diff --git a/.github/workflows/clean_build_artifacts.yml b/.github/workflows/clean_build_artifacts.yml new file mode 100644 index 00000000000..377fb1e44ed --- /dev/null +++ b/.github/workflows/clean_build_artifacts.yml @@ -0,0 +1,17 @@ +name: Clean build artifacts +on: + schedule: + - cron: '0 10 * * *' # Once per day at 10am UTC + +jobs: + main: + runs-on: ubuntu-latest + steps: + - name: Delete artifacts in cron job + env: + GH_ACTIONS_REPO_TOKEN: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} + run: | + echo "Running clean build artifacts logic" + output=$(curl -X GET -H "Authorization: token $GH_ACTIONS_REPO_TOKEN" https://api.github.com/repos/spring-projects/spring-security/actions/artifacts | grep '"id"' | cut -d : -f2 | sed 's/,*$//g') + echo Output is $output + for id in $output; do curl -X DELETE -H "Authorization: token $GH_ACTIONS_REPO_TOKEN" https://api.github.com/repos/spring-projects/spring-security/actions/artifacts/$id; done; diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml new file mode 100644 index 00000000000..37c5566d298 --- /dev/null +++ b/.github/workflows/continuous-integration-workflow.yml @@ -0,0 +1,282 @@ +name: CI + +on: + push: + branches: + - master + schedule: + - cron: '0 10 * * *' # Once per day at 10am UTC + +env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }} + GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} + GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} + COMMIT_OWNER: ${{ github.event.pusher.name }} + COMMIT_SHA: ${{ github.sha }} + +jobs: + initiate_error_tracking: + name: Initiate job-level error tracking + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Initiate error tracking + uses: spring-projects/track-build-errors-action@v1 + with: + job-name: "initiate-error-tracking" + - name: Export errors file + uses: actions/upload-artifact@v2 + with: + name: errors + path: job-initiate-error-tracking.txt + build_jdk_8: + name: Build JDK 8 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK 8 + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Cache Gradle packages + uses: actions/cache@v2 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} + - name: Build with Gradle + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew clean build --continue + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + test_alternate_jdks: + name: Test JDK 11 and 12 + runs-on: ubuntu-latest + strategy: + matrix: + jdk: [11, 12] + fail-fast: false + steps: + - uses: actions/checkout@v2 + - name: Set up JDK ${{ matrix.jdk }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.jdk }} + - name: Cache Gradle packages + uses: actions/cache@v2 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} + - name: Test with Gradle + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew test --stacktrace + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }}-${{ matrix.jdk }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}-${{ matrix.jdk }}.txt + snapshot_tests: + name: Test against snapshots + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Snapshot Tests + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew test --refresh-dependencies -PforceMavenRepositories=snapshot -PspringVersion='5.+' -PreactorVersion='20+' -PspringDataVersion='Neumann-BUILD-SNAPSHOT' -PrsocketVersion=1.1.0-SNAPSHOT -PspringBootVersion=2.4.0-SNAPSHOT -PlocksDisabled --stacktrace + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + sonar_analysis: + name: Static Code Analysis + runs-on: ubuntu-latest + env: + SONAR_URL: ${{ secrets.SONAR_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + steps: + - uses: actions/checkout@v2 + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Run Sonar on given (non-master) branch + if: ${{ github.ref != 'refs/heads/master' }} + run: | + export BRANCH=${GITHUB_REF#refs/heads/} + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew sonarqube -PexcludeProjects='**/samples/**' -Dsonar.projectKey="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.projectName="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace + - name: Run Sonar on master + if: ${{ github.ref == 'refs/heads/master' }} + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew sonarqube -PexcludeProjects='**/samples/**' -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + deploy_artifacts: + name: Deploy Artifacts + needs: [build_jdk_8, test_alternate_jdks, snapshot_tests, sonar_analysis] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Deploy artifacts + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + export VERSION_HEADER=$'Version: GnuPG v2\n\n' + export ORG_GRADLE_PROJECT_signingKey=${GPG_PRIVATE_KEY#"$VERSION_HEADER"} + export ORG_GRADLE_PROJECT_signingPassword="$GPG_PASSPHRASE" + ./gradlew deployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel + ./gradlew finalizeDeployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel + env: + GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }} + OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }} + ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} + ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + deploy_docs: + name: Deploy Docs + needs: [build_jdk_8, test_alternate_jdks, snapshot_tests, sonar_analysis] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Deploy Docs + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace + env: + DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} + DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} + DOCS_HOST: ${{ secrets.DOCS_HOST }} + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + deploy_schema: + name: Deploy Schema + needs: [build_jdk_8, test_alternate_jdks, snapshot_tests, sonar_analysis] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: '8' + - name: Deploy Schema + run: | + export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" + export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" + export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" + ./gradlew deploySchema -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace --info + env: + DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }} + DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }} + DOCS_HOST: ${{ secrets.DOCS_HOST }} + - name: Track error step + uses: spring-projects/track-build-errors-action@v1 + if: ${{ failure() }} + with: + job-name: ${{ github.job }} + - name: Export errors file + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: errors + path: job-${{ github.job }}.txt + notify_result: + name: Check for failures + needs: [build_jdk_8, test_alternate_jdks, snapshot_tests, sonar_analysis, deploy_artifacts, deploy_docs, deploy_schema] + if: always() + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Download errors folder + uses: actions/download-artifact@v2 + with: + name: errors + - name: Send Slack message + uses: spring-projects/notify-slack-errors-action@v1 + with: + slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }} + branch-name: ${{ github.ref }} + commit-sha: ${{ github.sha }} + commit-owner: ${{ github.actor }} + repo-name: ${{ github.repository }} + run-id: ${{ github.run_id }} diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index ceb95e9ae8c..00000000000 --- a/Jenkinsfile +++ /dev/null @@ -1,240 +0,0 @@ -def projectProperties = [ - [$class: 'BuildDiscarderProperty', - strategy: [$class: 'LogRotator', numToKeepStr: '5']], - pipelineTriggers([cron('@daily')]) -] -properties(projectProperties) - -def SUCCESS = hudson.model.Result.SUCCESS.toString() -currentBuild.result = SUCCESS - -def GRADLE_ENTERPRISE_CACHE_USER = usernamePassword(credentialsId: 'gradle_enterprise_cache_user', - passwordVariable: 'GRADLE_ENTERPRISE_CACHE_PASSWORD', - usernameVariable: 'GRADLE_ENTERPRISE_CACHE_USERNAME') -def GRADLE_ENTERPRISE_SECRET_ACCESS_KEY = string(credentialsId: 'gradle_enterprise_secret_access_key', - variable: 'GRADLE_ENTERPRISE_ACCESS_KEY') -def SPRING_SIGNING_SECRING = file(credentialsId: 'spring-signing-secring.gpg', variable: 'SIGNING_KEYRING_FILE') -def SPRING_GPG_PASSPHRASE = string(credentialsId: 'spring-gpg-passphrase', variable: 'SIGNING_PASSWORD') -def OSSRH_CREDENTIALS = usernamePassword(credentialsId: 'oss-token', passwordVariable: 'OSSRH_PASSWORD', usernameVariable: 'OSSRH_USERNAME') -def ARTIFACTORY_CREDENTIALS = usernamePassword(credentialsId: '02bd1690-b54f-4c9f-819d-a77cb7a9822c', usernameVariable: 'ARTIFACTORY_USERNAME', passwordVariable: 'ARTIFACTORY_PASSWORD') -def JENKINS_PRIVATE_SSH_KEY = file(credentialsId: 'docs.spring.io-jenkins_private_ssh_key', variable: 'DEPLOY_SSH_KEY') -def SONAR_LOGIN_CREDENTIALS = string(credentialsId: 'spring-sonar.login', variable: 'SONAR_LOGIN') - -def jdkEnv(String jdk = 'jdk8') { - def jdkTool = tool(jdk) - return "JAVA_HOME=${ jdkTool }" -} - -try { - parallel check: { - stage('Check') { - node { - checkout scm - sh "git clean -dfx" - try { - withCredentials([GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew check --stacktrace" - } - } - } catch(Exception e) { - currentBuild.result = 'FAILED: check' - throw e - } finally { - junit '**/build/test-results/*/*.xml' - } - } - } - }, - sonar: { - stage('Sonar') { - node { - checkout scm - sh "git clean -dfx" - withCredentials([SONAR_LOGIN_CREDENTIALS, - GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - try { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - if ("master" == env.BRANCH_NAME) { - sh "./gradlew sonarqube -PexcludeProjects='**/samples/**' -Dsonar.host.url=$SPRING_SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN --stacktrace" - } else { - sh "./gradlew sonarqube -PexcludeProjects='**/samples/**' -Dsonar.projectKey='spring-security-${env.BRANCH_NAME}' -Dsonar.projectName='spring-security-${env.BRANCH_NAME}' -Dsonar.host.url=$SPRING_SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN --stacktrace" - } - } - } catch(Exception e) { - currentBuild.result = 'FAILED: sonar' - throw e - } - } - } - } - }, - snapshots: { - stage('Snapshot Tests') { - node { - checkout scm - sh "git clean -dfx" - try { - withCredentials([GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew test --refresh-dependencies -PforceMavenRepositories=snapshot -PspringVersion='5.