From ebf07e77566ca1a25f8d4dd2144be430c3388007 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:22:30 +0400 Subject: [PATCH 1/6] Extract unicode dump into separate workflow to reduce amount of downloads --- .github/workflows/benchmark.yml | 5 ++++ .github/workflows/build-and-test.yml | 1 + .github/workflows/check.yml | 1 + .github/workflows/code-coverage-upload.yml | 6 ----- .github/workflows/pull_request.yml | 21 +++++---------- .github/workflows/release.yml | 5 ++++ .github/workflows/snapshot_release.yml | 5 ++++ .github/workflows/unicode-dump.yml | 30 ++++++++++++++++++++++ 8 files changed, 54 insertions(+), 20 deletions(-) create mode 100644 .github/workflows/unicode-dump.yml diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index ba4e521f..d787cbb2 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -45,7 +45,11 @@ concurrency: group: bench-${{ github.event_name }}-${{ github.event.pull_request.number || github.event.after }} jobs: + dump-unicode-data: + uses: ./.github/workflows/unicode-dump.yml benchmark-matrix: + needs: + - dump-unicode-data strategy: matrix: include: @@ -86,6 +90,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 8de4ec14..cac19d52 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -39,6 +39,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 45a0f59a..6e5e3312 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -56,6 +56,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | diff --git a/.github/workflows/code-coverage-upload.yml b/.github/workflows/code-coverage-upload.yml index 37768a91..3c8bc9a9 100644 --- a/.github/workflows/code-coverage-upload.yml +++ b/.github/workflows/code-coverage-upload.yml @@ -21,12 +21,6 @@ jobs: name: coverage-reports path: reports/ run_id: ${{ github.event.workflow_run.id }} - - name: Download PR number - uses: dawidd6/action-download-artifact@v6 - with: - name: pr-number - path: '.' - run_id: ${{ github.event.workflow_run.id }} - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 with: diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 69ecb3a9..d9c480c1 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -11,7 +11,11 @@ concurrency: cancel-in-progress: true jobs: + dump-unicode-data: + uses: ./.github/workflows/unicode-dump.yml reviewdog: + needs: + - dump-unicode-data permissions: pull-requests: write runs-on: ubuntu-latest @@ -34,6 +38,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | @@ -51,6 +56,8 @@ jobs: REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: reviewdog -tee -reporter=github-pr-review check-pr: + needs: + - dump-unicode-data uses: ./.github/workflows/build-and-test.yml with: collect-code-coverage: true @@ -69,17 +76,3 @@ jobs: dangerfile: Dangerfile.df.kts env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - store-pr-number: - runs-on: ubuntu-latest - steps: - - name: Save PR number - env: - PR_NUMBER: ${{ github.event.number }} - run: | - mkdir -p ./pr - echo $PR_NUMBER > ./pr/pr_number - - uses: actions/upload-artifact@v4 - with: - name: pr-number - path: pr/ - diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 02539f52..5c25b5d6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,11 @@ jobs: version-source: file version-file: ${{ env.VERSION_FILE }} version-file-extraction-pattern: ${{ env.VERSION_PATTERN }} + dump-unicode-data: + uses: ./.github/workflows/unicode-dump.yml build-and-test: + needs: + - dump-unicode-data uses: ./.github/workflows/build-and-test.yml publish_artifacts: needs: @@ -55,6 +59,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | diff --git a/.github/workflows/snapshot_release.yml b/.github/workflows/snapshot_release.yml index e4096236..74f4996a 100644 --- a/.github/workflows/snapshot_release.yml +++ b/.github/workflows/snapshot_release.yml @@ -13,7 +13,11 @@ on: - '.github/workflows/snapshot_release.yml' jobs: + dump-unicode-data: + uses: ./.github/workflows/unicode-dump.yml build-and-test: + needs: + - dump-unicode-data uses: ./.github/workflows/build-and-test.yml with: upload-code-coverage: true @@ -47,6 +51,7 @@ jobs: - name: Cache unicode data uses: actions/cache@v4 with: + fail-on-cache-miss: true path: unicode_dump key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | diff --git a/.github/workflows/unicode-dump.yml b/.github/workflows/unicode-dump.yml new file mode 100644 index 00000000..fe1456a4 --- /dev/null +++ b/.github/workflows/unicode-dump.yml @@ -0,0 +1,30 @@ +name: Dump information for Unicode characters + +on: + workflow_call: + +jobs: + generate-dump: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version-file: .java-version + - name: Validate Gradle Wrapper + uses: gradle/actions/wrapper-validation@v3 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v3 + with: + gradle-version: wrapper + - name: Cache unicode data + uses: actions/cache@v4 + with: + path: unicode_dump + key: unicode-dump-${{ hashFiles('unicode_dump/*') }} + restore-keys: | + unicode-dump- + - name: Build + run: ./gradlew :json-schema-validator:dumpCharacterData \ No newline at end of file From 8bec21ebe64ecea572331d9fc53f582b4622ca92 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:26:20 +0400 Subject: [PATCH 2/6] Do not execute dump task if chache was hit --- .github/workflows/unicode-dump.