Closes #32 - Fix SonarCloud #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
workflow_dispatch: | |
push: | |
branches-ignore: | |
- dependabot/** | |
tags: | |
- v[0-9]+\.[0-9]+\.[0-9]+ | |
pull_request: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.repository }}/${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
JAVA_VERSION: 17 | |
NODE_VERSION: 22.7.0 | |
ARTIFACTS_CYPRESS_TESTS_NAME: cypress-tests | |
ARTIFACTS_CYPRESS_TESTS_PATH: web/cypress | |
ARTIFACTS_KADAI_JARS_NAME: kadai-jars | |
ARTIFACTS_KADAI_JARS_PATH: ~/.m2/repository/io/kadai | |
ARTIFACTS_KADAI_WEB_NAME: kadai-web | |
ARTIFACTS_KADAI_WEB_PATH: web/dist | |
ARTIFACTS_JACOCO_REPORTS_NAME: jacoco-reports | |
ARTIFACTS_JACOCO_REPORTS_PATH: "**/jacoco.exec" | |
CACHE_WEB_NAME: web | |
# IMPORTANT: this cannot start with CACHE_MAVEN_NAME's value | |
# because the 'compile_backend' job would otherwise use this as a fallback cache. | |
CACHE_MAVEN_FOR_WEB_NAME: mvn-for-web | |
CACHE_MAVEN_NAME: maven | |
CACHE_SONAR_NAME: sonar | |
jobs: | |
compile_backend: | |
name: Compile all maven modules | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Cache maven dependencies | |
id: cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }} | |
- name: Change versions to match tag | |
run: ci/change_version.sh -m . | |
- name: Compile & build | |
run: ./mvnw -B install -DskipTests -Djacoco.skip | |
- name: Populate cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: | | |
./mvnw -B dependency:go-offline | |
./mvnw -B test -Dtest=GibtEsNet -Dsurefire.failIfNoSpecifiedTests=false | |
- name: Upload kadai artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_JARS_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
if-no-files-found: error | |
- name: Remove kadai artifacts from cache | |
run: rm -rf ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
compile_frontend: | |
name: Compile kadai-web | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Enable Corepack | |
run: corepack enable | |
- name: Use Node.js ${{ env.NODE_VERSION }} | |
uses: actions/[email protected] | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Cache web dependencies | |
id: web-cache | |
uses: actions/cache@v4 | |
with: | |
path: web/node_modules | |
key: ${{ runner.OS }}-${{ env.CACHE_WEB_NAME }}-${{ hashFiles('**/yarn.lock') }} | |
- name: Cache maven dependencies (for web) | |
id: maven-cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.OS }}-${{ env.CACHE_MAVEN_FOR_WEB_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.OS }}-${{ env.CACHE_MAVEN_FOR_WEB_NAME }} | |
- name: Populate maven cache | |
run: ./mvnw -B dependency:go-offline -pl :kadai-web -am | |
if: steps.maven-cache.outputs.cache-hit != 'true' | |
- name: Install Dependencies | |
if: steps.web-cache.outputs.cache-hit != 'true' | |
working-directory: web | |
run: yarn install && yarn ci | |
- name: Compile & build | |
working-directory: web | |
run: | | |
yarn lint | |
yarn build:prod | |
- name: Build maven artifact | |
run: ./mvnw -B install -pl :kadai-web -am | |
- name: Upload kadai-web dist artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_WEB_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_WEB_PATH }} | |
if-no-files-found: error | |
- name: Remove kadai artifacts from cache | |
run: rm -rf ~/.m2/repository/io/kadai | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
test_frontend: | |
runs-on: ubuntu-20.04 | |
name: Test kadai-web | |
needs: [ compile_frontend ] | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Enable Corepack | |
run: corepack enable | |
- name: Use Node.js ${{ env.NODE_VERSION }} | |
uses: actions/[email protected] | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Cache web dependencies | |
id: web-cache | |
uses: actions/cache@v4 | |
with: | |
path: web/node_modules | |
