Skip to content

bump github actions to v4 #269

bump github actions to v4

bump github actions to v4 #269

Workflow file for this run

name: Wave-cli builds
on:
push:
branches:
- '*'
- '!refs/tags/.*'
tags-ignore:
- '*'
pull_request:
types: [opened, reopened, synchronize]
branches:
- '*'
- '!refs/tags/.*'
tags-ignore:
- '*'
jobs:
build:
name: Wave on ${{ matrix.os }}
if: "!contains(github.event.head_commit.message, '[skip ci]')"
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, macos-latest-xlarge, windows-latest]
include:
- os: ubuntu-latest
fatjar: true
musl: true
- os: macos-latest
codesign: true
- os: macos-latest-xlarge
codesign: true
steps:
- name: Environment
run: env | sort
- uses: actions/checkout@v4
- uses: graalvm/setup-graalvm@v1
if: ${{ matrix.musl }}
with:
java-version: '21'
github-token: ${{ secrets.GITHUB_TOKEN }}
native-image-job-reports: 'true'
native-image-musl: 'true'
- uses: graalvm/setup-graalvm@v1
if: ${{ !matrix.musl }}
with:
java-version: '21'
github-token: ${{ secrets.GITHUB_TOKEN }}
native-image-job-reports: 'true'
- name: Run tests
run: |
./gradlew test
- name: Build fat JAR
if: ${{ matrix.fatjar }}
run: ./gradlew shadowJar
- name: Upload fat JAR artifact
if: ${{ matrix.fatjar }}
uses: actions/upload-artifact@v4
with:
name: wave_jar
path: ./app/build/libs/wave.jar
- name: Build static native
if: ${{ matrix.musl }}
run: ./gradlew app:nativeCompile
env:
PLATFORM: linux-x86_64
- name: Build native
if: ${{ !matrix.musl }}
run: ./gradlew app:nativeCompile
- name: Codesign binary
if: ${{ matrix.codesign && contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'}}
env:
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }}
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
MACOS_CERTIFICATE_NAME: ${{ secrets.MACOS_CERTIFICATE_NAME }}
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.MACOS_CI_KEYCHAIN_PWD }}
run: |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12
security create-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
security import certificate.p12 -k build.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" build.keychain
/usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" --options runtime ./app/build/native/nativeCompile/wave -v
- name: Notarize binary
if: ${{ matrix.codesign && contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'}}
env:
MACOS_AC_API_CERT: ${{ secrets.MACOS_AC_API_CERT }}
MACOS_AC_API_ISSUER_ID: ${{ secrets.MACOS_AC_API_ISSUER_ID }}
MACOS_AC_API_KEY_ID: ${{ secrets.MACOS_AC_API_KEY_ID }}
run: |
echo $MACOS_AC_API_CERT | base64 --decode > AuthKey.p8
xcrun notarytool store-credentials "notarytool-profile" -k AuthKey.p8 -d "$MACOS_AC_API_KEY_ID" -i "$MACOS_AC_API_ISSUER_ID"
ditto -c -k --keepParent "./app/build/native/nativeCompile/wave" "notarization.zip"
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait
- name: Upload Binary
uses: actions/upload-artifact@v4
with:
name: nativeCompile-${{ matrix.os }}
path: ./app/build/native/nativeCompile
- name: Publish tests report
if: failure()
uses: actions/upload-artifact@v4
with:
name: test-reports-jdk-${{ matrix.java_version }}
path: |
**/build/reports/tests/test
release:
name: Release
if: "contains(github.event.head_commit.message, '[release]') && github.event.ref=='refs/heads/master'"
needs: [ build ]
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download all build artifacts
uses: actions/download-artifact@v2
- name: Setup Java for JReleaser
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'adopt'
- name: Version
id: version
run: |
VERSION=$(cat ./VERSION)
echo "VERSION=$VERSION"
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
- name: Run JReleaser
uses: jreleaser/release-action@v2
env:
JRELEASER_GITHUB_TOKEN: ${{ secrets.JRELEASER_GITHUB_TOKEN }}
JRELEASER_PROJECT_VERSION: ${{ steps.version.outputs.VERSION }}
- name: JReleaser release output
if: always()
uses: actions/upload-artifact@v4
with:
name: jreleaser-release
path: |
out/jreleaser/trace.log
out/jreleaser/output.properties
...