From d5ac6a16d844a362b4f7fb6611e97c894c615b4c Mon Sep 17 00:00:00 2001 From: Sergio del Amo Date: Tue, 28 Mar 2023 10:26:51 +0200 Subject: [PATCH] ci: GitHub Actions sync and M1 dependencies (#1663) * build: Micronaut Groovy 4.0.0-M1 * build: Micronaut Serde 2.0.0-M1 * build: Micronaut Validation 4.0.0-M2 * fix equal ignore case * build: MongoDB M1 * build: use mn.micronaut.graal * checkstyle: remove import * build: Micronaut Test 4.0.0-M1 * build: add prefectProjectModules resolution strategy * ci: GitHub Actions Sync --- .github/renovate.json | 2 +- .github/workflows/graalvm.yml | 83 +++++++++++++++++---------------- .github/workflows/gradle.yml | 80 ++++++++++++++++++------------- .github/workflows/release.yml | 26 +++++------ .github/workflows/sonarqube.yml | 60 ------------------------ build.gradle.kts | 5 ++ gradle/libs.versions.toml | 2 +- 7 files changed, 111 insertions(+), 147 deletions(-) delete mode 100644 .github/workflows/sonarqube.yml diff --git a/.github/renovate.json b/.github/renovate.json index aaa729b515..ccd88d42ba 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -2,7 +2,7 @@ "extends": [ "config:base" ], - "addLabels": ["dependency-upgrade"], + "addLabels": ["type: dependency-upgrade"], "schedule": [ "every weekend" ], diff --git a/.github/workflows/graalvm.yml b/.github/workflows/graalvm.yml index 4708c91303..25f4ec7d7f 100644 --- a/.github/workflows/graalvm.yml +++ b/.github/workflows/graalvm.yml @@ -3,69 +3,74 @@ # https://github.com/micronaut-projects/micronaut-project-template/tree/master/.github/workflows # # and edit them there. Note that it will be sync'ed to all the Micronaut repos -name: GraalVM CE CI +name: GraalVM Dev CI on: - push: - branches: - - master - - '[1-9]+.[0-9]+.x' - pull_request: - branches: - - master - - '[1-9]+.[0-9]+.x' + schedule: + - cron: "0 1 * * 1-5" # Mon-Fri at 1am UTC + workflow_dispatch: jobs: build: if: github.repository != 'micronaut-projects/micronaut-project-template' runs-on: ubuntu-latest strategy: matrix: - graalvm: [ 'latest'] - java: [ '17' ] + graalvm: [ 'dev'] + java: ['17'] + env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} + GH_USERNAME: ${{ secrets.GH_USERNAME }} + TESTCONTAINERS_RYUK_DISABLED: true + PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: # https://github.com/actions/virtual-environments/issues/709 - - name: Free disk space + - name: "🗑 Free disk space" run: | sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" sudo apt-get clean df -h - - uses: actions/checkout@v3 - - uses: actions/cache@v3 + + - name: "📥 Checkout repository" + uses: actions/checkout@v3 with: - path: ~/.gradle/caches - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Setup GraalVM CE + fetch-depth: 0 + + - name: "🔧 Setup GraalVM CE" uses: graalvm/setup-graalvm@v1 with: version: ${{ matrix.graalvm }} java-version: ${{ matrix.java }} components: 'native-image' github-token: ${{ secrets.GITHUB_TOKEN }} - - name: Setup Gradle - uses: gradle/gradle-build-action@v2.4.0 - - name: Build with Gradle + + - name: "🔧 Setup Gradle" + uses: gradle/gradle-build-action@v2 + + - name: "❓ Optional setup step" + run: | + [ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ] + + - name: "🛠 Build with Gradle" id: gradle run: | - if ./gradlew tasks --no-daemon --all | grep -w "testNativeImage" - then - ./gradlew check testNativeImage --continue --no-daemon - else - ./gradlew check --continue --no-daemon - fi - env: - TESTCONTAINERS_RYUK_DISABLED: true - GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} - GH_USERNAME: ${{ secrets.GH_USERNAME }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" - - name: Publish Test Report + ./gradlew check --no-daemon --continue + + - name: "📊 Publish Test Report" if: always() - uses: mikepenz/action-junit-report@v3.7.5 + uses: mikepenz/action-junit-report@v3 with: - check_name: GraalVM CE CI / Test Report (Java ${{ matrix.java }}) + check_name: Java CI / Test Report (${{ matrix.java }}) report_paths: '**/build/test-results/test/TEST-*.xml' check_retries: 'true' + + - name: "📜 Upload