ci: editorconfig updates #747
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: PR Build Check | |
on: | |
pull_request: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
editorconfig-checker: | |
name: Check editorconfig | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: editorconfig-checker/action-editorconfig-checker@v2 | |
- run: editorconfig-checker | |
commitlint: | |
name: Lint commits for semantic-release | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: "20" | |
- run: npx commitlint --from=${{ github.event.pull_request.base.sha }} --to=${{ github.sha }} --verbose | |
security: | |
name: Security validation | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: gradle/actions/wrapper-validation@v3 | |
cyclonedx-sbom: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
- name: Generate SBOMs | |
run: ./gradlew cyclonedxBom | |
- name: Upload SBOMs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: cyclonedx-sbom | |
path: | | |
core/build/reports/bom.json | |
isthmus/build/reports/bom.json | |
isthmus-cli/build/reports/bom.json | |
osv-scanner: | |
needs: cyclonedx-sbom | |
runs-on: ubuntu-latest | |
continue-on-error: true | |
strategy: | |
fail-fast: false | |
matrix: | |
project: | |
- core | |
- isthmus | |
- isthmus-cli | |
steps: | |
- name: Download SBOMs | |
uses: actions/download-artifact@v4 | |
with: | |
name: cyclonedx-sbom | |
- name: Scan | |
run: docker run --rm -v "${PWD}/${{ matrix.project }}/build/reports/bom.json:/bom.json" ghcr.io/google/osv-scanner --sbom /bom.json | |
java: | |
name: Build and Test Java | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Build with Gradle | |
run: gradle build --rerun-tasks | |
isthmus-native-image-mac-linux: | |
name: Build Isthmus Native Image | |
needs: java | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macOS-latest] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- uses: graalvm/setup-graalvm@v1 | |
with: | |
java-version: '17' | |
distribution: 'graalvm' | |
# helps avoid rate-limiting issues | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Report Java Version | |
run: java -version | |
- name: Install GraalVM native image | |
run: gu install native-image | |
- name: Build with Gradle | |
run: gradle nativeImage | |
- name: Smoke Test | |
run: | | |
./isthmus-cli/src/test/script/smoke.sh | |
./isthmus-cli/src/test/script/tpch_smoke.sh | |
- name: Rename the artifact to OS-unique name | |
shell: bash | |
run: | | |
value=`mv isthmus-cli/build/graal/isthmus isthmus-cli/build/graal/isthmus-${{ matrix.os }}` | |
- name: Publish artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: isthmus-${{ matrix.os }} | |
path: isthmus-cli/build/graal/isthmus-${{ matrix.os }} | |
dry-run-release: | |
name: Dry-run release | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: "20" | |
- name: Check current status before next release | |
run: ./ci/release/dry_run.sh |