-
Notifications
You must be signed in to change notification settings - Fork 1.6k
369 lines (363 loc) · 14 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
name: build
on:
pull_request: {}
push:
branches: [master, v2.dev, v3.dev]
permissions: read-all
env:
DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
ALLOWED_ENDPOINTS: >
*.actions.githubusercontent.com:443
api.adoptium.net:443
api.github.com:443
api.snapcraft.io:443
caffeine.gradle-enterprise.cloud:443
cdn.azul.com:443
cloudflare.com:443
docker.io:443
download.java.net:443
download.oracle.com:443
downloads.gradle.org:443
downloads.gradle-dn.com:443
gds.oracle.com:443
ghcr.io:443
github.com:443
jdk.java.net:443
jcenter.bintray.com:443
objects.githubusercontent.com:443
oss.sonatype.org:443
plugins.gradle.org:443
plugins-artifacts.gradle.org:443
raw.githubusercontent.com:443
registry.npmjs.org:443
repo.gradle.org:443
repo.maven.apache.org:443
repo1.maven.org:443
scans-in.gradle.com:443
services.gradle.org:443
schemastore.org:443
www.graalvm.org:443
PUBLISH_JDK: 11
EA_JDK: 24
jobs:
compile:
name: Compile
timeout-minutes: 15
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 11, 23, 24, GraalVM ]
env:
JAVA_VERSION: ${{ matrix.java }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Prepare GraalVM
if: env.JAVA_VERSION == 'GraalVM'
shell: bash
run: echo "GRADLE_ARGS=--no-build-cache" >> $GITHUB_ENV
- name: Compile
uses: ./.github/actions/run-gradle
with:
java: ${{ env.JAVA_VERSION }}
early-access: ${{ env.EA_JDK }}
token: ${{ secrets.GITHUB_TOKEN }}
arguments: check -x test ${{ env.GRADLE_ARGS }}
- name: Cancel if failed
uses: andymckay/cancel-action@a955d435292c0d409d104b57d8e78435a93a6ef1 # 0.5
continue-on-error: true
if: failure()
tests:
name: Tests
timeout-minutes: 60
runs-on: ubuntu-latest
needs: compile
strategy:
matrix:
suite:
- caffeine:weakKeysAndStrongValuesStatsAsyncCaffeineSlowTest
- caffeine:weakKeysAndStrongValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndSoftValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesStatsAsyncCaffeineTest
- caffeine:weakKeysAndWeakValuesStatsSyncCaffeineSlowTest
- caffeine:weakKeysAndSoftValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesStatsAsyncCaffeineTest
- caffeine:weakKeysAndStrongValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesAsyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesStatsSyncCaffeineTest
- caffeine:strongKeysAndSoftValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndSoftValuesSyncCaffeineSlowTest
- caffeine:weakKeysAndWeakValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndSoftValuesStatsSyncCaffeineTest
- caffeine:strongKeysAndStrongValuesAsyncCaffeineTest
- caffeine:weakKeysAndWeakValuesSyncCaffeineSlowTest
- caffeine:weakKeysAndSoftValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesAsyncCaffeineTest
- caffeine:weakKeysAndStrongValuesSyncCaffeineTest
- caffeine:strongKeysAndWeakValuesSyncCaffeineTest
- caffeine:strongKeysAndSoftValuesSyncCaffeineTest
- caffeine:weakKeysAndWeakValuesSyncCaffeineTest
- caffeine:weakKeysAndSoftValuesSyncCaffeineTest
- caffeine:lincheckTest
- caffeine:isolatedTest
- caffeine:junitTest
- simulator:check
- jcache:check
- guava:check
java: [ 11, 23 ]
include:
- suite: caffeine:weakKeysAndStrongValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndStrongValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndStrongValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesSyncGuavaTest
java: 11
- suite: caffeine:fuzzTest
java: 11
env:
JAVA_VERSION: ${{ matrix.java }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run tests (${{ env.JAVA_VERSION }})
uses: ./.github/actions/run-gradle
with:
java: ${{ env.JAVA_VERSION }}
arguments: ${{ matrix.suite }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Format Test Artifact Name
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
run: |
RAW_NAME=${{ matrix.suite }}-${{ env.JAVA_VERSION }}
ARTIFACT_NAME=$(echo $RAW_NAME | sed 's/:/-/g')
echo "ARTIFACT_NAME=$ARTIFACT_NAME" >> $GITHUB_ENV
- name: Compress test results
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
run: >
find . -path */jacoco/*.exec -o -path */results/*.xml
| tar czf ${{ env.ARTIFACT_NAME }}.tar.gz --files-from -
