Update dependency com.gradle:develocity-maven-extension to v2.4.1 (#1β¦ #4568
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Java CI | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - '[1-9]+.[0-9]+.x' | |
| - central-portal | |
| pull_request: | |
| branches: | |
| - master | |
| - '[1-9]+.[0-9]+.x' | |
| - central-portal | |
| merge_group: | |
| types: [checks_requested] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # Keep the default workflow token read-only; individual jobs opt into writes when needed. | |
| permissions: | |
| contents: read | |
| jobs: | |
| workflow-hardening: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| - name: "π‘ Verify workflow pinning" | |
| run: bash .github/scripts/check-workflow-pinning.sh | |
| - name: "π‘ Verify Maven wrapper checksum" | |
| run: bash .github/scripts/verify-maven-wrapper-checksum.sh | |
| linux-docker-native-preflight: | |
| if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
| needs: | |
| - workflow-hardening | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| checks: write | |
| env: | |
| DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} | |
| DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} | |
| DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} | |
| GRAALVM_QUICK_BUILD: true | |
| NATIVE_IMAGE_OPTIONS: "-H:+ReportExceptionStackTraces" | |
| steps: | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: "π Determine preflight scope" | |
| id: preflight_scope | |
| shell: bash | |
| run: | | |
| if [ "${GITHUB_EVENT_NAME}" = "merge_group" ]; then | |
| echo "should_run=true" >> "$GITHUB_OUTPUT" | |
| echo "reason=merge_group" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| base_sha="${{ github.event.pull_request.base.sha }}" | |
| head_sha="${{ github.event.pull_request.head.sha }}" | |
| should_run=false | |
| reason=non_sensitive_paths | |
| while IFS= read -r file; do | |
| case "$file" in | |
| .github/workflows/*|.github/scripts/*|.mvn/*|mvnw|mvnw.cmd|pom.xml|micronaut-maven-core/*|micronaut-maven-jib-integration/*|micronaut-maven-plugin/*|micronaut-maven-integration-tests/pom.xml|micronaut-maven-integration-tests/src/it/issue582/*|micronaut-maven-integration-tests/src/it/dockerfile-docker-native-*/*) | |
| should_run=true | |
| reason="$file" | |
| break | |
| ;; | |
| esac | |
| done < <(git diff --name-only "$base_sha" "$head_sha") | |
| echo "should_run=$should_run" >> "$GITHUB_OUTPUT" | |
| echo "reason=$reason" >> "$GITHUB_OUTPUT" | |
| - name: "βΉοΈ Skip preflight for unrelated changes" | |
| if: steps.preflight_scope.outputs.should_run != 'true' | |
| run: | | |
| echo "Skipping Linux docker-native preflight." | |
| echo "Reason: ${{ steps.preflight_scope.outputs.reason }}" | |
| - name: "π Remove system JDKs" | |
| if: steps.preflight_scope.outputs.should_run == 'true' | |
| run: | | |
| sudo rm -rf /usr/lib/jvm/* | |
| unset JAVA_HOME | |
| filtered_path=$(echo "$PATH" | tr ':' '\n' | grep -v '/usr/lib/jvm' | paste -sd:) | |
| export PATH="$filtered_path" | |
| - name: "π Free disk space" | |
| if: steps.preflight_scope.outputs.should_run == 'true' | |
| run: | | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| sudo apt-get clean | |
| df -h | |
| - name: "βοΈ Install Java and Maven" | |
| if: steps.preflight_scope.outputs.should_run == 'true' | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '25' | |
| cache: 'maven' | |
| - name: "π§ Setup GraalVM CE" | |
| if: steps.preflight_scope.outputs.should_run == 'true' | |
| uses: graalvm/setup-graalvm@bef4b0e916c7dd079bf60fb95d49139f67e32c5f | |
| with: | |
| distribution: 'graalvm' | |
| java-version: '25' | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| native-image-job-reports: true | |
| - name: "π³ Run Linux docker-native preflight" | |
| if: steps.preflight_scope.outputs.should_run == 'true' | |
| run: | | |
| ./mvnw -q install -Dinvoker.skip=true | |
| ./mvnw -pl micronaut-maven-integration-tests -am verify "-Dinvoker.test=issue582,dockerfile-docker-native-netty-custom-base" | |
| - name: "π Publish Preflight Test Report" | |
| if: always() && steps.preflight_scope.outputs.should_run == 'true' | |
| uses: mikepenz/action-junit-report@3a81627bfac62268172037048872e8ebd4207e6d # v6 | |
| with: | |
| check_name: Linux Docker Native Preflight / Test Report | |
| report_paths: '**/target/invoker-reports/TEST-*.xml' | |
