Skip to content

build: simplify GitHub Pages deployment #406

build: simplify GitHub Pages deployment

build: simplify GitHub Pages deployment #406

Workflow file for this run

# SPDX-FileCopyrightText: 2021-2024 The Refinery Authors
#
# SPDX-License-Identifier: EPL-2.0
name: Build
on:
push:
branches:
- '**'
- '!gh-pages'
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: Build
permissions:
contents: read
strategy:
matrix:
os:
- ubuntu-24.04
- ubuntu-22.04
- ubuntu-20.04
- windows-2022
- macos-13 # Intel
- macos-14 # ARM
runs-on: ${{ matrix.os }}
steps:
- name: Check for Sonar secret
id: check-secret
if: ${{ matrix.os == 'ubuntu-20.04' }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
if [ "${SONAR_TOKEN}" != '' ]; then
echo 'is_SONAR_TOKEN_set=true' >> $GITHUB_OUTPUT
fi
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: 21
distribution: corretto
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: ${{ !steps.check-secret.outputs.is_SONAR_TOKEN_set && 1 || 0 }} # Shallow clones should be disabled for a better relevancy of SonarCloud analysis
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
key: ${{ matrix.os }}-gradle-${{ hashFiles('**/*.gradle.kts', 'gradle.properties', 'gradle/libs.versions.toml', 'gradle/pluginLibs.versions.toml', 'gradle/wrapper/gradle-wrapper.properties') }}
- name: Cache Sonar packages
uses: actions/cache@v4
if: ${{ steps.check-secret.outputs.is_SONAR_TOKEN_set }}
with:
path: |
~/.sonar/cache
key: ${{ matrix.os }}-sonar-${{ hashFiles('gradle/pluginLibs.versions.toml') }}
- name: Cache node distribution
uses: actions/cache@v4
with:
path: |
.node
key: ${{ matrix.os }}-node-${{ hashFiles('gradle.properties') }}
- name: Cache yarn packages
uses: actions/cache@v4
with:
path: |
.yarn/cache
key: ${{ matrix.os }}-yarn-${{ hashFiles('yarn.lock') }}
- name: Gradle build
run: |
./gradlew build -Pci --info --stacktrace --max-workers 4 --no-daemon
- name: Sonar analyze
if: ${{ steps.check-secret.outputs.is_SONAR_TOKEN_set }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed by Sonar to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
./gradlew sonar -Pci --info --stacktrace --max-workers 4 --no-daemon
- name: Upload application artifacts
if: ${{ matrix.os == 'ubuntu-20.04' }}
uses: actions/upload-artifact@v4
with:
name: distributions
path: subprojects/**/build/distributions/*.tar
compression-level: 0
retention-days: 5 # No need to preserve for long, since they are uploaded to GHCR
- name: Build signed Maven repository
if: ${{ matrix.os == 'ubuntu-20.04' && github.event_name == 'push' && github.repository_owner == 'graphs4value' }}
env:
PGP_KEY: ${{ secrets.PGP_KEY }}
PGP_KEY_ID: ${{ secrets.PGP_KEY_ID }}
PGP_PASSWORD: ${{ secrets.PGP_PASSWORD }}
run: |
./gradlew mavenRepository -Pci -PforceSign --info --stacktrace --max-workers 4 --no-daemon
- name: Build unsigned Maven repository
if: ${{ matrix.os == 'ubuntu-20.04' && (github.event_name != 'push' || github.repository_owner != 'graphs4value') }}
run: |
./gradlew mavenRepository -Pci --info --stacktrace --max-workers 4 --no-daemon
- name: Merge Maven repository with site
if: ${{ matrix.os == 'ubuntu-20.04' }}
run: |
mv build/repo subprojects/docs/build/docusaurus/maven
- name: Upload GithHub Pages artifact
if: ${{ matrix.os == 'ubuntu-20.04' }}
uses: actions/upload-pages-artifact@v3
with:
path: subprojects/docs/build/docusaurus/
retention-days: 90
reuse-check:
name: REUSE Compliance Check
permissions:
contents: read
runs-on: ubuntu-20.04
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: REUSE Compliance Check
uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083
with:
args: --include-meson-subprojects lint
publish-site:
name: Publish to GitHub Pages
if: ${{ github.event_name == 'push' && github.ref_name == 'main' && github.repository == 'graphs4value/refinery' }}
needs: build
permissions:
pages: write
id-token: write
runs-on: ubuntu-20.04
environment:
name: github-pages
url: ${{steps.deployment.outputs.page_url}}
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
docker-build:
name: Build Docker images
needs: build
permissions:
packages: write
contents: read
runs-on: ubuntu-20.04
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
with:
platforms: arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
with:
platforms: linux/amd64,linux/arm64
- name: Checkout code
uses: actions/checkout@v4
- name: Download application artifacts
uses: actions/download-artifact@v4
with:
name: distributions
path: subprojects
- name: Extract application artifacts
working-directory: ./docker
run: |
./prepare_context.sh
- name: Bake images
working-directory: ./docker
run: |
./bake.sh false --set '*.cache-from=gha' --set '*.cache-to=type=gha,mode=max'
- name: Log in to GitHub Container registry
if: ${{ github.event_name == 'push' && github.ref_name == 'main' && github.repository == 'graphs4value/refinery' }}
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Upload images to GitHub Container registry
if: ${{ github.event_name == 'push' && github.ref_name == 'main' && github.repository == 'graphs4value/refinery' }}
working-directory: ./docker
run: |
./bake.sh true --set '*.cache-from=gha' --set '*.cache-to=type=gha,mode=max'
- name: Delete application artifacts
uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1
with:
name: distributions