binary compatibility check results" + if: always() + uses: actions/upload-artifact@v3 + with: + name: binary-compatibility-reports + path: "**/build/reports/binary-compatibility-*.html" + diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index ed53f09105..d0c741c8a2 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -19,74 +19,88 @@ jobs: runs-on: ubuntu-latest strategy: matrix: + graalvm: [ 'latest'] java: ['17'] + env: + GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} + GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} + GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} + GH_USERNAME: ${{ secrets.GH_USERNAME }} + TESTCONTAINERS_RYUK_DISABLED: true + PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: # https://github.com/actions/virtual-environments/issues/709 - - name: Free disk space + - name: "🗑 Free disk space" run: | sudo rm -rf "/usr/local/share/boost" sudo rm -rf "$AGENT_TOOLSDIRECTORY" sudo apt-get clean df -h - - uses: actions/checkout@v3 - - name: Set up JDK - uses: actions/setup-java@v3 + + - name: "📥 Checkout repository" + uses: actions/checkout@v3 with: - distribution: 'temurin' + fetch-depth: 0 + + - name: "🔧 Setup GraalVM CE" + uses: graalvm/setup-graalvm@v1 + with: + version: ${{ matrix.graalvm }} java-version: ${{ matrix.java }} - - name: Setup Gradle - uses: gradle/gradle-build-action@v2.4.0 - - name: Optional setup step - env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + components: 'native-image' + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: "🔧 Setup Gradle" + uses: gradle/gradle-build-action@v2 + + - name: "❓ Optional setup step" run: | - [ -f ./setup.sh ] && ./setup.sh || true - - name: Build with Gradle + [ -f ./setup.sh ] && ./setup.sh || [ ! -f ./setup.sh ] + + - name: "🛠 Build with Gradle" id: gradle run: | - ./gradlew check --no-daemon --parallel --continue - env: - GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} - GH_USERNAME: ${{ secrets.GH_USERNAME }} - TESTCONTAINERS_RYUK_DISABLED: true - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - PREDICTIVE_TEST_SELECTION: "${{ github.event_name == 'pull_request' && 'true' || 'false' }}" - - name: Publish Test Report + ./gradlew check --no-daemon --continue + + - name: "🔎 Run static analysis" + if: env.SONAR_TOKEN != '' + run: | + ./gradlew sonar + + - name: "📊 Publish Test Report" if: always() - uses: mikepenz/action-junit-report@v3.7.5 + uses: mikepenz/action-junit-report@v3 with: check_name: Java CI / Test Report (${{ matrix.java }}) report_paths: '**/build/test-results/test/TEST-*.xml' check_retries: 'true' + - name: "📜 Upload binary compatibility check results" if: always() uses: actions/upload-artifact@v3 with: name: binary-compatibility-reports path: "**/build/reports/binary-compatibility-*.html" - - name: Publish to Sonatype Snapshots + + - name: "📦 Publish to Sonatype Snapshots" if: success() && github.event_name == 'push' && matrix.java == '17' env: - GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} - GH_USERNAME: ${{ secrets.GH_USERNAME }} SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} run: ./gradlew publishToSonatype docs --no-daemon - - name: Determine docs target repository + + - name: "❓ Determine docs target repository" uses: haya14busa/action-cond@v1 id: docs_target with: cond: ${{ github.repository == 'micronaut-projects/micronaut-core' }} if_true: "micronaut-projects/micronaut-docs" if_false: ${{ github.repository }} - - name: Publish to Github Pages + + - name: "📑 Publish to Github Pages" if: success() && github.event_name == 'push' && matrix.java == '17' uses: micronaut-projects/github-pages-deploy-action@master env: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a079b9d892..3eb1a55d4f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -66,13 +66,13 @@ jobs: # Store the hash in a file, which is uploaded as a workflow artifact. echo $(sha256sum $ARTIFACTS | base64 -w0) > artifacts-sha256 - name: Upload build artifacts - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@v3 with: name: gradle-build-outputs