| check_retries: 'true' | |
| snapshot: | |
| name: "snapshot" | |
| needs: | |
| - workflow-hardening | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| checks: write | |
| strategy: | |
| matrix: | |
| java: ['25'] | |
| env: | |
| DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} | |
| DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} | |
| DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} | |
| OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }} | |
| OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }} | |
| OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }} | |
| OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }} | |
| OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }} | |
| GRAALVM_QUICK_BUILD: true | |
| NATIVE_IMAGE_OPTIONS: "-H:+ReportExceptionStackTraces" | |
| steps: | |
| - name: "π Remove system JDKs" | |
| run: | | |
| sudo rm -rf /usr/lib/jvm/* | |
| unset JAVA_HOME | |
| filtered_path=$(echo "$PATH" | tr ':' '\n' | grep -v '/usr/lib/jvm' | paste -sd:) | |
| export PATH="$filtered_path" | |
| - name: "π Free disk space" | |
| run: | | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| sudo apt-get clean | |
| df -h | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: "π Import GPG key" | |
| env: | |
| GPG_FILE: ${{ secrets.GPG_FILE }} | |
| run: | | |
| mkdir -p ~/.gnupg | |
| chmod 700 ~/.gnupg | |
| echo "$GPG_FILE" | base64 -d | gpg --batch --import | |
| gpg --list-secret-keys --keyid-format LONG | |
| - name: "βοΈ Install Java and Maven and set up Apache Maven Central" | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ matrix.java }} | |
| cache: 'maven' | |
| server-id: central | |
| server-username: SONATYPE_USERNAME | |
| server-password: SONATYPE_PASSWORD | |
| - name: "π§ Setup GraalVM CE" | |
| uses: graalvm/setup-graalvm@bef4b0e916c7dd079bf60fb95d49139f67e32c5f | |
| with: | |
| distribution: 'graalvm' | |
| java-version: ${{ matrix.java }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| native-image-job-reports: true | |
| - name: "β¬ Eagerly pull Docker images" | |
| run: | | |
| docker pull postgres:18.3@sha256:a9abf4275f9e99bff8e6aed712b3b7dfec9cac1341bba01c1ffdfce9ff9fc34a | |
| - name: "π§ͺ Run tests" | |
| run: | | |
| if [ "${GITHUB_EVENT_NAME}" = "pull_request" ] || [ "${GITHUB_EVENT_NAME}" = "merge_group" ]; then | |
| ./mvnw -q install -Dinvoker.skip=true | |
| else | |
| ./mvnw -q install -Dinvoker.skip=true && ./mvnw verify | |
| fi | |
| - name: "π Verify release signing setup" | |
| if: matrix.java == '25' | |
| run: | | |
| ./mvnw --batch-mode -Prelease verify -DskipTests -Dinvoker.skip=true -DskipITs | |
| env: | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSWORD }} | |
| - name: "π Publish Test Report" | |
| if: always() | |
| uses: mikepenz/action-junit-report@3a81627bfac62268172037048872e8ebd4207e6d # v6 | |
| with: | |
| check_name: Java CI / Test Report | |
| report_paths: '**/target/*-reports/TEST-*.xml' | |
| check_retries: 'true' | |
| - name: "π Run static analysis" | |
| if: env.SONAR_TOKEN != '' && matrix.java == '25' | |
| run: ./mvnw sonar:sonar | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: "β Determine current version" | |
| if: success() && github.event_name == 'push' && matrix.java == '25' | |
| id: release_version | |
| run: | | |
| release_version=$(./mvnw help:evaluate -Dexpression=project.version -q -DforceStdout) | |
| echo "release_version=$release_version" >> "$GITHUB_OUTPUT" | |
| - name: "π Generate site" | |
| if: success() && github.event_name == 'push' && matrix.java == '25' | |
| run: | | |
| ./mvnw site:site | |
| cp -R target/site/apidocs/* micronaut-maven-plugin/target/site/apidocs | |
| - name: "π€ Upload snapshot site" | |
| if: success() && github.event_name == 'push' && matrix.java == '25' | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7 | |
| with: | |
| name: snapshot-site | |
| path: micronaut-maven-plugin/target/site | |
| if-no-files-found: error | |
| - name: "π¦ Deploy snapshot" | |
| if: success() && github.event_name == 'push' && endsWith(steps.release_version.outputs.release_version, 'SNAPSHOT') && matrix.java == '25' | |
| run: | | |
| ./mvnw deploy -Dinvoker.skip | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSWORD }} | |
| generate-invoker-test-matrix: | |
| if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
| needs: | |