+' -PreactorVersion='20+' -PspringDataVersion='Neumann-BUILD-SNAPSHOT' -PrsocketVersion=1.1.0-SNAPSHOT -PspringBootVersion=2.4.0-SNAPSHOT -PlocksDisabled --stacktrace" - } - } - } catch(Exception e) { - currentBuild.result = 'FAILED: snapshots' - throw e - } - } - } - }, - jdk11: { - stage('JDK 11') { - node { - checkout scm - sh "git clean -dfx" - try { - - withCredentials([GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv("jdk11"), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew test --stacktrace" - } - } - } catch(Exception e) { - currentBuild.result = 'FAILED: jdk11' - throw e - } - } - } - }, - jdk12: { - stage('JDK 12') { - node { - checkout scm - sh "git clean -dfx" - try { - withCredentials([GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv("openjdk12"), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew test --stacktrace" - } - } - } catch(Exception e) { - currentBuild.result = 'FAILED: jdk12' - throw e - } - } - } - } - - if(currentBuild.result == 'SUCCESS') { - parallel artifacts: { - stage('Deploy Artifacts') { - node { - checkout scm - sh "git clean -dfx" - withCredentials([SPRING_SIGNING_SECRING, - SPRING_GPG_PASSPHRASE, - OSSRH_CREDENTIALS, - ARTIFACTORY_CREDENTIALS, - GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew deployArtifacts -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password='$SIGNING_PASSWORD' -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace --no-parallel" - sh "./gradlew finalizeDeployArtifacts -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password='$SIGNING_PASSWORD' -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace --no-parallel" - } - } - } - } - }, - docs: { - stage('Deploy Docs') { - node { - checkout scm - sh "git clean -dfx" - withCredentials([JENKINS_PRIVATE_SSH_KEY, - SPRING_GPG_PASSPHRASE, - OSSRH_CREDENTIALS, - ARTIFACTORY_CREDENTIALS, - GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew deployDocs -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME --stacktrace" - } - } - } - } - }, - schema: { - stage('Deploy Schema') { - node { - checkout scm - sh "git clean -dfx" - withCredentials([JENKINS_PRIVATE_SSH_KEY, - SPRING_GPG_PASSPHRASE, - OSSRH_CREDENTIALS, - ARTIFACTORY_CREDENTIALS, - GRADLE_ENTERPRISE_CACHE_USER, - GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) { - withEnv([jdkEnv(), - "GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}", - "GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}", - "GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) { - sh "./gradlew deploySchema -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME --stacktrace" - } - } - } - } - } - } -} catch(Exception e) { - currentBuild.result = 'FAILED: deploys' - throw e -} finally { - def buildStatus = currentBuild.result - def buildNotSuccess = !SUCCESS.equals(buildStatus) - def lastBuildNotSuccess = !SUCCESS.equals(currentBuild.previousBuild?.result) - - if(buildNotSuccess || lastBuildNotSuccess) { - - stage('Notifiy') { - node { - final def RECIPIENTS = [[$class: 'DevelopersRecipientProvider'], [$class: 'RequesterRecipientProvider']] - - def subject = "${buildStatus}: Build ${env.JOB_NAME} ${env.BUILD_NUMBER} status is now ${buildStatus}" - def details = """The build status changed to ${buildStatus}. For details see ${env.BUILD_URL}""" - - emailext ( - subject: subject, - body: details, - recipientProviders: RECIPIENTS, - to: "$SPRING_SECURITY_TEAM_EMAILS" - ) - } - } - } -} diff --git a/README.adoc b/README.adoc index 76d0ed27930..30910c54651 100644 --- a/README.adoc +++ b/README.adoc @@ -1,5 +1,7 @@ image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge] +image:https://github.com/spring-projects/spring-security/workflows/CI/badge.svg?branch=master["Build Status", link="https://github.com/spring-projects/spring-security/actions?query=workflow%3ACI"] + = Spring Security Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as diff --git a/build.gradle b/build.gradle index 3949d2af096..2fa8b312f17 100644 --- a/build.gradle +++ b/build.gradle @@ -1,6 +1,6 @@ buildscript { dependencies { - classpath 'io.spring.gradle:spring-build-conventions:0.0.33.RELEASE' + classpath 'io.spring.gradle:spring-build-conventions:0.0.34.RELEASE' classpath "io.spring.javaformat:spring-javaformat-gradle-plugin:$springJavaformatVersion" classpath "org.springframework.boot:spring-boot-gradle-plugin:$springBootVersion" classpath 'io.spring.nohttp:nohttp-gradle:0.0.5.RELEASE'