-
-
Notifications
You must be signed in to change notification settings - Fork 808
181 lines (181 loc) · 6.75 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
name: CI
on:
push:
branches:
- master
pull_request:
branches:
- master
schedule:
- cron: "0 0 * * 1"
permissions: read-all
jobs:
hotspot-ea:
name: HotSpot (EA)
runs-on: ubuntu-24.04
needs: [ extended ]
continue-on-error: true
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: 24-ea
distribution: temurin
cache: maven
- name: Build project
run: ./mvnw verify -Pjava24
continue-on-error: false
hotspot-supported:
name: Any (supported)
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, macos-14, windows-2022 ]
java: [ 8, 11, 17, 21 ]
runs-on: ${{ matrix.os }}
needs: [ extended ]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: ${{ matrix.java }}
distribution: temurin
architecture: x64
cache: maven
- name: Build project
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }}
j9-supported:
name: Any (supported)
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, macos-14, windows-2022 ]
java: [ 8, 11 ]
runs-on: ${{ matrix.os }}
needs: [ extended ]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: ${{ matrix.java }}
distribution: adopt-openj9
architecture: x64
cache: maven
- name: Build project
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }}
hotspot-unsupported:
name: HotSpot (unsupported)
strategy:
fail-fast: false
matrix:
java: [ 9, 10, 12, 13, 14, 15, 16, 18, 19, 20, 22, 23 ]
runs-on: ubuntu-24.04
needs: [ extended ]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: ${{ matrix.java }}
distribution: zulu
architecture: x64
cache: maven
- name: Build project
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }}
hotspot-32:
name: HotSpot (32 bit)
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, windows-2022 ]
java: [ 8 ]
runs-on: ${{ matrix.os }}
needs: [ extended ]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: ${{ matrix.java }}
distribution: zulu
architecture: x86
cache: maven
- name: Build project
run: ./mvnw verify -Pintegration -Pjava${{ matrix.java }}
hotspot-legacy:
name: HotSpot (legacy)
strategy:
fail-fast: false
matrix:
java: [ 6, 7 ]
runs-on: ubuntu-24.04
needs: [ extended ]
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: ~/.m2/repository
key: ${{ runner.os }}-legacy-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-legacy-maven-
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: ${{ matrix.java }}
distribution: zulu
architecture: x64
- name: Build project
run: ./mvnw -s .mvn/nossl.settings.xml verify -Pintegration -Pjava${{ matrix.java }}
extended:
name: Extended build
runs-on: ubuntu-24.04
if: github.event_name == 'push'
steps:
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # V2.8.1
with:
egress-policy: block
disable-telemetry: true
allowed-endpoints: >
coveralls.io:443
dl.google.com:443
docs.gradle.org:443
docs.oracle.com:443
github.com:443
javadoc.io:443
jcenter.bintray.com:443
objects.githubusercontent.com:443
plugins-artifacts.gradle.org:443
plugins.gradle.org:443
raw.githubusercontent.com:443
repo.gradle.org:443
repo.maven.apache.org:443
repository.sonatype.org:443
services.gradle.org:443
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: 8
distribution: temurin
architecture: x64
cache: maven
- name: Build project
run: ./mvnw jacoco:prepare-agent verify jacoco:report coveralls:report -DrepoToken=${{ secrets.coveralls }} -Pextras -Pchecks -Panalysis -Pintegration -Pmulti-release -Pchecksum-enforce
release:
name: Release new version
runs-on: ubuntu-24.04
needs: [ extended, hotspot-ea, hotspot-supported, j9-supported, hotspot-unsupported, hotspot-32, hotspot-legacy ]
if: github.event_name == 'push' && startsWith(github.event.head_commit.message, '[release]')
permissions:
contents: write
steps:
- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # V2.8.1
with:
egress-policy: audit # servers have changed, must be adjusted after next release
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
with:
java-version: 8
distribution: temurin
architecture: x64
gpg-private-key: ${{ secrets.gpg_secret }}
- name: Publish new version
run: |
git config user.name "${{ github.event.head_commit.committer.name }}"
git config user.email "${{ github.event.head_commit.committer.email }}"
./mvnw -B -s .mvn/release.settings.xml release:prepare release:perform -Drepository.url=https://${{ github.actor }}:${{ secrets.github_token }}@github.com/${{ github.repository }}.git -Dcentral.username=${{ secrets.central_user }} -Dcentral.password=${{ secrets.central_password }} -Dgpg.passphrase=${{ secrets.gpg_passphrase }} -Dgpg.keyname=B4AC8CDC141AF0AE468D16921DA784CCB5C46DD5 -Dgradle.key=${{ secrets.gradle_key }} -Dgradle.secret=${{ secrets.gradle_secret }} -Pchecksum-enforce