junit-framework/.github/workflows/main.yml at 1b2198254ad2b4300b3fa9559d9bbf7949f3bbe3 · junit-team/junit-framework · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: CI

on:
  push:
    branches:
      - main
      - 'releases/**'
    tags-ignore:
      - '**'
  pull_request:
    branches:
      - '**'

concurrency:
  # Cancels in-progress runs only for pull requests
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

permissions: {}

env:
  DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}

jobs:
  Linux:
    runs-on: ubuntu-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - name: Install GraalVM
      uses: graalvm/setup-graalvm@54b4f5a65c1a84b2fdfdc2078fe43df32819e4b1 # v1.4.5
      with:
        distribution: graalvm-community
        version: 'latest'
        java-version: '21'
    - name: Build
      uses: ./.github/actions/main-build
      with:
        encryptionKey: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
        arguments: |
          :platform-tooling-support-tests:test \
          build \
          jacocoRootReport \
          --no-configuration-cache # Disable configuration cache due to https://github.com/diffplug/spotless/issues/2318
    - name: Upload to Codecov.io
      uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
      with:
        token: ${{ secrets.CODECOV_TOKEN }}

  Windows:
    runs-on: windows-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - name: Build
      uses: ./.github/actions/main-build
      with:
        encryptionKey: ${{ secrets.GRADLE_ENCRYPTION_KEY }}

  macOS:
    runs-on: macos-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - name: Build
      uses: ./.github/actions/main-build
      with:
        encryptionKey: ${{ secrets.GRADLE_ENCRYPTION_KEY }}

  publish_artifacts:
    name: Publish Snapshot Artifacts
    needs: macOS
    runs-on: ubuntu-latest
    permissions:
      attestations: write # required for build provenance attestation
      id-token: write # required for build provenance attestation
    if: github.event_name == 'push' && github.repository == 'junit-team/junit-framework' && (startsWith(github.ref, 'refs/heads/releases/') || github.ref == 'refs/heads/main')
    steps:
    - name: Check out repository
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - name: Publish
      uses: ./.github/actions/run-gradle
      env:
        ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
        ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
      with:
        encryptionKey: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
        arguments: |
          publishAllPublicationsToMavenCentralSnapshotsRepository -x check \
          prepareGitHubAttestation
    - name: Generate build provenance attestations
      uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
      with:
        subject-path: documentation/build/attestation/*.jar

  build_documentation:
    name: Build Documentation
    needs: macOS
    runs-on: ubuntu-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      with:
        fetch-depth: 1
        persist-credentials: false
    - name: Install Graphviz
      run: |
        sudo apt-get update
        sudo apt-get install graphviz
    - name: Install Node.js
      uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
      with:
        node-version-file: documentation/.tool-versions
    - name: Build Documentation
      uses: ./.github/actions/run-gradle
      with:
        encryptionKey: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
        arguments: |
          antora \
          -Pantora.downloadNode=false \
          -Dscan.tag.Documentation

  deploy_documentation:
    name: Deploy Documentation
    needs: build_documentation
    if: github.event_name == 'push' && github.repository == 'junit-team/junit-framework' && github.ref == 'refs/heads/main'
    uses: ./.github/workflows/deploy-docs.yml
    permissions:
      actions: write