Merge pull request #12 from thriving-dev/feat/correctly-use-gradle-build-action-with-cache

Feat/correctly use gradle build action with cache

Author: hartmut-co-uk

.github/workflows/callable.build.yml

@@ -15,10 +15,10 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
-
+        with:
+          cache-write-only: true
       - name: Run build (incl. test)
-        run: gradle build -x intTest --no-daemon
+        run: ./gradlew build -x intTest --no-daemon

.github/workflows/callable.code-analysis.codeql.yml

@@ -19,37 +19,38 @@ jobs:
       security-events: write
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: java
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: java
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
 
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-        queries: security-extended,security-and-quality
+          # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
+          queries: security-extended,security-and-quality
 
-    - uses: actions/setup-java@v3
-      with:
-        distribution: 'corretto'
-        java-version: '17'
-        cache: 'gradle'
-    - uses: gradle/wrapper-validation-action@v1
-    - name: Setup Gradle
-      uses: gradle/[email protected]
-    - name: Run build with Gradle Wrapper
-      run: |
-        gradle build -x intTest --no-daemon
-        # ignore ./.gradle folder for analysis
-        rm -Rf .gradle
+      - uses: actions/setup-java@v3
+        with:
+          distribution: 'corretto'
+          java-version: '17'
+      - uses: gradle/wrapper-validation-action@v1
+      - name: Setup Gradle
+        uses: gradle/[email protected]
+        with:
+          cache-read-only: true
+      - name: Run build with Gradle Wrapper
+        run: |
+          ./gradlew build -x intTest --no-daemon
+          # ignore ./.gradle folder for analysis
+          rm -Rf .gradle
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
-      with:
-        category: "/language:${{matrix.language}}"
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/callable.code-analysis.trivy.yml

@@ -21,10 +21,11 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
+        with:
+          cache-read-only: true
 
       - name: Generate gradle.lockfile for trivy scan
         run: gradle dependencies --write-locks

.github/workflows/callable.gradle-release.yml

@@ -14,7 +14,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Validate 'Release Type' param
-        id: validate_type
         env:
           TYPE: ${{ inputs.type }}
         run: |
@@ -32,19 +31,18 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
+        with:
+          cache-read-only: true
 
       - name: Get current version
-        id: get_version
         run: |
           source gradle.properties
           echo "current_version=${version}" >> $GITHUB_ENV
 
       - name: Determine version type
-        id: bump_version
         env:
           TYPE: ${{ inputs.type }}
           VERSION: ${{ env.current_version }}
@@ -69,7 +67,6 @@ jobs:
           git config --local user.email "[email protected]"
           git config --local user.name "GitHub Action"
       - name: Run 'gradle release'
-        id: gradle_release
         run: |
           echo "Type: ${{ inputs.type }}"
           echo "Current version: ${{ env.current_version }}"

.github/workflows/callable.integration-test.yml

@@ -15,13 +15,11 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
-
-      - name: Run build (incl. test)
-        run: gradle build -x intTest --no-daemon
+        with:
+          cache-read-only: true
 
       - name: Run integration tests
-        run: gradle intTest --no-daemon
+        run: ./gradlew intTest -x test --no-daemon

.github/workflows/callable.publish-javadoc.yml

@@ -18,13 +18,14 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
+        with:
+          cache-read-only: true
 
       - name: Run build (incl. test)
-        run: gradle javadoc
+        run: ./gradlew javadoc
 
       - name: Conclude javadoc version and set env
         run: |

.github/workflows/callable.publish-sonatype.yml

@@ -14,23 +14,24 @@ jobs:
         with:
           distribution: 'corretto'
           java-version: '17'
-          cache: 'gradle'
       - uses: gradle/wrapper-validation-action@v1
       - name: Setup Gradle
         uses: gradle/[email protected]
+        with:
+          cache-read-only: true
 
+      # note the following two steps are identical but different names for better DX in GitHub Actions UI
       - name: Publish SNAPSHOT to Sonatype (Maven Central)
         if: github.ref == 'refs/heads/main'
-        run: gradle publishToSonatype closeAndReleaseSonatypeStagingRepository
+        run: ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository
         env:
           GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
           GPG_SIGNING_PASSPHRASE: ${{ secrets.GPG_SIGNING_PASSPHRASE }}
           OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
           OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-
       - name: Publish RELEASE to Sonatype (Maven Central)
         if: github.ref_type == 'tag'
-        run: gradle publishToSonatype closeAndReleaseSonatypeStagingRepository
+        run: ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository
         env:
           GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
           GPG_SIGNING_PASSPHRASE: ${{ secrets.GPG_SIGNING_PASSPHRASE }}