Skip to content

deps: update github/codeql-action digest to df409f7 #14977

deps: update github/codeql-action digest to df409f7

deps: update github/codeql-action digest to df409f7 #14977

name: Build and Test
on:
pull_request:
branches:
- main
push:
branches:
- main
env:
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dkotest.assertions.multi-line-diff=unified -Dkotest.tags=!ExpensiveTag
REGISTRY: ghcr.io
TEST_IMAGE_TAG: ort:test
jobs:
build:
strategy:
matrix:
os: [ubuntu-24.04, windows-2022]
runs-on: ${{ matrix.os }}
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup Java
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
- name: Build all classes
run: ./gradlew classes
codeql-analysis:
needs: build
runs-on: ubuntu-24.04
permissions:
# Needed for SARIF scanning upload.
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Initialize CodeQL
uses: github/codeql-action/init@8a93837afdf1873301a68d777844b43e98cd4313 # v3
with:
languages: java
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
- name: Build all classes
run: ./gradlew -Dorg.gradle.jvmargs=-Xmx1g --no-build-cache classes
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8a93837afdf1873301a68d777844b43e98cd4313 # v3
test:
strategy:
matrix:
os: [ubuntu-24.04, windows-2022]
runs-on: ${{ matrix.os }}
needs: build
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup Java
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
- name: Run unit tests
run: ./gradlew --scan test jacocoTestReport
- name: Create Test Summary
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: test-${{ matrix.os }}
funTest-non-docker:
needs: build
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
submodules: recursive
- name: Set tool version environment variables
run: sed "s/^ARG //" docker/versions.dockerfile >> $GITHUB_ENV
- name: Install required tools
run: |
# Uninstall mono-devel because it contains the "lc" command which conflicts with BoyterLc.
sudo apt-get -qq remove mono-devel
# Install git-repo.
mkdir -p $HOME/.local/bin
curl https://storage.googleapis.com/git-repo-downloads/repo -o $HOME/.local/bin/repo
chmod a+x $HOME/.local/bin/repo
# Install Askalono for functional tests.
curl -LOs https://github.com/amzn/askalono/releases/download/$ASKALONO_VERSION/askalono-Linux.zip
unzip askalono-Linux.zip -d $HOME/.local/bin
# Install Boyter Lc for functional tests.
curl -LOs https://github.com/boyter/lc/releases/download/v$BOYTERLC_VERSION/lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip
unzip lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip -d $HOME/.local/bin
# Install Licensee for functional tests.
echo "gem: --bindir $HOME/.local/bin" > $HOME/.gemrc
gem install --user-install licensee -v $LICENSEE_VERSION
# Install ScanCode for license texts.
curl -Os https://raw.githubusercontent.com/nexB/scancode-toolkit/v$SCANCODE_VERSION/requirements.txt
pipx install --pip-args="--no-cache-dir --constraint requirements.txt" scancode-toolkit==$SCANCODE_VERSION
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
- name: Run functional tests that do not require external tools
run: ./gradlew --scan -Ptests.exclude=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport
- name: Create Test Summary
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: funTest-non-docker
funTest-docker:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
submodules: recursive
- name: Free Disk Space
uses: ./.github/actions/free-disk-space
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
- name: Build ORT Docker Image
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6
with:
context: .
load: true
tags: ${{ env.TEST_IMAGE_TAG }}
target: all-tools
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort:cache
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
- name: Run functional tests that do require external tools
run: |
# Run the functional tests in the Docker container.
docker run \
-u $(id -u):$(id -g) \
-v /etc/group:/etc/group:ro \
-v /etc/passwd:/etc/passwd:ro \
-v /home/runner:/home/runner \
-v ${{ github.workspace }}:/workspace \
-w /workspace \
-e HOME=/home/runner \
-e GRADLE_OPTS="$GRADLE_OPTS" \
${{ env.TEST_IMAGE_TAG }} \
-c "./gradlew --scan -Ptests.include=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport"
- name: Create Test Summary
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: "**/test-results/**/TEST-*.xml"
if: always()
- name: Upload code coverage data
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: funTest-docker