#93: Upgrade dependencies #172
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file was generated by Project Keeper. | |
| name: CI Build | |
| on: | |
| push: | |
| branches: [ | |
| main | |
| ] | |
| pull_request: null | |
| workflow_dispatch: null | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-24.04 | |
| defaults: | |
| run: { | |
| shell: bash | |
| } | |
| permissions: { | |
| contents: read, | |
| issues: read | |
| } | |
| concurrency: { | |
| group: '${{ github.workflow }}-build-and-test-${{ github.ref }}', | |
| cancel-in-progress: true | |
| } | |
| outputs: { | |
| release-required: '${{ steps.check-release.outputs.release-required }}' | |
| } | |
| steps: | |
| - name: Free Disk Space | |
| id: free-disk-space | |
| if: ${{ false }} | |
| run: | | |
| sudo rm -rf /usr/local/lib/android | |
| sudo rm -rf /usr/share/dotnet | |
| - name: Checkout the repository | |
| id: checkout | |
| uses: actions/checkout@v4 | |
| with: { | |
| fetch-depth: 0 | |
| } | |
| - name: Set up JDKs | |
| id: setup-java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: |- | |
| 11 | |
| 17 | |
| cache: maven | |
| - id: setup-node | |
| uses: actions/setup-node@v4 | |
| with: { | |
| node-version: '22', | |
| cache: npm, | |
| cache-dependency-path: javascript-test/package-lock.json | |
| } | |
| - name: Run JavaScript tests | |
| id: run-javascript-tests | |
| run: | | |
| cd javascript-test | |
| npm ci | |
| npm run test | |
| - { | |
| name: Build connectors, | |
| id: build-connectors, | |
| run: ./tools/package_connector.sh | |
| } | |
| - name: Retrieve code signing certificate | |
| id: retrieve-code-signing-certificate | |
| run: echo $CODE_SIGNING_CERTIFICATE_BASE64 | base64 --decode > target/cert.p12 | |
| env: { | |
| CODE_SIGNING_CERTIFICATE_BASE64: '${{ secrets.CODE_SIGNING_CERTIFICATE_BASE64 }}' | |
| } | |
| - name: Retrieve code signing certificate chain | |
| id: retrieve-code-signing-certificate-chain | |
| run: echo $CODE_SIGNING_CERTIFICATE_CHAIN_BASE64 | base64 --decode > target/cert_chain.p7b | |
| env: { | |
| CODE_SIGNING_CERTIFICATE_CHAIN_BASE64: '${{ secrets.CODE_SIGNING_CERTIFICATE_CHAIN_BASE64 }}' | |
| } | |
| - name: Sign connectors | |
| id: sign-connectors | |
| run: ./tools/sign_connector.sh target/cert.p12 target/cert_chain.p7b | |
| env: { | |
| CODE_SIGNING_CERTIFICATE_PASSWORD: '${{ secrets.CODE_SIGNING_CERTIFICATE_PASSWORD }}' | |
| } | |
| - name: Cache SonarCloud packages | |
| id: cache-sonar | |
| uses: actions/cache@v4 | |
| with: { | |
| path: ~/.sonar/cache, | |
| key: '${{ runner.os }}-sonar', | |
| restore-keys: '${{ runner.os }}-sonar' | |
| } | |
| - { | |
| name: Enable testcontainer reuse, | |
| id: enable-testcontainer-reuse, | |
| run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" | |
| } | |
| - { | |
| name: Project Keeper Verify, | |
| id: build-pk-verify, | |
| run: 'mvn --batch-mode --projects . test com.exasol:project-keeper-maven-plugin:verify' | |
| } | |
| - { | |
| name: Generate dummy error code report, | |
| id: generate-dummy-error-code-report, | |
| run: 'echo ''{"$schema":"https://schemas.exasol.com/error_code_report-1.0.0.json","errorCodes":[]}'' > target/error_code_report.json' | |
| } | |
| - name: Sonar analysis | |
| id: sonar-analysis | |
| if: ${{ env.SONAR_TOKEN != null }} | |
| run: | | |
| mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ | |
| -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ | |
| -DtrimStackTrace=false \ | |
| -Dsonar.token=$SONAR_TOKEN | |
| env: { | |
| GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}', | |
| SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}' | |
| } | |
| - name: Verify Release Artifacts | |
| id: verify-release-artifacts | |