| - workflow-hardening | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| shards: ${{ steps.shards.outputs.shards }} | |
| steps: | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| - name: "𧩠Generate invoker test shards" | |
| id: shards | |
| run: python3 .github/scripts/shard-invoker-tests.py --github-output "$GITHUB_OUTPUT" | |
| invoker-tests: | |
| if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
| needs: | |
| - workflow-hardening | |
| - generate-invoker-test-matrix | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| checks: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| java: ['25'] | |
| shard: ${{ fromJSON(needs.generate-invoker-test-matrix.outputs.shards) }} | |
| env: | |
| DEVELOCITY_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_ACCESS_KEY }} | |
| DEVELOCITY_CACHE_USERNAME: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USERNAME }} | |
| DEVELOCITY_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }} | |
| GRAALVM_QUICK_BUILD: true | |
| NATIVE_IMAGE_OPTIONS: "-H:+ReportExceptionStackTraces" | |
| steps: | |
| - name: "π Remove system JDKs" | |
| run: | | |
| sudo rm -rf /usr/lib/jvm/* | |
| unset JAVA_HOME | |
| filtered_path=$(echo "$PATH" | tr ':' '\n' | grep -v '/usr/lib/jvm' | paste -sd:) | |
| export PATH="$filtered_path" | |
| - name: "π Free disk space" | |
| run: | | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| sudo apt-get clean | |
| df -h | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: "βοΈ Install Java and Maven" | |
| uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ matrix.java }} | |
| cache: 'maven' | |
| - name: "π§ Setup GraalVM CE" | |
| uses: graalvm/setup-graalvm@bef4b0e916c7dd079bf60fb95d49139f67e32c5f | |
| with: | |
| distribution: 'graalvm' | |
| java-version: ${{ matrix.java }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| native-image-job-reports: true | |
| - name: "β¬ Eagerly pull Docker images" | |
| run: | | |
| docker pull postgres:18.3@sha256:a9abf4275f9e99bff8e6aed712b3b7dfec9cac1341bba01c1ffdfce9ff9fc34a | |
| - name: "π§ͺ Run invoker tests" | |
| run: | | |
| ./mvnw -q install -Dinvoker.skip=true | |
| ./mvnw -pl micronaut-maven-integration-tests verify -Dinvoker.test=${{ matrix.shard.tests }} | |
| env: | |
| TESTCONTAINERS_RYUK_DISABLED: true | |
| - name: "π Publish Invoker Test Report" | |
| if: always() | |
| uses: mikepenz/action-junit-report@3a81627bfac62268172037048872e8ebd4207e6d # v6 | |
| with: | |
| check_name: Java CI / Invoker Test Report (${{ matrix.shard.name }}) | |
| report_paths: '**/target/invoker-reports/TEST-*.xml' | |
| check_retries: 'true' | |
| publish_snapshot_docs: | |
| if: github.event_name == 'push' | |
| needs: snapshot | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: snapshot-pages-${{ github.repository }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| steps: | |
| - name: "π₯ Checkout repository" | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 | |
| with: | |
| fetch-depth: 1 | |
| - name: "π Check branch freshness" | |
| id: branch_freshness | |
| run: | | |
| remote_sha=$(git ls-remote origin "refs/heads/${GITHUB_REF_NAME}" | cut -f1) | |
| if [ -z "$remote_sha" ]; then | |
| echo "fresh=false" >> "$GITHUB_OUTPUT" | |
| echo "reason=missing_remote_ref" >> "$GITHUB_OUTPUT" | |
| echo "Unable to resolve refs/heads/${GITHUB_REF_NAME}; skipping Pages publish." | |
| exit 0 | |
| fi | |
| echo "remote_sha=$remote_sha" >> "$GITHUB_OUTPUT" | |
| if [ "$remote_sha" != "$GITHUB_SHA" ]; then | |
| echo "fresh=false" >> "$GITHUB_OUTPUT" | |
| echo "reason=stale_head" >> "$GITHUB_OUTPUT" | |
| echo "Superseded by newer branch head ${remote_sha}; skipping Pages publish for ${GITHUB_SHA}." | |
| exit 0 | |
| fi | |
| echo "fresh=true" >> "$GITHUB_OUTPUT" | |
| echo "reason=current_head" >> "$GITHUB_OUTPUT" | |
| - name: "π₯ Download snapshot site" | |
| if: steps.branch_freshness.outputs.fresh == 'true' | |
| uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8 | |
| with: | |
| name: snapshot-site | |
| path: micronaut-maven-plugin/target/site | |
| - name: "π Publish to Github Pages" | |
| if: steps.branch_freshness.outputs.fresh == 'true' | |
| uses: micronaut-projects/github-pages-deploy-action@76d63aafbab7108d74e83be4e5b3b0501382e829 | |
| env: | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| BRANCH: gh-pages | |
| FOLDER: micronaut-maven-plugin/target/site |