Headless release #7398

Workflow file for this run

	name: Nextflow CI
	# read more here: https://help.github.com/en/articles/workflow-syntax-for-github-actions#on

	# Note: We don't use the `on: path` option for docs,
	# because the Build steps are required tests.
	# Instead, we trigger + skip the tests if the only changes
	# are in the docs folder. GitHub treats this as passing.

	on:
	push:
	branches:
	- 'master'
	- 'test*'
	- 'dev*'
	- 'STABLE-*'
	pull_request:
	types: [opened, reopened, synchronize]
	workflow_dispatch:

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest
	timeout-minutes: 90
	strategy:
	fail-fast: false
	matrix:
	java_version: [17, 23]

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 1
	submodules: true

	- name: Get the commit message
	id: get_commit_message
	run: \|
	if [ "${{ github.event_name }}" = "pull_request" ]; then
	echo "GitHub event=pull_request"
	COMMIT_SHA=${{ github.event.pull_request.head.sha }}
	COMMIT_MESSAGE=$(curl -s \
	-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
	https://api.github.com/repos/${{ github.repository }}/commits/$COMMIT_SHA \| jq -r '.commit.message')
	echo "Commit message=$COMMIT_MESSAGE" \| head -n 1
	echo "commit_message=$COMMIT_MESSAGE" \| head -n 1 >> $GITHUB_OUTPUT
	else
	echo "GitHub event=${{ github.event_name }}"
	echo "Commit message=${{ github.event.head_commit.message }}" \| head -n 1
	echo "commit_message=${{ github.event.head_commit.message }}" \| head -n 1 >> $GITHUB_OUTPUT
	fi

	- name: Get changed files
	id: changed-files
	uses: tj-actions/changed-files@v43
	with:
	files_ignore: docs/**

	- name: List all changed files
	env:
	ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
	run: \|
	for file in ${ALL_CHANGED_FILES}; do
	echo "$file was changed"
	done

	- name: Setup env
	if: steps.changed-files.outputs.any_changed == 'true'
	run: \|
	rm -f $HOME/.gitconfig;
	mkdir -p "$HOME/.nextflow";
	echo "providers.github.auth='$NXF_GITHUB_ACCESS_TOKEN'" > "$HOME/.nextflow/scm"
	env:
	NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}

	- name: Setup Java ${{ matrix.java_version }}
	if: steps.changed-files.outputs.any_changed == 'true'
	uses: actions/setup-java@v4
	with:
	java-version: ${{matrix.java_version}}
	distribution: 'temurin'
	architecture: x64
	cache: gradle

	- name: Compile
	if: steps.changed-files.outputs.any_changed == 'true'
	run: make assemble

	- name: Test
	if: steps.changed-files.outputs.any_changed == 'true'
	run: \|
	env \| sort
	# configure test env
	if [[ "$GOOGLE_SECRET" ]]; then
	echo $GOOGLE_SECRET \| base64 -d > $PWD/google_credentials.json
	export GOOGLE_APPLICATION_CREDENTIALS=$PWD/google_credentials.json
	fi
	# run tests
	make test
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	NXF_BITBUCKET_ACCESS_TOKEN: ${{ secrets.NXF_BITBUCKET_ACCESS_TOKEN }}
	NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
	NXF_GITLAB_ACCESS_TOKEN: ${{ secrets.NXF_GITLAB_ACCESS_TOKEN }}
	NXF_AZURE_REPOS_TOKEN: ${{ secrets.NXF_AZURE_REPOS_TOKEN }}
	GOOGLE_SECRET: ${{ secrets.GOOGLE_SECRET }}
	AZURE_STORAGE_ACCOUNT_NAME: nfazurestore
	AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
	AZURE_BATCH_ACCOUNT_NAME: nfbatchtest
	AZURE_BATCH_ACCOUNT_KEY: ${{ secrets.AZURE_BATCH_ACCOUNT_KEY }}

	- name: Publish tests report
	uses: actions/upload-artifact@v4
	if: steps.changed-files.outputs.any_changed == 'true' && always()
	with:
	name: report-unit-tests-jdk-${{ matrix.java_version }}
	path: \|
	**/build/reports/tests/test

	outputs:
	any_changed: ${{ steps.changed-files.outputs.any_changed }}
	commit_message: ${{ steps.get_commit_message.outputs.commit_message }}

	test:
	if: ${{ !contains(needs.build.outputs.commit_message, '[ci fast]') && needs.build.outputs.any_changed == 'true' }}
	needs: build
	runs-on: ubuntu-latest
	timeout-minutes: 90
	strategy:
	fail-fast: false
	matrix:
	java_version: [17, 23]
	test_mode: ["test_integration", "test_docs", "test_aws", "test_azure", "test_google", "test_wave"]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 1
	submodules: true

	- name: Setup env
	run: \|
	rm -f $HOME/.gitconfig;
	mkdir -p "$HOME/.nextflow";
	echo "providers.github.auth='$NXF_GITHUB_ACCESS_TOKEN'" > "$HOME/.nextflow/scm"
	env:
	NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}

	- name: Setup Java ${{ matrix.java_version }}
	uses: actions/setup-java@v4
	with:
	java-version: ${{matrix.java_version}}
	distribution: 'temurin'
	architecture: x64
	cache: gradle

