forked from binkley/modern-java-practices
-
Notifications
You must be signed in to change notification settings - Fork 1
143 lines (138 loc) · 4.11 KB
/
maven.direct.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: "Maven (Direct)"
"on":
workflow_call:
inputs:
artifact:
type: string
default: "maven-direct"
description: "Artifact prefix"
runner:
default: "ubuntu-latest"
type: string
description: "Runner"
java:
default: "21"
type: string
description: "Java version"
args:
default: ""
type: string
description: "Maven arguments"
build:
default: "verify"
type: string
description: "Build target"
run:
default: "./run-with-maven.sh"
type: string
description: "Run target"
run_args:
default: ""
type: string
description: "Runtime arguments"
push:
default: true
type: boolean
description: "Cache push"
secrets:
BUILDLESS_APIKEY:
required: true
description: "API key for build caching"
workflow_dispatch:
inputs:
artifact:
type: string
default: "maven-direct"
description: "Artifact prefix"
runner:
default: "ubuntu-latest"
description: "Runner"
java:
default: "21"
description: "Java version"
args:
default: ""
type: string
description: "Maven arguments"
build:
default: "verify"
type: string
description: "Build target"
run:
default: "./run-with-maven.sh"
type: string
description: "Run target"
run_args:
default: ""
type: string
description: "Runtime arguments"
push:
default: true
type: boolean
description: "Cache push"
permissions:
contents: read
env:
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
jobs:
build:
name: "Maven"
runs-on: ${{ inputs.runner || 'ubuntu-latest' }}
steps:
- name: "Setup: Harden Runner"
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- name: "Setup: Checkout"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
- name: "Setup: Caches"
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
env:
cache-name: caches-maven
with:
path: |
~/.m2/repository
~/.m2/wrapper
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/pom.xml') }}-jvm${{ inputs.java }}
# TODO: See discussion: https://github.com/jeremylong/DependencyCheck/issues/2560#issuecomment-702098748
restore-keys: |
${{ runner.os }}-${{ env.cache-name }}-jvm${{ inputs.java }}
${{ runner.os }}-${{ env.cache-name }}-
${{ runner.os }}-
- name: "Setup: Buildless"
uses: buildless/setup@30e82389418c7f17046606183bc4c78b2c8913e0 # v1.0.2
- name: "Setup: Activate Maven Settings"
run: |
mkdir -p ~/.m2
cp -fv ./.mvn/settings.xml ~/.m2/settings.xml
- name: "Setup: Java"
uses: buildless/setup-java@3232623d9c428cc5f228a01a2ae8d2d70f79775e # v4
with:
distribution: temurin
cache: maven
java-version: ${{ inputs.java }}
- name: "Build: Assemble and Test"
run: |
./mvnw \
${{ inputs.args }} \
${{ inputs.build }}
- name: "Build: Execute Run"
run: ${{ inputs.run }} ${{ inputs.run_args }}
- name: "Artifact: JARs"
uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
with:
name: ${{ inputs.artifact }}-jars
path: build/libs/modern-java-practices*.jar
if-no-files-found: ignore
compression-level: "1"
- name: "Artifact: Reports"
uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
if: always()
with:
name: ${{ inputs.artifact }}-reports
if-no-files-found: ignore
path: |
build/reports/*
build/test-results/*