Skip to content

Initial defaults work #2164

Initial defaults work

Initial defaults work #2164

Workflow file for this run

name: CI
env:
JDK_JAVA_OPTIONS: -XX:+PrintCommandLineFlags -Xss10M # JDK_JAVA_OPTIONS is _the_ env. variable to use for modern Java
JVM_OPTS: -XX:+PrintCommandLineFlags -Xss10M # for Java 8 only (sadly, it is not modern enough for JDK_JAVA_OPTIONS)
SonatypeUrl: "https://finos.sonatype.app/platform/"
SonatypeAppId: morphir-scala
SonatypeStage: "build"
SonatypeScanTarget: "." # depCache/coursier/v1/https/repo1.maven.org/maven2/
ExcludeDirectory: " -D fileExcludes='*.class, **/website/, **/docs/, **/.*' "
on:
pull_request:
push:
branches: ["main", "0.4.x"]
release:
types:
- published
workflow_dispatch:
# cancel older runs of a pull request;
# this will not cancel anything for normal git pushes
concurrency:
group: cancel-old-pr-runs-${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
lint:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout current branch
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Scala and Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "17"
- name: Cache scala dependencies
uses: coursier/cache-action@v6
- name: Setup proto and moon toolchains
uses: moonrepo/setup-toolchain@v0.3.1
with:
auto-install: true
- name: Install tooling
run: |
./build.sh install
- name: Lint code
run: ./build.sh lint
test-js:
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
java: ["11"] # Note there is no need ro actually run this for multiple JVM versions for JS
scala: ["3.3.3"]
steps:
- name: Checkout current branch
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
- name: Install morphir-elm
run: |
npm install -g morphir-elm
- name: Setup Scala and Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: ${{ matrix.java }}
- name: Cache scala dependencies
uses: coursier/cache-action@v6
- name: Run JS tests
run: |
./mill -i -k -j 0 "morphir[${{matrix.scala}}].__.js.__.compile" + "morphir[${{matrix.scala}}].__.js.publishArtifacts" + "morphir[${{matrix.scala}}].__.js.__.test"
- name: Cache JS build output
# when in master repo: all commits to main branch and all additional tags
if: (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/0.4.x') || ((github.ref != 'refs/heads/main' && github.ref != 'refs/heads/0.4.x') && startsWith( github.ref, 'refs/tags/') )
uses: actions/cache/save@v4
with:
path: |
out/morphir/${{matrix.scala}}/**/js/
key: ${{ runner.os }}-mill-js-${{matrix.java}}-${{ matrix.scala }}-${{ github.sha}}-${{ hashFiles('out') }}
test-jvm:
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
java: ["11", "17"]
scala: ["3.3.3"]
steps:
- name: Checkout current branch
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
- name: Install morphir-elm
run: |
npm install -g morphir-elm
- name: Setup Scala and Java
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: ${{ matrix.java }}
- name: Cache scala dependencies
uses: coursier/cache-action@v6
- name: Setup proto and moon toolchains
uses: moonrepo/setup-toolchain@v0.3.1
with:
auto-install: true
- name: Install tooling
run: |
./build.sh install
- name: Make Morphir IR
run: |
./build.sh run :morphir-elm-build
- name: Run JVM tests
run: |
./build.sh --scala-version ${{matrix.scala}} test-jvm
- name: Cache JVM build output
# when in master repo: all commits to main branch and all additional tags
if: (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/0.4.x') || ((github.ref != 'refs/heads/main' && github.ref != 'refs/heads/0.4.x') && startsWith( github.ref, 'refs/tags/') )
uses: actions/cache/save@v4
with:
path: |
out/morphir/${{matrix.scala}}/**/jvm/
out/morphir/build/
key: ${{ runner.os }}-mill-jvm-${{matrix.java}}-${{ matrix.scala }}-${{ github.sha }}-${{ hashFiles('out') }}
############### SONATYPE SCAN ###############
sonatype-scan:
if: github.repository_owner == 'finos'
