --import --import-options import-show

          echo "Getting key id ..."
          key_id="$(echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --show-keys --with-colons | awk -F: '$1 == "sec" { print $5 }')"
          echo "::set-output name=key_id::${key_id}"          

      - name: Sign artifacts
        if: env.GPG_KEYNAME
        env:
          GPG_KEYNAME: ${{ steps.gpg.outputs.key_id }}
          GPG_PASSPHRASE: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
        run: |
          gradle sign \
            "-Psigning.gnupg.keyName=${GPG_KEYNAME}" \
            "-Psigning.gnupg.passphrase=${GPG_PASSPHRASE}"          

      - name: Upload artifacts
        uses: actions/upload-artifact@v2
        with:
          # Using github.run_number here to reduce confusion when downloading & comparing artifacts from several builds
          name: ${{ github.run_number }}-artifacts
          path: |
            build/libs/*
            build/publications/maven/*            

      - name: Create snapshot release
        if: needs.workflow_config.outputs.do_snapshot_release == 'true'
        env:
          GITHUB_TOKEN: ${{ github.token }}
        run: .github/scripts/release-gradle-snapshot.sh

      - name: Create release in GitHub
        if: needs.workflow_config.outputs.do_release == 'true'
        env:
          GITHUB_TOKEN: ${{ github.token }}
          TAG: ${{ github.event.ref }}
        run: .github/scripts/release-gradle.sh