Hotfix, publish to GH after javadoc, otherwise weird things happen #9130
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
tags: | |
- v*.** | |
paths-ignore: | |
- "docs/**" | |
merge_group: | |
pull_request: | |
types: [opened, synchronize, reopened] | |
paths-ignore: | |
- "docs/**" | |
jobs: | |
build: | |
runs-on: [self-hosted, Linux, ARM64] | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
- run: | | |
cp gradle.properties.example gradle.properties | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: "zulu" | |
java-version: "17" | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: "3.12" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: "18" | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: cpg-language-go/src/test/resources/golang/integration/go.mod | |
- name: Setup neo4j | |
run: | | |
docker run -d --env NEO4J_AUTH=neo4j/password -p7474:7474 -p7687:7687 -e NEO4JLABS_PLUGINS='["apoc"]' neo4j:5 || true | |
- name: Determine Version | |
run: | | |
# determine version from tag | |
export VERSION=$(echo "${GITHUB_REF}" | cut -d "/" -f3) | |
if [[ $VERSION != v* ]] | |
then | |
export VERSION="${VERSION}-SNAPSHOT" | |
echo "Building as ${VERSION}" | |
else | |
# make version more Java-friendly by dropping the 'v' | |
export VERSION=${VERSION:1:${#VERSION}} | |
echo "Building as ${VERSION}" | |
fi | |
# store version in GitHub environment file | |
echo "version=$VERSION" >> $GITHUB_ENV | |
- name: Install JEP | |
run: | | |
python3 -m venv ~/.virtualenvs/cpg | |
source ~/.virtualenvs/cpg/bin/activate | |
pip3 install jep==$(grep "black.ninia:jep" gradle/libs.versions.toml | grep -o -E "[0-9]\d*(\.[0-9]\d*)*") | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v4 | |
- name: Build ${{ env.version }} | |
run: | | |
./gradlew --parallel -Pversion=$VERSION spotlessCheck -x spotlessApply build -x distZip -x distTar koverXmlReport koverHtmlReport performanceTest integrationTest | |
id: build | |
env: | |
VERSION: ${{ env.version }} | |
- name: Prepare report.xml for Codecov | |
run: | | |
# this is needed because codecov incorrectly reports lines that have no coverage information (good or bad) as a miss | |
# See https://github.com/codecov/feedback/issues/564 and https://github.com/Kotlin/kotlinx-kover/issues/699. | |
# Actually these lines should just not exist in the coverage XML file, since they are only structural elements, such | |
# as brackets. | |
cat ./build/reports/kover/report.xml | grep -v 'mi="0" ci="0" mb="0" cb="0"' > ./build/reports/kover/report-codecov.xml | |
rm ./build/reports/kover/report.xml | |
- name: Upload Code Coverage | |
uses: codecov/codecov-action@v5 | |
with: | |
fail_ci_if_error: true | |
files: ./build/reports/kover/report-codecov.xml | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
- name: Prepare test and coverage reports | |
if: ${{ always() }} | |
run: | | |
zip -r reports.zip **/build/reports/**/** || true | |
- name: Archive test and coverage reports | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: reports | |
path: reports.zip | |
- name: Publish to Maven Central | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
run: | | |
export ORG_GRADLE_PROJECT_signingKey=`echo ${{ secrets.GPG_PRIVATE_KEY }} | base64 -d` | |
./gradlew --no-daemon -Dorg.gradle.internal.publish.checksums.insecure=true --parallel -Pversion=$VERSION -PenableJavaFrontend=true -PenableCXXFrontend=true -PenableGoFrontend=true -PenablePythonFrontend=true -PenableLLVMFrontend=true -PenableTypeScriptFrontend=true -PenableRubyFrontend=true publishToSonatype closeSonatypeStagingRepository | |
env: | |
VERSION: ${{ env.version }} | |
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSWORD }} | |
ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | |
ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
- name: Download old dokka versions (version) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
run: | | |
# make sure the previousDocs folder exists | |
mkdir -p previousDocs && cd previousDocs | |
# retrieve the previous documentation folders for each published version (this also includes "main") | |
wget -O - https://github.com/Fraunhofer-AISEC/cpg/archive/gh-pages.tar.gz | tar -xz --strip=2 cpg-gh-pages/dokka || echo "No dokka directory present. Will continue as if nothing happened" | |
- name: Download old dokka versions (main) | |
if: github.ref == 'refs/heads/main' | |
run: | | |
# make sure the previousDocs folder exists | |
mkdir -p previousDocs && cd previousDocs | |
# retrieve the previous documentation folders for each published version (this also includes "main") | |
wget -O - https://github.com/Fraunhofer-AISEC/cpg/archive/gh-pages.tar.gz | tar -xz --strip=2 cpg-gh-pages/dokka || echo "No dokka directory present. Will continue as if nothing happened" | |
# in order to avoid duplicate mains, remove the "main" version from the previous versions | |
rm -rf main | |
- name: Build JavaDoc | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') || github.ref == 'refs/heads/main' | |
run: | | |
./gradlew --no-daemon -Pversion=$VERSION dokkaHtmlMultiModule | |
env: | |
VERSION: ${{ env.version }} | |
- name: Publish JavaDoc (version) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/${{ env.version }} | |
target-folder: dokka/${{ env.version }} | |
- name: Publish JavaDoc (version as main) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/${{ env.version }} | |
target-folder: dokka/main | |
- name: Publish JavaDoc (main) | |
if: github.ref == 'refs/heads/main' | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/main | |
target-folder: dokka/main | |
- name: Publish to GitHub Packages | |
if: github.ref == 'refs/heads/main' || contains(github.event.pull_request.labels.*.name, 'publish-to-github-packages') | |
run: | | |
./gradlew --parallel -Pversion=$VERSION publishAllPublicationsToGitHubPackagesRepository | |
env: | |
VERSION: ${{ env.version }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create Release | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
id: create_release | |
uses: softprops/action-gh-release@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
name: ${{ env.version }} | |
draft: false | |
prerelease: false |