You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
134 lines
5.2 KiB
134 lines
5.2 KiB
name: CI |
|
|
|
on: |
|
push: |
|
branches-ignore: |
|
- "dependabot/**" |
|
schedule: |
|
- cron: '0 10 * * *' # Once per day at 10am UTC |
|
workflow_dispatch: # Manual trigger |
|
|
|
env: |
|
GRADLE_ENTERPRISE_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} |
|
GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} |
|
GRADLE_ENTERPRISE_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} |
|
|
|
permissions: |
|
contents: read |
|
|
|
jobs: |
|
build: |
|
name: Build |
|
uses: spring-io/spring-security-release-tools/.github/workflows/build.yml@v1 |
|
strategy: |
|
matrix: |
|
os: [ ubuntu-latest, windows-latest ] |
|
jdk: [ 17 ] |
|
with: |
|
runs-on: ${{ matrix.os }} |
|
java-version: ${{ matrix.jdk }} |
|
distribution: temurin |
|
secrets: inherit |
|
test: |
|
name: Test Against Snapshots |
|
uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1 |
|
strategy: |
|
matrix: |
|
include: |
|
- java-version: 21-ea |
|
toolchain: 21 |
|
- java-version: 17 |
|
toolchain: 17 |
|
with: |
|
java-version: ${{ matrix.java-version }} |
|
test-args: --refresh-dependencies -PforceMavenRepositories=snapshot -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=6.1.+ -PreactorVersion=2023.0.+ -PspringDataVersion=2023.1.+ --stacktrace |
|
secrets: inherit |
|
check-samples: |
|
name: Check Samples |
|
runs-on: ubuntu-latest |
|
if: ${{ github.repository_owner == 'spring-projects' }} |
|
steps: |
|
- uses: actions/checkout@v4 |
|
- name: Set up gradle |
|
uses: spring-io/spring-gradle-build-action@v2 |
|
with: |
|
java-version: 17 |
|
distribution: temurin |
|
- name: Check samples project |
|
env: |
|
LOCAL_REPOSITORY_PATH: ${{ github.workspace }}/build/publications/repos |
|
SAMPLES_DIR: ../spring-security-samples |
|
run: | |
|
# Extract version from gradle.properties |
|
version=$(cat gradle.properties | grep "version=" | awk -F'=' '{print $2}') |
|
# Extract samplesBranch from gradle.properties |
|
samples_branch=$(cat gradle.properties | grep "samplesBranch=" | awk -F'=' '{print $2}') |
|
./gradlew publishMavenJavaPublicationToLocalRepository |
|
./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR" |
|
./gradlew --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" :runAllTests |
|
check-tangles: |
|
name: Check for Package Tangles |
|
runs-on: ubuntu-latest |
|
if: ${{ github.repository_owner == 'spring-projects' }} |
|
steps: |
|
- uses: actions/checkout@v4 |
|
- name: Set up gradle |
|
uses: spring-io/spring-gradle-build-action@v2 |
|
with: |
|
java-version: 17 |
|
distribution: temurin |
|
- name: Check for package tangles |
|
env: |
|
STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }} |
|
run: | |
|
./gradlew check s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace |
|
deploy-artifacts: |
|
name: Deploy Artifacts |
|
needs: [ build, test, check-samples, check-tangles ] |
|
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 |
|
with: |
|
should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} |
|
secrets: inherit |
|
deploy-docs: |
|
name: Deploy Docs |
|
needs: [ build, test, check-samples, check-tangles ] |
|
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1 |
|
with: |
|
should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }} |
|
secrets: inherit |
|
deploy-schema: |
|
name: Deploy Schema |
|
needs: [ build, test, check-samples, check-tangles ] |
|
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1 |
|
with: |
|
should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }} |
|
secrets: inherit |
|
perform-release: |
|
name: Perform Release |
|
needs: [ deploy-artifacts, deploy-docs, deploy-schema ] |
|
uses: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml@v1 |
|
with: |
|
should-perform-release: ${{ needs.deploy-artifacts.outputs.artifacts-deployed }} |
|
project-version: ${{ needs.deploy-artifacts.outputs.project-version }} |
|
milestone-repo-url: https://repo.spring.io/artifactory/milestone |
|
release-repo-url: https://repo1.maven.org/maven2 |
|
artifact-path: org/springframework/security/spring-security-core |
|
slack-announcing-id: spring-security-announcing |
|
secrets: inherit |
|
notify_result: |
|
name: Check for failures |
|
needs: [ perform-release ] |
|
if: failure() |
|
runs-on: ubuntu-latest |
|
permissions: |
|
actions: read |
|
steps: |
|
- name: Send Slack message |
|
# Workaround while waiting for Gamesight/slack-workflow-status#38 to be fixed |
|
# See https://github.com/Gamesight/slack-workflow-status/issues/38 |
|
uses: sjohnr/slack-workflow-status@v1-beta |
|
with: |
|
repo_token: ${{ secrets.GITHUB_TOKEN }} |
|
slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} |
|
channel: '#spring-security-ci' |
|
name: 'CI Notifier'
|
|
|