Skip to content

Configure for reproducible builds (#23) #34

Configure for reproducible builds (#23)

Configure for reproducible builds (#23) #34

Workflow file for this run

name: Build
on:
push:
branches: [ master ]
pull_request: # all pull requests
workflow_dispatch: # allow triggering manually
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'Check out repository'
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: 'Set up Java 8'
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 8
cache: 'maven'
- name: 'Build'
run: |
mvn -V --batch-mode verify jacoco:report
- name: 'Upload directory to pass to next job'
uses: actions/upload-artifact@v3
with:
name: build
path: .
coveralls-pre-check:
needs: build
runs-on: ubuntu-latest
outputs:
HAVE_REPO_TOKEN: ${{ steps.step1.outputs.HAVE_REPO_TOKEN }}
steps:
- id: step1
name: 'Check secret access for fast fail'
run: |
echo "HAVE_REPO_TOKEN=$HAVE_REPO_TOKEN" >> $GITHUB_OUTPUT
echo "HAVE_REPO_TOKEN=$HAVE_REPO_TOKEN" >> $GITHUB_STEP_SUMMARY
env:
HAVE_REPO_TOKEN: ${{ secrets.COVERALLS_TOKEN != '' }}
coveralls:
needs: coveralls-pre-check
if: needs.coveralls-pre-check.outputs.HAVE_REPO_TOKEN == 'true'
runs-on: ubuntu-latest
steps:
- name: 'Restore directory from build'
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: 'Set up Java 8'
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 8
cache: 'maven'
- name: 'Coveralls report'
run: |
mvn -V --batch-mode coveralls:report \
-DrepoToken=$REPO_TOKEN -DpullRequest=${{ github.event.number }}
env:
REPO_TOKEN: ${{ secrets.COVERALLS_TOKEN }}
sonar-pre-check:
needs: build
runs-on: ubuntu-latest
outputs:
HAVE_SONAR_TOKEN: ${{ steps.step1.outputs.HAVE_SONAR_TOKEN }}
steps:
- id: step1
name: 'Check secret access for fast fail'
run: |
echo "HAVE_SONAR_TOKEN=$HAVE_SONAR_TOKEN" >> $GITHUB_OUTPUT
echo "HAVE_SONAR_TOKEN=$HAVE_SONAR_TOKEN" >> $GITHUB_STEP_SUMMARY
env:
HAVE_SONAR_TOKEN: ${{ secrets.SONAR_TOKEN != '' }}
sonar:
needs: sonar-pre-check
if: needs.sonar-pre-check.outputs.HAVE_SONAR_TOKEN == 'true'
runs-on: ubuntu-latest
steps:
- name: 'Restore directory from build'
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: 'Set up Java 11'
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 11
cache: 'maven'
- name: 'Cache SonarCloud packages'
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: 'Sonar'
run: |
mvn -V --batch-mode sonar:sonar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: "https://sonarcloud.io"