chore: remove generic parameter #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | ||
| on: | ||
| workflow_call: | ||
| workflow_dispatch: | ||
| jobs: | ||
| check-secrets: | ||
| runs-on: ubuntu-24.04 | ||
| outputs: | ||
| run-with-secrets: ${{ steps.require-secrets.outputs.run-with-secrets }} | ||
| steps: | ||
| - name: Find if secrets are available | ||
| id: detect-secrets | ||
| uses: DanySK/[email protected] | ||
| with: | ||
| secrets: ${{ toJson(secrets) }} | ||
| - name: Set condition | ||
| id: require-secrets | ||
| run: | | ||
| echo "run-with-secrets=${{ steps.detect-secrets.outputs.has-secrets == 'true' && !github.event.repository.fork }}" >> $GITHUB_OUTPUT | ||
| precompute-next-version: | ||
| runs-on: ubuntu-24.04 | ||
| outputs: | ||
| next-version: ${{ steps.compute-next-version.outputs.next-version }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/[email protected] | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Compute next release version | ||
| id: compute-next-version | ||
| uses: nicolasfara/[email protected] | ||
| with: | ||
| github-token: ${{ github.token }} | ||
| build: | ||
| needs: | ||
| - check-secrets | ||
| - precompute-next-version | ||
| if: always() && !contains(needs.precompute-next-version.result, 'failure') | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| os: [ windows-2022, macos-14, ubuntu-24.04 ] | ||
| runs-on: ${{ matrix.os }} | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/[email protected] | ||
| with: | ||
| fetch-depth: 0 | ||
| - uses: DanySK/[email protected] | ||
| id: staging-repo | ||
| with: | ||
| check-command: | | ||
| ./gradlew check koverXmlReport :compiler-plugin:check :gradle-plugin:check --parallel | ||
| should-deploy: ${{ runner.os == 'macOS' && needs.check-secrets.outputs.run-with-secrets == 'true' }} # Deploy from macOS since it supports all the platforms | ||
| deploy-command: | | ||
| ./gradlew createStagingRepositoryOnMavenCentral --parallel | ||
| NEXT_VERSION="${{ needs.precompute-next-version.outputs.next-version }}" | ||
| OVERRIDE_VERSION=$([[ "$NEXT_VERSION" != "" ]] && echo "-PforceVersion=$(echo $NEXT_VERSION)" || echo "") | ||
| REPO_IDS=$(cat build/staging-repo-ids.properties) | ||
| MAVEN_CENTRAL_ID=${REPO_IDS#MavenCentral=} | ||
| ./gradlew $OVERRIDE_VERSION -PstagingRepositoryId=$MAVEN_CENTRAL_ID uploadAll :compiler-plugin:uploadKotlinOSSRHToMavenCentralNexus :gradle-plugin:uploadKotlinOSSRHToMavenCentralNexus close --parallel | ||
| should-run-codecov: ${{ runner.os == 'Linux' }} | ||
| codecov-directory: build/reports/kover | ||
| codecov-token: ${{ secrets.CODECOV_TOKEN }} | ||
| maven-central-username: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | ||
| maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
| signing-key: ${{ secrets.GPG_PRIVATEKEY }} | ||
| signing-password: ${{ secrets.GPG_PASSPHRASE }} | ||
| - uses: github/codeql-action/upload-sarif@v3 | ||
| if: ${{ always() && runner.os == 'Linux' }} | ||
| with: | ||
| sarif_file: build/reports | ||
| - name: Upload Staging Repo IDs | ||
| uses: actions/upload-artifact@v4 | ||
| if: ${{ runner.os == 'macOS' && needs.check-secrets.outputs.run-with-secrets == 'true' }} | ||
| with: | ||
| name: staging-repo-ids | ||
| path: build/staging-repo-ids.properties | ||
| set-staging-repo-id: | ||
| runs-on: ubuntu-24.04 | ||
| needs: | ||
| - build | ||
| - check-secrets | ||
| outputs: | ||
| staging-repo-id: ${{ steps.set-staging-repo-id.outputs.MavenCentral }} | ||
| if: ${{ needs.check-secrets.outputs.run-with-secrets == 'true' }} | ||
| steps: | ||
| - name: Restore staging repository ID | ||
| uses: actions/download-artifact@v4 | ||
| name: staging-repo-ids | ||
| path: build/ | ||
| - name: Set staging repository ID | ||
| id: set-staging-repo-id | ||
| run: | | ||
| REPO_IDS=$(cat build/staging-repo-ids.properties) | ||
| echo "$REPO_IDS" >> $GITHUB_OUTPUT | ||
