-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (106 loc) · 3.48 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: CI
on:
# Run on every pull request
pull_request:
branches: [ main ]
types: [ opened, synchronize, reopened ]
push:
branches: [ main ]
env:
JAVA_VERSION: 17
# Will build the binaries, run tests and checks on them and if everything succeeds AND it is a push
# to the main branch will build and deploy a snapshot release of the binaries
jobs:
# Basic Gradle wrapper validation. This step is run first, due to security
# concerns. Running our whole pipeline with Gradle with a corrupt wrapper,
# could expose our secrets, and we definitely want to prevent this.
validation:
name: Gradle wrapper validation
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: Validate Gradle wrapper
uses: gradle/wrapper-validation-action@v1
assemble:
name: Build
runs-on: ubuntu-latest
needs: [ validation ]
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
cache: 'gradle'
- name: Gradle Assemble
run: |
./gradlew --stacktrace assemble --no-daemon --info
test:
runs-on: ubuntu-latest
needs: [ validation ]
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
cache: 'gradle'
- name: Gradle test
run: |
./gradlew test --no-daemon --stacktrace --info
- name: Upload Test Results
uses: actions/upload-artifact@v3
if: always()
with:
name: test-results
path: build/test-results
- name: Upload Build Report
uses: actions/upload-artifact@v3
if: always()
with:
name: build-reports
path: build/reports
auto-merge:
runs-on: ubuntu-latest
needs: [ test ]
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.user.login == 'dependabot[bot]' }}
permissions:
pull-requests: write
contents: write
steps:
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.5.1
- name: Auto merge patch and minor updates
if: ${{steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' || steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor'}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
build-image:
name: Build Docker Image
runs-on: ubuntu-latest
needs: [ assemble, test ]
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
cache: 'gradle'
- name: Login to Quay
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_IO_USERNAME }}
password: ${{ secrets.QUAY_IO_PASSWORD }}
- name: Build Rolling Docker Image
run: ./gradlew jib --no-daemon -x test