needs: [ci]
runs-on: ubuntu-latest
steps:
- name: Cache scala dependencies
uses: coursier/cache-action@v6
- name: Get OUT cache
uses: actions/cache/restore@v4
with:
path: out/
key: ${{ runner.os }}-*
- name: Copy Cache for SCA Scan
run: |
mkdir depCache/ #Create local copy of cache for Sonatype Scanner
cp -r /home/runner/.cache/coursier/ depCache/
# - name: Save resolvedIvyDeps.json
# run: ./mill show __.resolvedIvyDeps > depCache/resolvedIvyDeps.json
# - name: Upload Dependency Cache (optional)
# uses: actions/upload-artifact@v4
# with:
# name: Dependency Cache
# path: depCache/
- name: Sonatype Lifecycle SCA Scan
uses: sonatype-nexus-community/iq-github-action@main
with:
username: ${{ secrets.SONATYPE_USER }}
password: ${{ secrets.SONATYPE_PASSWORD }}
serverUrl: ${{ env.SonatypeUrl }}
applicationId: ${{ env.SonatypeAppId }}
stage: ${{ env.SonatypeStage }}
target: ${{ env.SonatypeScanTarget }} ${{ env.ExcludeDirectory }}
- name: Retrieve Sonatype SBOM (SPDX)
if: always()
run: |
mkdir reports/
iqCredentials="${{ secrets.SONATYPE_USER }}:${{ secrets.SONATYPE_PASSWORD }}"
echo 'Get internal app ID for public ID: '$SonatypeAppId
res=$(curl -u $iqCredentials --location $SonatypeUrl'api/v2/applications?publicId='$SonatypeAppId)
IFS='"' read -a array <<< "$res"
echo 'Internal app ID: '${array[5]}
internalID=${array[5]}
curl -u $iqCredentials --location $SonatypeUrl'api/v2/spdx/'$internalID'/stages/'$SonatypeStage -H 'Accept: application/xml' > reports/$SonatypeAppId.spdx.json
echo 'Sonatype SBOM (SPDX): '
cat reports/$SonatypeAppId.spdx.json
- name: Upload Sonatype SBOM (SPDX)
if: always()
uses: actions/upload-artifact@v4
with:
name: ${{ env.SonatypeAppId }} Sonatype SBOM (SPDX)
path: reports/
#############################################
publish:
# when in master repo: all commits to main branch and all additional tags
if: github.repository == 'finos/morphir-scala' && ( github.ref == 'refs/heads/main' || github.ref == 'refs/head/0.4.x' || (github.ref != 'refs/heads/main' && github.ref != 'refs/heads/0.4.x' && startsWith( github.ref, 'refs/tags/') ) )
needs: [ci]
runs-on: ubuntu-latest
# only run one publish job for the same sha at the same time
# e.g. when a main-branch push is also tagged
concurrency: publish-sonatype-${{ github.sha }}
env:
PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
PGP_SECRET: ${{ secrets.PGP_SECRET_BASE64 }}
SONATYPE_PASSWORD: ${{ secrets.ORG_MORPHIR_MAVEN_DEPLOY_PASSWORD }}
SONATYPE_USERNAME: ${{ secrets.ORG_MORPHIR_MAVEN_DEPLOY_USERNAME }}
PUBLISH_AS_SNAPSHOT: true
LANG: "en_US.UTF-8"
LC_MESSAGES: "en_US.UTF-8"
LC_ALL: "en_US.UTF-8"
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version-file: ".nvmrc"
- name: Install morphir-elm
run: |
npm install -g morphir-elm
- uses: actions/setup-java@v4
with:
java-version: "11"
distribution: temurin
- name: Cache scala dependencies
uses: coursier/cache-action@v6
- name: Install libuv
run: sudo apt-get update && sudo apt-get install -y libuv1-dev
- name: Restore Scala 3.3 JVM Build Output From Cache
uses: actions/cache/restore@v4
with:
path: |
out/morphir/3.3.3/**/jvm/
key: ${{ runner.os }}-mill-jvm-11-3.3.3-${{ github.sha }}-${{ hashFiles('out') }}
restore-keys: ${{ runner.os }}-mill-jvm-11-3.3.3-${{ github.sha }}-
- name: Restore Scala 3.3 JS Build Output From Cache
uses: actions/cache/restore@v4
with:
path: |
out/morphir/3.3.3/**/js/
key: ${{ runner.os }}-mill-js-11-3.3.3-${{ github.sha }}-${{ hashFiles('out') }}
restore-keys: ${{ runner.os }}-mill-js-11-3.3.3-${{ github.sha }}-
- name: Setup GPG
run: .github/scripts/gpg-setup.sh
- name: Wrap GPG binary
run: .github/scripts/wrap-gpg.sh
- name: Release
run: ./mill -i ci.publishSonatype __.publishArtifacts
ci:
runs-on: ubuntu-latest
needs: [lint, test-js, test-jvm]
steps:
- name: Aggregate of lint, and all tests
run: echo "ci passed"