- name: Upload test results
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
with:
retention-days: 1
name: ${{ env.ARTIFACT_NAME }}-results
path: ${{ env.ARTIFACT_NAME }}.tar.gz
- name: Cancel if failed
uses: andymckay/cancel-action@a955d435292c0d409d104b57d8e78435a93a6ef1 # 0.5
continue-on-error: true
if: failure()
coverage:
name: Coverage
runs-on: ubuntu-latest
needs: tests
if: (github.event_name == 'push') && (github.event.repository.fork == false)
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
artifacts.codacy.com:443
api.codacy.com:443
app.deepsource.com:443
codecov.io:443
coveralls.io:443
deepsource.io:443
fastly.com:443
nodejs.org:443
raw.githubusercontent.com
sonarcloud.io:443
scanner.sonarcloud.io:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Download Tests Results
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Combine Jacoco Reports
uses: ./.github/actions/run-gradle
with:
arguments: check -x test
java: ${{ env.PUBLISH_JDK }}
- name: Publish to Coveralls
uses: ./.github/actions/run-gradle
env:
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
with:
arguments: coveralls
java: ${{ env.PUBLISH_JDK }}
continue-on-error: true
- name: Publish to Codecov
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Publish to Codacy
uses: codacy/codacy-coverage-reporter-action@89d6c85cfafaec52c72b6c5e8b2878d33104c699 # v1.3.0
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
continue-on-error: true
- name: Publish to DeepSource
env:
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }}
continue-on-error: true
run: |
curl https://deepsource.io/cli | sh
./bin/deepsource report --analyzer test-coverage --key java \
--value-file ./build/reports/jacoco/jacocoFullReport/jacocoFullReport.xml
- name: Publish to SonarQube
uses: ./.github/actions/run-gradle
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
java: ${{ env.PUBLISH_JDK }}
arguments: sonar -Dsonar.branch.name=${GITHUB_REF##*/}
continue-on-error: true
test-results:
name: Test Results
runs-on: ubuntu-latest
needs: tests
if: github.event_name == 'push'
permissions:
checks: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
badgen.net:443
- name: Download Tests
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Publish Test Results
uses: EnricoMi/publish-unit-test-result-action@82082dac68ad6a19d980f8ce817e108b9f496c2a # v2.17.1
continue-on-error: true
id: test-results
with:
json_thousands_separator: ','
junit_files: '**/TEST-*.xml'
comment_mode: off
ignore_runs: true
job_summary: true
- name: Create badge
id: test-badge
env:
LABEL: tests
COLOR: 31c653
STATUS: ${{ fromJSON(steps.test-results.outputs.json).formatted.stats.runs }}
continue-on-error: true
run: curl -s -f https://badgen.net/badge/${{env.LABEL}}/${{env.STATUS}}/${{env.COLOR}} > badge.svg
- name: Upload badge to Gist
uses: popsiclestick/gist-sync-action@88f8633178625914f2a01abf1a765f7272a580fa # v1.2.0
if: >
github.event.repository.fork == false
&& steps.test-badge.outcome == 'success'
&& endsWith(github.ref, github.event.repository.default_branch)
with:
gist_url: https://gist.githubusercontent.com/ben-manes/c20eb418f0e0bd6dfe1c25beb35faae4
auth: ${{ secrets.GIST_TOKEN }}
gist_description: Test Results
github_file: badge.svg
gist_title: badge.svg
publish-snapshot:
name: Publish Snapshot
runs-on: ubuntu-latest
needs: tests
if: >
github.event_name == 'push'
&& github.event.repository.fork == false
&& endsWith(github.ref, github.event.repository.default_branch)
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
checkerframework.org:443
docs.oracle.com:443
errorprone.info:443
lightbend.github.io:443
guava.dev:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Publish Snapshot
uses: ./.github/actions/run-gradle
env:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.NEXUS_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.NEXUS_PASSWORD }}
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
ORG_GRADLE_PROJECT_signingKeyId: ${{ secrets.OSSRH_GPG_SECRET_KEY_ID }}
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
with:
attempt-limit: 3
attempt-delay: 2
java: ${{ env.PUBLISH_JDK }}
token: ${{ secrets.GITHUB_TOKEN }}
arguments: publishToSonatype --no-configuration-cache