Skip to content

#493: nixified build #1291

#493: nixified build

#493: nixified build #1291

Workflow file for this run

name: Build
on:
workflow_dispatch:
inputs: {}
push:
branches: [ "develop" ]
tags: [ "v**" ]
pull_request:
branches: [ "develop" ]
jobs:
checksecret:
runs-on: ubuntu-latest
outputs:
HAVE_SECRETS: ${{ steps.checksecret_job.outputs.HAVE_SECRETS }}
steps:
- id: checksecret_job
env:
OPENSSL_IV: ${{ secrets.OPENSSL_IV }}
OPENSSL_KEY: ${{ secrets.OPENSSL_KEY }}
run: |
echo "HAVE_SECRETS=${{ env.OPENSSL_IV != '' && env.OPENSSL_KEY != '' }}" >> $GITHUB_OUTPUT
build:
runs-on: ubuntu-latest
needs: [ 'checksecret' ]
strategy:
fail-fast: false
matrix:
java: [ '11', '17' ] # scalac 3.2.2 doesn't work on jdk 21+
scala: [ '2.11', '2.12', '2.13', '3' ]
steps:
- uses: 7mind/github-env@minimal
- name: Build and Test
env:
SCALA_VERSION: ${{ matrix.scala }}
JAVA_VERSION: ${{ matrix.java }}
run: ./build.sh nix gen test
- uses: dorny/test-reporter@v1
if: (needs.checksecret.outputs.HAVE_SECRETS == 'true') && (success() || failure())
with:
name: Test reports (JDK ${{ matrix.java }}, Scala ${{ matrix.scala }})
path: '**/target/test-reports/TEST-*.xml'
reporter: java-junit
- name: Upload dependency graph
if: needs.checksecret.outputs.HAVE_SECRETS == 'true'
uses: scalacenter/sbt-dependency-submission@d3f139371479f7d3ca3db160b9b536cb4f9dcdd5
publish-artifacts:
runs-on: ubuntu-latest
# needs: [ 'build', 'checksecret' ]
needs: [ 'checksecret' ]
if: needs.checksecret.outputs.HAVE_SECRETS == 'true'
strategy:
matrix:
java: [ '17' ]
scala: [ '2.13' ]
steps:
- uses: 7mind/github-env@minimal
- name: Build and Publish to Sonatype
env:
JAVA_VERSION: ${{ matrix.java }}
OPENSSL_IV: ${{ secrets.OPENSSL_IV }}
OPENSSL_KEY: ${{ secrets.OPENSSL_KEY }}
SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
SCALA_VERSION: ${{ matrix.scala }}
run: |
if [[ "$GITHUB_REF" == refs/heads/develop || "$CI_BRANCH_TAG" =~ ^v.*$ ]] ; then
openssl aes-256-cbc -K ${OPENSSL_KEY} -iv ${OPENSSL_IV} -in secrets.tar.enc -out secrets.tar -d
tar xvf secrets.tar
ln -s .secrets/local.sbt local.sbt
rm ./.secrets/credentials.sonatype-nexus.properties
printf "%s\n" "realm=Sonatype Nexus Repository Manager" "host=oss.sonatype.org" "user=${SONATYPE_USERNAME}" "password=${SONATYPE_PASSWORD}" > ./.secrets/credentials.sonatype-nexus.properties
fi
./build.sh nix gen publish-scala
release-and-notify-docs:
name: Release and Notify Docs
runs-on: ubuntu-latest
continue-on-error: false
# needs: [ 'build', 'checksecret' ]
needs: [ 'checksecret' ]
#if: ${{ ((github.event_name == 'release') && (github.event.action == 'published')) || (github.event_name == 'workflow_dispatch') }}
strategy:
matrix:
java: [ '17' ]
scala: [ '2.13' ]
steps:
- uses: 7mind/github-env@minimal
- name: Publish Docs to NPM Registry
env:
JAVA_VERSION: ${{ matrix.java }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
SCALA_VERSION: ${{ matrix.scala }}
run: ./build.sh nix gen publish-ziodocs
- name: Notify the main repo about the new release of docs package
run: |
PACKAGE_NAME=$(cat docs/package.json | grep '"name"' | awk -F'"' '{print $4}')
PACKAGE_VERSION=$(npm view $PACKAGE_NAME version)
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: token ${{ secrets.PAT_TOKEN }}"\
https://api.github.com/repos/zio/zio/dispatches \
-d '{
"event_type":"update-docs",
"client_payload":{
"package_name":"'"${PACKAGE_NAME}"'",
"package_version": "'"${PACKAGE_VERSION}"'"
}
}'
all-good:
if: always()
runs-on: ubuntu-latest
needs: [ 'build' ]
steps:
- name: Decide whether the needed jobs succeeded or failed
uses: re-actors/alls-green@release/v1
with:
jobs: ${{ toJSON(needs) }}