key: ${{ runner.OS }}-${{ env.CACHE_WEB_NAME }}-${{ hashFiles('**/yarn.lock') }} | |
# Theoretically this step below not necessary because we reuse the cache from the 'compile_frontend' job. | |
# Sometimes the cache is not created, therefore this is a fallback. | |
- name: Install Dependencies | |
if: steps.web-cache.outputs.cache-hit != 'true' | |
working-directory: web | |
run: yarn ci | |
- name: Cache maven dependencies (for web) | |
id: maven-cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.OS }}-${{ env.CACHE_MAVEN_FOR_WEB_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.OS }}-${{ env.CACHE_MAVEN_FOR_WEB_NAME }} | |
# Theoretically this step below not necessary because we reuse the cache from the 'compile_frontend' job. | |
# Sometimes the cache is not created, therefore this is a fallback. | |
- name: Populate cache | |
run: ./mvnw -B dependency:go-offline -pl :kadai-web -am | |
if: steps.maven-cache.outputs.cache-hit != 'true' | |
- name: Test | |
working-directory: web | |
run: yarn run test --coverageReporters text-summary | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
test_e2e: | |
runs-on: ubuntu-20.04 | |
name: Test E2E | |
needs: [ compile_frontend, compile_backend ] | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Enable Corepack | |
run: corepack enable | |
- name: Use Node.js ${{ env.NODE_VERSION }} | |
uses: actions/[email protected] | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Cache web dependencies | |
id: web-cache | |
uses: actions/cache@v4 | |
with: | |
path: web/node_modules | |
key: ${{ runner.OS }}-${{ env.CACHE_WEB_NAME }}-${{ hashFiles('**/yarn.lock') }} | |
# Theoretically this step below not necessary because we reuse the cache from the 'compile_frontend' job. | |
# Sometimes the cache is not created, therefore this is a fallback. | |
- name: Install Dependencies | |
if: steps.web-cache.outputs.cache-hit != 'true' | |
working-directory: web | |
run: yarn ci | |
- name: Cache maven dependencies | |
id: maven-cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
- name: Download kadai artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_JARS_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
- name: Change versions to match tag | |
run: ci/change_version.sh -m . | |
# Theoretically this step below not necessary because we reuse the cache from the 'compile_frontend' job. | |
# Sometimes the cache is not created, therefore this is a fallback. | |
- name: Populate cache | |
run: ./mvnw -B dependency:go-offline -pl :kadai-rest-spring-example-boot -am | |
if: steps.maven-cache.outputs.cache-hit != 'true' | |
- name: Download kadai-web dist artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_WEB_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_WEB_PATH }} | |
- name: Build frontend | |
run: ./mvnw install -pl :kadai-web | |
- name: Cypress tests | |
working-directory: web | |
run: | | |
../mvnw -B spring-boot:run -P history.plugin -f .. -pl :kadai-rest-spring-example-boot &> /dev/null & | |
npx wait-port -t 30000 localhost:8080 && yarn run e2e-standalone --spec "cypress/integration/monitor/**" | |
- name: Upload Cypress tests | |
if: failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_CYPRESS_TESTS_NAME }} | |
path: ${{ env.ARTIFACTS_CYPRESS_TESTS_PATH }} | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
test_backend: | |
runs-on: ubuntu-20.04 | |
name: Test ${{ matrix.module }} on ${{ matrix.database }} | |
needs: [ compile_backend ] | |
strategy: | |
matrix: | |
module: | |
- kadai-common | |
- kadai-common-security | |
- kadai-common-data | |
- kadai-common-logging | |
- kadai-common-test | |
- kadai-core | |
- kadai-core-test | |
- kadai-cdi | |
- kadai-cdi-example | |
- kadai-test-api | |
- kadai-spring | |
- kadai-spring-example | |
- kadai-spi-routing-dmn-router | |
- kadai-routing-rest | |
- kadai-rest-spring | |
