Skip to content

feat: Improve @CascadingUpdateShadowVariable logic #1280

feat: Improve @CascadingUpdateShadowVariable logic

feat: Improve @CascadingUpdateShadowVariable logic #1280

Workflow file for this run

name: SonarCloud
on:
push:
branches:
- main
# Enables the workflow to run on PRs from forks.
# CI will only run for trusted users, to prevent stealing of secrets.
pull_request_target:
types:
- opened
- reopened
- synchronize
- labeled
jobs:
# Check if the user is a member of the organization; if so, allow the PR to sail through.
known_user:
runs-on: ubuntu-latest
outputs:
is_member_of_org: ${{ steps.auth_check.outputs.authorized }}
steps:
- id: auth_check
env:
GH_TOKEN: ${{ secrets.JRELEASER_GITHUB_TOKEN }} # Release account is a Solver Gatekeeper.
shell: bash
run: |
# -g to allow actors such as dependabot[bot]
ORG_MEMBERSHIP=`curl -g -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $GH_TOKEN" "https://api.github.com/orgs/TimefoldAI/memberships/${{ github.actor }}" | jq -r '.state == "active"'`
echo "authorized=$ORG_MEMBERSHIP" >> "$GITHUB_OUTPUT"
- id: validation
shell: bash
run: |
echo "Authorized user: ${{ steps.auth_check.outputs.authorized }}"
# If the user is not a member, require a member to approve the PR.
approval_required:
needs: known_user
environment:
${{
github.event_name == 'pull_request_target' &&
github.event.pull_request.head.repo.full_name != github.repository &&
(needs.known_user.outputs.is_member_of_org != 'true' || github.actor == 'dependabot[bot]') &&
'external' || 'internal'
}}
runs-on: ubuntu-latest
steps:
- run: true
build:
needs: approval_required
name: Build and analyze
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
ref: ${{ github.event.pull_request.head.sha }} # The GHA event will pull the main branch by default, and we must specify the PR reference version
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
cache: 'maven'
- name: Python 3.10, Python 3.11, Python 3.12 Setup
uses: actions/setup-python@v5
with:
python-version: |
3.10
3.11
3.12
cache: 'pip'
cache-dependency-path: |
**/setup.py
- name: Install tox
run:
pip install tox coverage pytest pytest-cov
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Build with Maven to measure code coverage # The ENV variables are limited to the scope of the current step. Avoid adding sensitive ENV variables here as the tests could leak them.
run: mvn -B clean install -Prun-code-coverage
- name: Get JaCoCo Agent
run: mvn org.apache.maven.plugins:maven-dependency-plugin:2.8:get -Dartifact=org.jacoco:org.jacoco.agent:0.8.11:jar:runtime -Ddest=target/jacocoagent.jar
- name: Run tox to measure timefold solver python code coverage from Python tests
run: python -m tox -- --cov=timefold --cov-report=xml:target/coverage.xml --cov-config=tox.ini --cov-branch --cov-append --jacoco-agent=./target/jacocoagent.jar
- name: Run tox to measure jpyinterpreter code coverage from Python tests
working-directory: ./python/jpyinterpreter
run: python -m tox -- --cov=jpyinterpreter --cov-report=xml:target/coverage.xml --cov-config=tox.ini --cov-branch --cov-append --jacoco-agent=../../target/jacocoagent.jar --jacoco-output=../../target/jacoco.exec
- name: Run analysis
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Needed to run the SonarCloud analysis
run: mvn -B -Psonarcloud-analysis validate org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.organization=timefold -Dsonar.projectKey=ai.timefold:timefold-solver -Dsonar.host.url=https://sonarcloud.io -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} -Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} -Dsonar.scm.revision=${{ github.event.pull_request.head.sha }}