| build-website: | ||
| runs-on: ubuntu-24.04 | ||
| steps: | ||
| - name: Checkout the repo | ||
| uses: actions/[email protected] | ||
| with: | ||
| submodules: true | ||
| fetch-depth: 0 | ||
| - name: Install Node | ||
| uses: actions/[email protected] | ||
| with: | ||
| node-version-file: site/package.json | ||
| - name: Build documentation website | ||
| working-directory: site | ||
| run: | | ||
| npm install | ||
| npm run build | ||
| - name: Tar files | ||
| run: tar -cvf website.tar site/build | ||
| - name: Upload website | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: website-${{ github.sha }} | ||
| path: website.tar | ||
| release: | ||
| needs: | ||
| - check-secrets | ||
| - set-staging-repo-id | ||
| - build-website | ||
| - build | ||
| runs-on: ubuntu-24.04 | ||
| # Prevent the release job if the run is on a PR or a fork | ||
| if: ${{ needs.check-secrets.outputs.run-with-secrets == 'true' }} | ||
| steps: | ||
| - name: Checkout the repo | ||
| uses: actions/[email protected] | ||
| with: | ||
| fetch-depth: 0 | ||
| token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
| - name: Checkout the docs | ||
| if: contains(github.repository, 'Collektive/collektive') | ||
| uses: actions/[email protected] | ||
| with: | ||
| path: deployed-website | ||
| fetch-depth: 0 | ||
| persist-credentials: true | ||
| repository: Collektive/collektive.github.io | ||
| token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
| - name: Download website artifact | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: website-${{ github.sha }} | ||
| - name: Unpack website | ||
| run: | | ||
| tar -xvf website.tar | ||
| mv deployed-website/.git site/build | ||
| git -C site/build status | ||
| - name: Install Node | ||
| uses: actions/[email protected] | ||
| with: | ||
| node-version-file: package.json | ||
| - uses: DanySK/[email protected] | ||
| env: | ||
| STAGING_REPO_ID: ${{ needs.set-staging-repo-id.outputs.staging-repo-id }} | ||
| ORG_GRADLE_PROJECT_releaseStage: true | ||
| with: | ||
| retries-on-failure: 1 # Fail fast during release | ||
| build-command: true | ||
| check-command: true | ||
| deploy-command: | | ||
| npm install | ||
| npx semantic-release | ||
| should-run-codecov: false | ||
| should-deploy: true | ||
| github-token: ${{ github.token }} | ||
| maven-central-username: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | ||
| maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
| gradle-publish-secret: ${{ secrets.GRADLE_PUBLISH_SECRET }} | ||
| gradle-publish-key: ${{ secrets.GRADLE_PUBLISH_KEY }} | ||
| signing-key: ${{ secrets.GPG_PRIVATEKEY }} | ||
| signing-password: ${{ secrets.GPG_PASSPHRASE }} | ||
| drop-staging-repo: | ||
| runs-on: ubuntu-24.04 | ||
| needs: | ||
| - set-staging-repo-id | ||
| - release | ||
| steps: | ||
| - name: Drop staging repositories | ||
| if: ${{ always() }} | ||
| env: | ||
| MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | ||
| MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
| run: > | ||
| curl | ||
| --request POST | ||
| --url "https://s01.oss.sonatype.org/service/local/staging/bulk/drop" | ||
| --header "Accept: application/json" | ||
| --header "Content-Type: application/json" | ||
| --data '{"data":{"stagedRepositoryIds":["${{ needs.set-staging-repo-id.outputs.staging-repo-id }}"]}}' | ||
| --user "$MAVEN_CENTRAL_USERNAME:$MAVEN_CENTRAL_PASSWORD" | ||
| --verbose | ||
| success: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - check-secrets | ||
| - release | ||
| - build | ||
| - build-website | ||
| if: >- | ||
| ${{ | ||
| always() && ( | ||
| contains(join(needs.*.result, ','), 'failure') | ||
| || !contains(join(needs.*.result, ','), 'cancelled') | ||
| ) | ||
| }} | ||
| steps: | ||
| - name: Verify that there were no failures | ||
| run: ${{ !contains(join(needs.*.result, ','), 'failure') }} | ||