path: build/repo/${{ steps.publish.outputs.group }}/*/${{ steps.publish.outputs.version }}/* retention-days: 5 - name: Upload artifacts-sha256 - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@v3 with: name: artifacts-sha256 path: artifacts-sha256 @@ -130,7 +130,7 @@ jobs: artifacts-sha256: ${{ steps.set-hash.outputs.artifacts-sha256 }} steps: - name: Download artifacts-sha256 - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1 + uses: actions/download-artifact@v3 with: name: artifacts-sha256 # The SLSA provenance generator expects the hash digest of artifacts to be passed as a job @@ -161,18 +161,18 @@ jobs: if: startsWith(github.ref, 'refs/tags/') steps: - name: Checkout repository - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - name: Download artifacts - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # v3.0.1 + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: gradle-build-outputs path: build/repo + - name: Create artifacts archive + shell: bash + run: find build/repo -regextype sed -regex '\(.*\.jar\|.*\.pom\|.*\.module\|.*\.toml\)' | xargs zip artifacts.zip - name: Upload assets - # Upload the artifacts and SLSA L3 provenance as assets to the existing - # release. Note that the provenance will attest to each artifact file and - # not the aggregated ZIP file. - run: | - find build/repo -regextype sed -regex '\(.*\.jar\|.*\.pom\|.*\.module\|.*\.toml\)' | xargs zip artifacts.zip - gh release upload ${{ github.ref_name }} artifacts.zip - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Upload the artifacts to the existing release. Note that the SLSA provenance will + # attest to each artifact file and not the aggregated ZIP file. + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 + with: + files: artifacts.zip diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml deleted file mode 100644 index 37231c88d1..0000000000 --- a/.github/workflows/sonarqube.yml +++ /dev/null @@ -1,60 +0,0 @@ -# WARNING: Do not edit this file directly. Instead, go to: -# -# https://github.com/micronaut-projects/micronaut-project-template/tree/master/.github/workflows -# -# and edit them there. Note that it will be sync'ed to all the Micronaut repos -name: Static Analysis -on: - push: - branches: - - master - - '[1-9]+.[0-9]+.x' - pull_request: - branches: - - master - - '[1-9]+.[0-9]+.x' -jobs: - build: - if: github.repository != 'micronaut-projects/micronaut-project-template' - runs-on: ubuntu-latest - steps: - # https://github.com/actions/virtual-environments/issues/709 - - name: Free disk space - run: | - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: actions/cache@v3 - with: - path: ~/.gradle/caches - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} - restore-keys: | - ${{ runner.os }}-gradle- - - name: Set up JDK - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: 17 - - name: Optional setup step - env: - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - run: | - [ -f ./setup.sh ] && ./setup.sh || true - - name: Analyse with Gradle - run: | - ./gradlew check sonarqube --no-daemon --parallel --continue - env: - TESTCONTAINERS_RYUK_DISABLED: true - GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} - GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} - GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_TOKEN_PUBLIC_REPOS_READONLY: ${{ secrets.GH_TOKEN_PUBLIC_REPOS_READONLY }} - GH_USERNAME: ${{ secrets.GH_USERNAME }} diff --git a/build.gradle.kts b/build.gradle.kts index 84b2de5f71..9fb61f55e2 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -8,3 +8,8 @@ repositories { mavenCentral() maven(url = "https://s01.oss.sonatype.org/content/repositories/snapshots/") } +configurations.all { + resolutionStrategy { + preferProjectModules() + } +} diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index fafaeaad9d..cdfbf139ba 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -2,7 +2,7 @@ micronaut = "4.0.0-M1" micronaut-docs = "2.0.0" -micronaut-test = "4.0.0-SNAPSHOT" +micronaut-test = "4.0.0-M1" groovy = "4.0.10" spock = "2.3-groovy-4.0"