-
Notifications
You must be signed in to change notification settings - Fork 0
94 lines (94 loc) · 3.66 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: CI
env:
JDK_DISTRIBUTION: semeru
JDK_VERSION: 11
on: [ push ]
jobs:
build:
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: ${{ env.JDK_DISTRIBUTION }}
java-package: jdk
java-version: ${{ env.JDK_VERSION }}
- name: Set up Gradle
uses: gradle/gradle-build-action@v2
with:
# Only write to the cache for builds on the 'main' and 'develop' branches. (Default is 'main' only.)
# Builds on other branches will only read existing entries from the cache.
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}
gradle-version: wrapper
- name: Build with Gradle
run: ./gradlew build
- name: Generate code coverage report
run: ./gradlew jacocoTestReport
- name: Verify code coverage metrics
run: ./gradlew jacocoTestCoverageVerification
- name: Upload coverage report to Codecov
uses: codecov/codecov-action@v3
with:
directory: ./build/reports/jacoco/test
fail_ci_if_error: true
flags: unittests
token: ${{ secrets.CODECOV_TOKEN }}
release:
# Only run on the 'main' and 'develop' branches.
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop'
needs: [ build ]
permissions: write-all
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GH_TOKEN }}
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: ${{ env.JDK_DISTRIBUTION }}
java-package: jdk
java-version: ${{ env.JDK_VERSION }}
- name: Set up Gradle
uses: gradle/gradle-build-action@v2
with:
# Only write to the cache for builds on the 'main' and 'develop' branches. (Default is 'main' only.)
# Builds on other branches will only read existing entries from the cache.
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}
gradle-version: wrapper
- name: Set up GPG
uses: crazy-max/ghaction-import-gpg@v6
with:
git_commit_gpgsign: true
git_committer_email: ${{ secrets.GIT_COMMITTER_EMAIL }}
git_committer_name: ${{ secrets.GIT_COMMITTER_NAME }}
# Currently, signing commits leads to the CI hanging indefinitely.
# See https://github.com/semantic-release/semantic-release/issues/3065
git_tag_gpgsign: false
git_user_signingkey: true
gpg_private_key: ${{ secrets.GPG_KEY }}
passphrase: ${{ secrets.GPG_KEY_PASSPHRASE }}
trust_level: 5
- name: Set up NodeJS
uses: actions/setup-node@v4
with:
cache: npm
node-version-file: .nvmrc
- name: Install semantic-release
run: npm ci
- name: Create a release
env:
DEBUG: semantic-release:*
GIT_AUTHOR_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }}
GIT_AUTHOR_NAME: ${{ secrets.GIT_COMMITTER_NAME }}
GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }}
GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }}
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
GRADLE_SIGNING_KEY: ${{ secrets.GRADLE_SIGNING_KEY }}
GRADLE_SIGNING_PASSWORD: ${{ secrets.GRADLE_SIGNING_PASSWORD }}
GRADLE_SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
GRADLE_SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
run: npx semantic-release