- kadai-rest-spring-test-lib | |
- kadai-rest-spring-example-common | |
- kadai-loghistory-provider | |
- kadai-simplehistory-provider | |
- kadai-simplehistory-rest-spring | |
database: | |
- H2 | |
include: | |
- module: kadai-core | |
database: POSTGRES | |
- module: kadai-core | |
database: DB2 | |
- module: kadai-core | |
database: ORACLE | |
- module: kadai-core-test | |
database: POSTGRES | |
- module: kadai-core-test | |
database: DB2 | |
- module: kadai-core-test | |
database: ORACLE | |
- module: kadai-test-api | |
database: POSTGRES | |
- module: kadai-test-api | |
database: DB2 | |
- module: kadai-test-api | |
database: ORACLE | |
- module: kadai-simplehistory-provider | |
database: DB2 | |
- module: kadai-simplehistory-provider | |
database: POSTGRES | |
- module: kadai-simplehistory-provider | |
database: ORACLE | |
- module: kadai-rest-spring-example-boot | |
database: DB2 | |
- module: kadai-rest-spring-example-boot | |
database: ORACLE | |
- module: kadai-rest-spring-example-wildfly | |
database: POSTGRES | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Cache maven dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }} | |
- name: Download kadai artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_JARS_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
- name: Change versions to match tag | |
run: | | |
ci/change_version.sh -m . | |
ci/update_kadai_dependency_for_wildfly.sh | |
- name: Test | |
run: ./mvnw -B verify -pl :${{matrix.module}} -Dcheckstyle.skip | |
env: | |
DB: ${{ matrix.database }} | |
- name: Upload JaCoCo Report | |
if: matrix.database == 'H2' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_JACOCO_REPORTS_NAME }}-${{ matrix.module }} | |
path: ${{ env.ARTIFACTS_JACOCO_REPORTS_PATH }} | |
if-no-files-found: ignore | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
release_artifacts: | |
runs-on: ubuntu-22.04 | |
name: Release artifacts to OSS Sonatype | |
if: github.repository == 'kadai-io/kadai' && ( startsWith(github.ref, 'refs/tags') || github.ref == 'refs/heads/master' ) && github.head_ref == '' | |
needs: [ test_frontend, test_e2e, test_backend ] | |
# as documented in the gpg manual (https://www.gnupg.org/documentation/manuals/gnupg/Invoking-GPG_002dAGENT.html) | |
# we should execute this command before interacting with gpg (otherwise gpg won't work) | |
env: | |
GPG_TTY: $(tty) | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # necessary for push back | |
# NOTE @v2 uses the token as an auth http header. Set it to | |
# a Personal Access Token instead of secrets.GITHUB_TOKEN | |
# so that tag pushes trigger repo push events. | |
# source: https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/7 | |
token: ${{ secrets.ADMIN_PERSONAL_ACCESS_TOKEN }} | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Cache maven dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }} | |
- name: Download kadai artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_JARS_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
- name: Download kadai-web dist artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_WEB_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_WEB_PATH }} | |
- name: Import GPG Key | |
run: echo -n "$GPG_KEY" | base64 --decode | gpg --batch --import | |
env: | |
GPG_KEY: ${{ secrets.GPG_KEY }} | |
- name: Change versions to match tag | |
run: ci/change_version.sh -m . | |
- name: Release artifacts to OSS Sonatype | |
run: | | |
./mvnw -B deploy -P $([[ "$GITHUB_REF" =~ ^refs/tags/v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "release" || echo "snapshot") \ | |
--settings ci/mvnsettings.xml -DskipTests -Dcheckstyle.skip -Djacoco.skip \ | |
-pl :kadai-parent,\ | |
:kadai-common-parent,:kadai-common-logging,:kadai-common,:kadai-common-security,\ | |
:kadai-common-data,:kadai-common-test,\ | |
