Fix token refresh mechanism which doesn't work correctly (#8126) #15919
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Java project with Maven | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven | |
| name: Java CI with Maven | |
| env: | |
| PROFILES: frankframework,codecoverage,ci | |
| USE_PROPRIETARY: ${{ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.owner.login == 'frankframework') && github.actor != 'dependabot[bot]' }} | |
| BRANCH_NAME: ${{ github.head_ref || github.ref_name }} | |
| MAVEN_GOALS: verify | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - '[0-9]+.[0-9]+-release' | |
| - 'release/[0-9]+.[0-9]+' | |
| paths-ignore: | |
| - "**.md" | |
| - "**.yml" | |
| - "**.txt" | |
| - "**.png" | |
| - "**.toml" | |
| - ".github/**" | |
| - "!.github/workflows/maven-build.yml" | |
| - "docker/**" | |
| pull_request: | |
| branches: | |
| - master | |
| - '[0-9]+.[0-9]+-release' | |
| - 'release/[0-9]+.[0-9]+' | |
| paths-ignore: | |
| - "**.md" | |
| - "**.yml" | |
| - "**.txt" | |
| - "**.png" | |
| - "**.toml" | |
| - ".github/**" | |
| - "!.github/workflows/maven-build.yml" | |
| - "docker/**" | |
| jobs: | |
| build-maven-artifacts: | |
| name: Build and Test Maven Artifacts | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| java: [ '17', '21' ] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| # Number of commits to fetch. 0 indicates all history for all branches and tags. | |
| # Required for SonarCloud | |
| fetch-depth: 0 | |
| - name: Create cached directories | |
| run: | | |
| mkdir -p ~/.m2/repository | |
| mkdir -p ~/.sonar/cache | |
| mkdir -p console/frontend/src/main/frontend/node_modules | |
| - name: Restore cached directories | |
| uses: actions/cache/restore@v4 | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.sonar/cache | |
| console/frontend/src/main/frontend/node_modules | |
| key: project-cache- | |
| - name: Set up JDK ${{ matrix.java }} | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ matrix.java }} | |
| - name: Set up Node.js 20.x | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20.x | |
| - name: Create Maven settings.xml file | |
| if: ${{ env.USE_PROPRIETARY == 'true' }} | |
| uses: s4u/maven-settings-action@v2.8.0 | |
| with: | |
| servers: '[{"id": "proprietary", "username": "${{ secrets.CI_USER }}", "password": "${{ secrets.CI_PASS }}"}]' | |
| - name: Update Maven profiles | |
| if: ${{ env.USE_PROPRIETARY == 'true' }} | |
| run: | | |
| echo "PROFILES=${{ env.PROFILES }},proprietary" >> $GITHUB_ENV | |
| - name: FrankDoc only on Java 17 | |
| if: ${{ matrix.java == '17' }} | |
| run: | | |
| echo "PROFILES=${{ env.PROFILES }},attachFrankDoc" >> $GITHUB_ENV | |
| # Secrets are not available when commits are made by Dependabot or from GH forks | |
| - name: Update environment to run on SonarSource when JDK 17 | |
| if: ${{ matrix.java == '17' && env.USE_PROPRIETARY == 'true' }} | |
| run: | | |
| echo "MAVEN_GOALS=${{ env.MAVEN_GOALS }} org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" >> $GITHUB_ENV | |
| # Use Maven Wrapper, so we can build with an older version of Maven, see PR #4579. | |
| - name: Build with Maven | |
| env: | |
| CI_SERVICE: GITHUB | |
| TZ: Europe/Amsterdam | |
| JAVA_OPTS: "-Xms1G -XX:+UseParallelGC" | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # SonarCloud | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # SonarCloud | |
| run: ./mvnw -B -V -T1 ${{env.MAVEN_GOALS}} -P${{env.PROFILES}} -Dsonar.projectKey=ibissource_iaf | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| continue-on-error: true #ignore failure when unable to upload the artifacts | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Upload coverage to Codacy when Java == 17 | |
| if: ${{ matrix.java == '17' && env.USE_PROPRIETARY == 'true' }} | |
| uses: codacy/codacy-coverage-reporter-action@v1 | |
| continue-on-error: true #ignore failure when unable to upload the artifacts | |
| with: | |
| project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} | |
| - name: Store Test Results | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: java${{ matrix.java }}_Surefire | |
| path: ${{ github.workspace }}/*/target/surefire-reports/* | |
| - name: Store FrankDoc XSD | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: java${{ matrix.java }}_FrankDoc | |
| path: ${{ github.workspace }}/target/frankdoc/xml/xsd/*.xsd | |
| - name: Print commit sha | |
| shell: bash | |
| env: | |
| COMMIT_SHA: ${{ github.event.pull_request.head.sha }} | |
| run: | | |
| echo "sha: $COMMIT_SHA" | |
| - name: Call [Compare Frank!Doc] workflow | |
| uses: benc-uk/workflow-dispatch@v1 | |
| if: ${{ matrix.java == '8' && github.event_name == 'pull_request_disabled'}} | |
| with: | |
| workflow: Compare FrankDoc | |
| token: ${{ secrets.PAT }} | |
| inputs: '{"target": "${{ github.event.pull_request.head.sha }}"}' | |
| - name: Save cached directories | |
| uses: actions/cache/save@v4 | |
| if: | | |
| always() && | |
| (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/[0-9]+.[0-9]+-release')) | |
| with: | |
| path: | | |
| ~/.m2/repository | |
| ~/.sonar/cache | |
| console/frontend/src/main/frontend/node_modules | |
| key: project-cache-${{ github.run_id }}-${{ github.run_attempt }} |