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/unicode-dump.yml b/.github/workflows/unicode-dump.yml index fe1456a4..fc96b877 100644 --- a/.github/workflows/unicode-dump.yml +++ b/.github/workflows/unicode-dump.yml @@ -20,6 +20,7 @@ jobs: with: gradle-version: wrapper - name: Cache unicode data + id: cache uses: actions/cache@v4 with: path: unicode_dump @@ -27,4 +28,5 @@ jobs: restore-keys: | unicode-dump- - name: Build + if: ${{ !steps.cache.outputs.cache-hit }} run: ./gradlew :json-schema-validator:dumpCharacterData \ No newline at end of file From 68c8b1d01e7a29451b57ad87428fac446cc94b85 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:28:33 +0400 Subject: [PATCH 3/6] Skip all steps in dump workflow if cache was hit --- .github/workflows/unicode-dump.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/unicode-dump.yml b/.github/workflows/unicode-dump.yml index fc96b877..85e27b89 100644 --- a/.github/workflows/unicode-dump.yml +++ b/.github/workflows/unicode-dump.yml @@ -13,12 +13,6 @@ jobs: with: distribution: temurin java-version-file: .java-version - - name: Validate Gradle Wrapper - uses: gradle/actions/wrapper-validation@v3 - - name: Setup Gradle - uses: gradle/actions/setup-gradle@v3 - with: - gradle-version: wrapper - name: Cache unicode data id: cache uses: actions/cache@v4 @@ -27,6 +21,14 @@ jobs: key: unicode-dump-${{ hashFiles('unicode_dump/*') }} restore-keys: | unicode-dump- + - name: Validate Gradle Wrapper + if: ${{ !steps.cache.outputs.cache-hit }} + uses: gradle/actions/wrapper-validation@v3 + - name: Setup Gradle + if: ${{ !steps.cache.outputs.cache-hit }} + uses: gradle/actions/setup-gradle@v3 + with: + gradle-version: wrapper - name: Build if: ${{ !steps.cache.outputs.cache-hit }} run: ./gradlew :json-schema-validator:dumpCharacterData \ No newline at end of file From 42de79fca5cd0ac58aa36044edb9b6e3f0ec5628 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:30:15 +0400 Subject: [PATCH 4/6] Execute coverage upload only for passed workflows --- .github/workflows/code-coverage-upload.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-coverage-upload.yml b/.github/workflows/code-coverage-upload.yml index 3c8bc9a9..5545a899 100644 --- a/.github/workflows/code-coverage-upload.yml +++ b/.github/workflows/code-coverage-upload.yml @@ -8,7 +8,7 @@ on: jobs: upload: runs-on: ubuntu-latest - if: github.event.workflow_run.actor.name != 'dependabot[bot]' && github.repository == 'OptimumCode/json-schema-validator' + if: github.event.workflow_run.actor.name != 'dependabot[bot]' && github.repository == 'OptimumCode/json-schema-validator' && github.event.workflow_run.conclusion == 'success' steps: - name: 'Checkout Repository' uses: actions/checkout@v4 From 9391dd7ca929e6e163081e6fbf3e664822a48cbe Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:46:15 +0400 Subject: [PATCH 5/6] Add codeql workflow to use unicode dump cache --- .github/workflows/codeql.yml | 74 ++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..f8b9a9e9 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,74 @@ +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '19 19 * * 6' + +jobs: + dump-unicode-data: + uses: ./.github/workflows/unicode-dump.yml + analyze: + needs: + - dump-unicode-data + runs-on: ubuntu-latest + timeout-minutes: 30 + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + env: + LANGUAGE: java-kotlin + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ env.LANGUAGE }} + build-mode: manual + # Build + - uses: actions/setup-java@v4 + with: + distribution: temurin + java-version-file: .java-version + - name: Validate Gradle Wrapper + uses: gradle/actions/wrapper-validation@v3 + - name: Cache konan + uses: actions/cache@v4 + with: + path: ~/.konan + key: ${{ runner.os }}-gradle-${{ hashFiles('*.gradle.kts') }} + restore-keys: | + ${{ runner.os }}-gradle- + - name: Cache unicode data + uses: actions/cache@v4 + with: + fail-on-cache-miss: true + path: unicode_dump + key: unicode-dump-${{ hashFiles('unicode_dump/*') }} + restore-keys: | + unicode-dump- + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v3 + with: + gradle-version: wrapper + - name: Build + run: ./gradlew --no-daemon -S -Dorg.gradle.dependency.verification=off -Dorg.gradle.warning.mode=none testClasses + + # Perform analysis + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{ env.LANGUAGE }}" \ No newline at end of file From e31a6dca1dcadea129e2eb7fa529902934c5b1e2 Mon Sep 17 00:00:00 2001 From: Oleg Smirnov Date: Sat, 3 Aug 2024 15:53:52 +0400 Subject: [PATCH 6/6] Add build cache parameter for check execution --- .github/workflows/check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 6e5e3312..1faf12ec 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -66,7 +66,7 @@ jobs: with: gradle-version: wrapper - name: Build - run: ./gradlew --no-daemon --info ${{ inputs.task }} koverXmlReport -x :benchmark:benchmark + run: ./gradlew --no-daemon --info ${{ inputs.task }} koverXmlReport -x :benchmark:benchmark --build-cache - name: Upload coverage reports to Codecov if: inputs.upload-code-coverage && github.actor != 'dependabot[bot]' uses: codecov/codecov-action@v4