	- name: Run tests
	run: \|
	env \| sort
	# configure test env
	if [[ "$GOOGLE_SECRET" ]]; then
	echo $GOOGLE_SECRET \| base64 -d > $PWD/google_credentials.json
	export GOOGLE_APPLICATION_CREDENTIALS=$PWD/google_credentials.json
	fi
	cat $HOME/.nextflow/scm
	make clean assemble install
	bash test-ci.sh
	env:
	TEST_JDK: ${{ matrix.java_version }}
	TEST_MODE: ${{ matrix.test_mode }}
	GRADLE_OPTS: '-Dorg.gradle.daemon=false'
	TOWER_ACCESS_TOKEN: ${{ secrets.TOWER_ACCESS_TOKEN }}
	AWS_DEFAULT_REGION: eu-west-1
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	NXF_BITBUCKET_ACCESS_TOKEN: ${{ secrets.NXF_BITBUCKET_ACCESS_TOKEN }}
	NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
	NXF_GITLAB_ACCESS_TOKEN: ${{ secrets.NXF_GITLAB_ACCESS_TOKEN }}
	NXF_AZURE_REPOS_TOKEN: ${{ secrets.NXF_AZURE_REPOS_TOKEN }}
	GOOGLE_SECRET: ${{ secrets.GOOGLE_SECRET }}
	AZURE_STORAGE_ACCOUNT_NAME: nfazurestore
	AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
	AZURE_BATCH_ACCOUNT_NAME: nfbatchtest
	AZURE_BATCH_ACCOUNT_KEY: ${{ secrets.AZURE_BATCH_ACCOUNT_KEY }}

	- name: Tar integration tests
	if: always()
	run: tar -cvf integration-tests.tar tests/checks

	- name: Publish tests report
	uses: actions/upload-artifact@v4
	if: always()
	with:
	name: report-${{ matrix.test_mode }}-jdk-${{ matrix.java_version }}
	path: \|
	validation/*/
	validation/*/.
	integration-tests.tar

	test-e2e:
	if: ${{ contains(needs.build.outputs.commit_message,'[e2e stage]') \|\| contains(needs.build.outputs.commit_message,'[e2e prod]') }}
	needs: build
	runs-on: ubuntu-latest
	timeout-minutes: 10
	permissions:
	actions: write # Allow writing to actions
	contents: write # Allow writing to repository contents
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 1
	submodules: true

	- name: Setup Java 17
	uses: actions/setup-java@v4
	with:
	java-version: 17
	distribution: 'temurin'
	architecture: x64
	cache: gradle

	- name: Setup env
	run: \|
	wget -q -O wave https://github.com/seqeralabs/wave-cli/releases/download/v1.4.1/wave-1.4.1-linux-x86_64
	chmod +x wave
	mv wave /usr/local/bin/
	echo "COMMIT_MESSAGE=\"${{ needs.build.outputs.commit_message }}\"" >> $GITHUB_ENV

	- name : Docker Login to Seqera public CR
	uses : docker/login-action@v3
	with :
	registry : "public.cr.seqera.io"
	username : "public-cr-admin"
	password : ${{ secrets.SEQERA_PUBLIC_CR_PASSWORD }}

	- name: Launch tests
	run: \|
	cd test-e2e
	bash run.sh
	env:
	GITHUB_TOKEN: ${{ secrets.AUTOMATION_GITHUB_TOKEN }}
	GRADLE_OPTS: '-Dorg.gradle.daemon=false'

	# --------------------------------------------------
	# job: release
	# --------------------------------------------------
	release:
	name: Release
	if: ${{ contains(needs.build.outputs.commit_message,'[release]') }}
	runs-on: ubuntu-latest
	needs: build
	timeout-minutes: 10
	steps:
	# setup steps
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 1
	submodules: true

	- name: Setup Java
	uses: actions/setup-java@v4
	with:
	java-version: 17
	distribution: 'temurin'
	architecture: x64

	- name: Setup AWS
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: eu-west-1
	aws-access-key-id: ${{ secrets.AWS_DEPLOY_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_DEPLOY_SECRET_ACCESS_KEY }}

	- name: Login to Docker hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_HUB_ID }}
	password: ${{ secrets.DOCKER_HUB_PASSWORD }}

	- name: Login to Seqera registry
	uses: docker/login-action@v3
	with:
	registry: ${{ vars.SEQERA_PUBLIC_CR_URL }}
	username: ${{ secrets.SEQERA_PUBLIC_CR_USER }}
	password: ${{ secrets.SEQERA_PUBLIC_CR_PASSWORD }}

	# release step
	- name: Release
	run: bash .github/scripts/release.sh
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_DEPLOY_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_DEPLOY_SECRET_ACCESS_KEY }}
	GH_ORG: ${{ vars.PLUGINS_GITHUB_ORG }}
	GH_USER: ${{ vars.DEPLOY_GITHUB_USER }}
	GH_USER_EMAIL: ${{ vars.DEPLOY_GITHUB_EMAIL }}
	GH_TOKEN: ${{ secrets.DEPLOY_GITHUB_TOKEN }}
	MAVEN_PUBLISH_URL: ${{ vars.MAVEN_PLUGINS_PUBLISH_URL }}
	PLUGINS_INDEX_JSON: ${{ vars.PLUGINS_INDEX_JSON }}
	S3_RELEASE_BUCKET: ${{ vars.S3_RELEASE_BUCKET }}
	SEQERA_REGISTRY: ${{ vars.SEQERA_PUBLIC_CR_URL }}

	# upload steps
	- name: Upload artifacts (libs)
	uses: actions/upload-artifact@v4
	with:
	retention-days: 3
	name: libs
	path: modules/*/build/libs/

	- name: Upload artifacts (distribution)
	uses: actions/upload-artifact@v4
	with:
	retention-days: 3
	name: distribution
	path: build/releases/

	- name: Upload artifacts (plugins)
	uses: actions/upload-artifact@v4
	with:
	retention-days: 3
	compression-level: 0
	name: plugins
	path: \|
	plugins/build/libs/
	plugins/*/build/libs/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Headless release #7398

Workflow file

Headless release #7398

Jobs

Run details

Workflow file for this run