| run: "print_message() {\n local -r message=$1\n echo \"$message\"\n echo \"$message\" >> \"$GITHUB_STEP_SUMMARY\"\n}\n\nprint_message \"### Release Artifacts\"\n\nIFS=$'\\n' artifacts_array=($ARTIFACTS)\nmissing_files=()\nfor file in \"${artifacts_array[@]}\";\ndo \n echo \"Checking if file $file exists...\"\n if ! [[ -f \"$file\" ]]; then\n print_message \"* ⚠️ \\`$file\\` does not exist ⚠️\"\n echo \"Content of directory $(dirname \"$file\"):\"\n ls \"$(dirname \"$file\")\"\n missing_files+=(\"$file\")\n else\n print_message \"* \\`$file\\` ✅\" \n fi\ndone\nprint_message \"\"\nnumber_of_missing_files=${#missing_files[@]}\nif [[ $number_of_missing_files -gt 0 ]]; then\n print_message \"⚠️ $number_of_missing_files release artifact(s) missing ⚠️\"\n exit 1\nfi\n" | |
| env: { | |
| ARTIFACTS: '${{ steps.build-pk-verify.outputs.release-artifacts }}' | |
| } | |
| - name: Upload artifacts | |
| id: upload-artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: { | |
| name: artifacts, | |
| path: '${{ steps.build-pk-verify.outputs.release-artifacts }}', | |
| retention-days: 5 | |
| } | |
| - name: Configure link check | |
| id: configure-link-check | |
| run: | | |
| mkdir -p ./target | |
| echo '{"aliveStatusCodes": [429, 200], "ignorePatterns": [' \ | |
| '{"pattern": "^https?://(www|dev).mysql.com/"},' \ | |
| '{"pattern": "^https?://(www.)?opensource.org"}' \ | |
| '{"pattern": "^https?://(www.)?eclipse.org"}' \ | |
| '{"pattern": "^https?://projects.eclipse.org"}' \ | |
| ']}' > ./target/broken_links_checker.json | |
| - uses: gaurav-nelson/github-action-markdown-link-check@v1 | |
| id: run-link-check | |
| with: { | |
| use-quiet-mode: yes, | |
| use-verbose-mode: yes, | |
| config-file: ./target/broken_links_checker.json | |
| } | |
| next-java-compatibility: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: { | |
| shell: bash | |
| } | |
| permissions: { | |
| contents: read | |
| } | |
| concurrency: { | |
| group: '${{ github.workflow }}-next-java-${{ github.ref }}', | |
| cancel-in-progress: true | |
| } | |
| steps: | |
| - name: Checkout the repository | |
| id: checkout | |
| uses: actions/checkout@v4 | |
| with: { | |
| fetch-depth: 0 | |
| } | |
| - name: Set up JDK 17 | |
| id: setup-java | |
| uses: actions/setup-java@v4 | |
| with: { | |
| distribution: temurin, | |
| java-version: '17', | |
| cache: maven | |
| } | |
| - { | |
| name: Run tests and build with Maven 17, | |
| id: build-next-java, | |
| run: mvn --batch-mode clean test -Djava.version=17 | |
| } | |
| build: | |
| needs: [ | |
| build-and-test, | |
| next-java-compatibility | |
| ] | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: { | |
| shell: bash | |
| } | |
| permissions: { | |
| contents: read, | |
| issues: read | |
| } | |
| outputs: { | |
| release-required: '${{ steps.check-release.outputs.release-required }}' | |
| } | |
| steps: | |
| - name: Checkout the repository | |
| id: checkout | |
| uses: actions/checkout@v4 | |
| with: { | |
| fetch-depth: 0 | |
| } | |
| - name: Set up JDKs | |
| id: setup-java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: |- | |
| 11 | |
| 17 | |
| cache: maven | |
| - name: Check if release is needed | |
| id: check-release | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| run: | | |
| if mvn --batch-mode com.exasol:project-keeper-maven-plugin:verify-release --projects .; then | |
| echo "### ✅ Release preconditions met, start release" >> "$GITHUB_STEP_SUMMARY" | |
| echo "release-required=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "### 🛑 Not all release preconditions met, skipping release" >> "$GITHUB_STEP_SUMMARY" | |
| echo "See log output for details." >> "$GITHUB_STEP_SUMMARY" | |
| echo "release-required=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| env: { | |
| GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' | |
| } | |
| start_release: | |
| needs: build | |
| if: ${{ github.ref == 'refs/heads/main' && needs.build.outputs.release-required == 'true' }} | |
| concurrency: { | |
| cancel-in-progress: false, | |
| group: release | |
| } | |
| secrets: inherit | |
| permissions: { | |
| contents: write, | |
| actions: read, | |
| issues: read | |
| } | |
| uses: ./.github/workflows/release.yml | |
| with: { | |
| started-from-ci: true | |
| } |