-
Notifications
You must be signed in to change notification settings - Fork 5
155 lines (148 loc) · 5.85 KB
/
main.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
name: CI
on: ["push"]
jobs:
build-and-push:
runs-on: ubuntu-latest
timeout-minutes: 80
environment: ${{ github.ref == 'refs/heads/master' && 'CD' || 'CI' }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
git rev-list --count --first-parent HEAD > patch_version.txt
- uses: coursier/[email protected]
with:
jvm: adopt:8
apps: sbt
- name: Compile
run: |
sbt -Dsbt.log.noformat=true +{,macroSub/,structType/}dependencyLockCheck
sbt +compile
- name: Run tests
env:
TEST_OIDC_READ_CLIENT_ID: ${{ secrets.TEST_OIDC_READ_CLIENT_ID }}
TEST_OIDC_READ_CLIENT_SECRET: ${{ secrets.TEST_OIDC_READ_CLIENT_SECRET }}
TEST_OIDC_READ_TENANT: ${{ secrets.TEST_OIDC_READ_TENANT }}
TEST_OIDC_READ_PROJECT: "publicdata"
TEST_CLIENT_ID: ${{ secrets.BLUEFIELD_CLIENT_ID }}
TEST_CLIENT_SECRET: ${{ secrets.BLUEFIELD_CLIENT_SECRET }}
TEST_AAD_TENANT: "b86328db-09aa-4f0e-9a03-0136f604d20a"
TEST_CLUSTER: "bluefield"
TEST_PROJECT: "extractor-bluefield-testing"
TEST_CLIENT_ID2: ${{ secrets.BLUEFIELD_CLIENT_ID }}
TEST_CLIENT_SECRET2: ${{ secrets.BLUEFIELD_CLIENT_SECRET }}
TEST_AAD_TENANT2: "b86328db-09aa-4f0e-9a03-0136f604d20a"
TEST_CLUSTER2: "api"
TEST_PROJECT2: "jetfiretest2"
run: |
TEST="test +Test/compile"
if [ ${{github.ref }} == "refs/heads/master" ]; then
TEST="+test"
fi
sbt -Dsbt.log.noformat=true scalafmtCheck coverage $TEST coverageReport
- name: Upload Test Report
uses: actions/upload-artifact@v4
if: always() # always run even if the previous step fails
with:
name: junit-test-results
path: 'target/test-reports/**/*.xml'
retention-days: 1
- name: Upload report to codecov.io
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: false
publish_jfrog:
runs-on: ubuntu-latest
timeout-minutes: 30
needs: build-and-push
if: github.ref == 'refs/heads/master'
environment: CD
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
git rev-list --count --first-parent HEAD > patch_version.txt
- name: Set up JDK 8
uses: coursier/[email protected]
with:
jvm: adopt:8
apps: sbt
- name: Build JAR file
run: |
LIB_PACKAGE="+library/package"
if [ ${{github.ref }} == "refs/heads/master" ]; then
LIB_PACKAGE="+fatJarShaded/assembly"
fi
- name: Check dependencies
run: |
sbt -Dsbt.log.noformat=true +{,macroSub/,structType/}dependencyLockCheck
- name: Install GPG & Sonatype credentials for SBT
env:
GPG_PUBLIC_KEY: ${{ secrets.SONATYPE_OSSRH_GPG_PUBLIC_KEY }}
GPG_PRIVATE_KEY: ${{ secrets.SONATYPE_OSSRH_GPG_PRIVATE_KEY }}
GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.SONATYPE_OSSRH_GPG_KEY_PASSPHRASE }}
run: |
set -x
echo "$GPG_PUBLIC_KEY" > public.key
gpg --import public.key
echo "$GPG_PRIVATE_KEY" > private.key
gpg --verbose --batch --import-options import-show --import private.key
mkdir -p ~/.sbt/gpg
echo "$GPG_PRIVATE_KEY_PASSPHRASE" | gpg --verbose --batch -a --export-secret-keys --pinentry-mode loopback --passphrase-fd 0 > ~/.sbt/gpg/secring.asc
- name: Deploy JAR
env:
GPG_KEY_PASSWORD: ${{ secrets.SONATYPE_OSSRH_GPG_KEY_PASSPHRASE }}
JFROG_USERNAME: ${{ secrets.ARTIFACTORY_PUBLISH_TOKEN_USER }}
JFROG_PASSWORD: ${{ secrets.ARTIFACTORY_PUBLISH_TOKEN }}
PUBLISH_TO_JFROG: "true"
run: |
sbt -Dsbt.log.noformat=true +fatJarShaded/publishSigned +structType/publishSigned +publishSigned
publish_sonatype:
runs-on: ubuntu-latest
timeout-minutes: 30
needs: build-and-push
if: github.ref == 'refs/heads/master'
environment: CD
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
git rev-list --count --first-parent HEAD > patch_version.txt
- name: Set up JDK 8
uses: coursier/[email protected]
with:
jvm: adopt:8
apps: sbt
- name: Build JAR file
run: |
LIB_PACKAGE="+library/package"
if [ ${{github.ref }} == "refs/heads/master" ]; then
LIB_PACKAGE="+fatJarShaded/assembly"
fi
- name: Check dependencies
run: |
sbt -Dsbt.log.noformat=true +{,macroSub/,structType/}dependencyLockCheck
- name: Install GPG & Sonatype credentials for SBT
env:
GPG_PUBLIC_KEY: ${{ secrets.SONATYPE_OSSRH_GPG_PUBLIC_KEY }}
GPG_PRIVATE_KEY: ${{ secrets.SONATYPE_OSSRH_GPG_PRIVATE_KEY }}
GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.SONATYPE_OSSRH_GPG_KEY_PASSPHRASE }}
run: |
set -x
echo "$GPG_PUBLIC_KEY" > public.key
gpg --import public.key
echo "$GPG_PRIVATE_KEY" > private.key
gpg --verbose --batch --import-options import-show --import private.key
mkdir -p ~/.sbt/gpg
echo "$GPG_PRIVATE_KEY_PASSPHRASE" | gpg --verbose --batch -a --export-secret-keys --pinentry-mode loopback --passphrase-fd 0 > ~/.sbt/gpg/secring.asc
- name: Deploy JAR
env:
GPG_KEY_PASSWORD: ${{ secrets.SONATYPE_OSSRH_GPG_KEY_PASSPHRASE }}
SONATYPE_USERNAME: ${{ secrets.SONATYPE_OSSRH_USER }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_OSSRH_PASSWORD }}
run: |
sbt -Dsbt.log.noformat=true +fatJarShaded/publishSigned +structType/publishSigned +publishSigned sonatypeReleaseAll