:kadai-lib-parent,:kadai-core,:kadai-cdi,:kadai-spring,\ | |
:kadai-rest-parent,:kadai-web,:kadai-rest-spring,\ | |
:kadai-history-parent,:kadai-simplehistory-provider,:kadai-simplehistory-rest-spring,:kadai-loghistory-provider,\ | |
:kadai-routing-parent,:kadai-spi-routing-dmn-router,:kadai-routing-rest | |
env: | |
GPG_KEY_NAME: ${{ secrets.GPG_KEY_NAME }} | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
MAVEN_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
MAVEN_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
- name: Update version to next snapshot and push back | |
run: | | |
ci/change_version.sh -i -m . | |
ci/update_kadai_dependency_for_wildfly.sh -i | |
ci/commitPoms.sh rest/kadai-rest-spring-example-wildfly/src/test/java/io/kadai/example/wildfly/AbstractAccTest.java | |
env: | |
GH_EMAIL: ${{ secrets.GH_EMAIL }} | |
GH_USERNAME: ${{ secrets.GH_USERNAME }} | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
deploy_to_azure: | |
runs-on: ubuntu-20.04 | |
name: Deploy demo app to Microsoft Azure | |
if: github.repository == 'kadai-io/kadai' && github.ref == 'refs/heads/master' && github.head_ref == '' | |
needs: [ test_frontend, test_e2e, test_backend ] | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Cache maven dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }} | |
- name: Download kadai artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_JARS_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_JARS_PATH }} | |
- name: Download kadai-web dist artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.ARTIFACTS_KADAI_WEB_NAME }} | |
path: ${{ env.ARTIFACTS_KADAI_WEB_PATH }} | |
- name: Build kadai-web | |
run: ./mvnw -B install -pl :kadai-web | |
- name: Generate Javadoc | |
run: ./mvnw -B clean javadoc:jar -pl :kadai-core,:kadai-cdi,:kadai-spring | |
- name: Build Example Application | |
run: ./mvnw -B install -P history.plugin -pl :kadai-rest-spring-example-boot -DskipTests -Dcheckstyle.skip -Dmaven.javadoc.skip -Djacoco.skip | |
- name: Verify Example Application contains documentation | |
run: ci/verify_docs_jar.sh | |
- name: Login to Microsoft Azure | |
uses: Azure/login@v2 | |
with: | |
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}' | |
- name: Deploy to Microsoft Azure | |
uses: Azure/webapps-deploy@v3 | |
with: | |
app-name: kadai-io | |
package: rest/kadai-rest-spring-example-boot/target/kadai-rest-spring-example-boot.jar | |
- name: Wait for Azure for 60 seconds | |
uses: jakejarvis/wait-action@master | |
with: | |
time: '60s' | |
- name: Smoke test documentation | |
run: ci/verify_docs_alive.sh | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] | |
upload_to_sonar: | |
runs-on: ubuntu-20.04 | |
name: Upload SonarQube analysis to sonarcloud | |
# no pull request and not on release | |
if: github.head_ref == '' && !startsWith(github.ref, 'refs/tags') | |
needs: [ test_frontend, test_e2e, test_backend ] | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Set up JDK ${{ env.JAVA_VERSION }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-${{ env.CACHE_SONAR_NAME }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_SONAR_NAME }} | |
- name: Cache maven dependencies | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }}-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-${{ env.CACHE_MAVEN_NAME }} | |
- name: Download JaCoCo reports | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: ${{ env.ARTIFACTS_JACOCO_REPORTS_NAME }}-* | |
merge-multiple: true | |
- name: Install kadai | |
run: ./mvnw -B install -DskipTests -Dcheckstyle.skip -Dmaven.javadoc.skip | |
- name: Upload SonarQube analysis | |
run: ./mvnw -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_ORGANIZATION: ${{ secrets.SONAR_ORGANIZATION }} | |
- name: Cancel workflow | |
if: failure() | |
uses: andymckay/[email protected] |