From 7da46872321850f9eb283acbd7543a039a711b44 Mon Sep 17 00:00:00 2001 From: Michael Kora <80787590+MichaelKora@users.noreply.github.com> Date: Wed, 11 Oct 2023 11:46:23 +0200 Subject: [PATCH] Create separate action to assess code quality (#145) --- .github/workflows/README.md | 85 +++++++++++++-- .github/workflows/java-gradle-base.yaml | 101 ++++++++++++++++++ .github/workflows/java-gradle-docker.yaml | 52 +++------ .github/workflows/java-gradle-library.yaml | 49 +++------ .github/workflows/java-gradle-plugin.yaml | 54 ++++------ .github/workflows/java-gradle-release.yaml | 1 - .../java-gradle-assess-code-quality/README.md | 40 +++++++ .../action.yaml | 82 ++++++++++++++ actions/java-gradle-test/README.md | 29 ++--- actions/java-gradle-test/action.yaml | 57 ++-------- 10 files changed, 368 insertions(+), 182 deletions(-) create mode 100644 .github/workflows/java-gradle-base.yaml create mode 100644 actions/java-gradle-assess-code-quality/README.md create mode 100644 actions/java-gradle-assess-code-quality/action.yaml diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 952679b35..dbcbb767c 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -11,6 +11,7 @@ The following workflows can be found here: - [Python Poetry Release](#python-poetry-release) - [Python Poetry Publish PyPI](#python-poetry-publish-pypi) - [Python Poetry Publish Snapshot](#python-poetry-publish-snapshot) +- [Java Gradle Base](#java-gradle-base) - [Java Gradle Docker](#java-gradle-docker) - [Java Gradle Library](#java-gradle-library) - [Java Gradle Plugin](#java-gradle-plugin) @@ -698,10 +699,9 @@ jobs: pypi-token: ${{ secrets.TEST_PYPI_TOKEN }} ``` -## Java Gradle Docker +## Java Gradle Base -This workflow will build, test and publish a Java Gradle project including a tarball image. Additionally, -the workflow creates a GitHub Release when running on a tag branch. +This workflow will build, test and publish a Java Gradle project. ### Prerequisites @@ -714,6 +714,75 @@ This workflow is built from multiple composite actions listed below: - [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build) - [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test) +- [java-gradle-assess-code-quality](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-assess-code-quality) + +### Input Parameters + +| Name | Required | Default Value | Type | Description | +| ------------------ | :------: | :-----------: | :-----: | ------------------------------------------------------------------------------------------------------------- | +| java-distribution | ❌ | microsoft | string | [Java distribution](https://github.com/actions/setup-java#supported-distributions) to be installed | +| java-version | ❌ | 11 | string | Java version to be installed | +| gradle-version | ❌ | wrapper | string | [Gradle version](https://github.com/gradle/gradle-build-action#use-a-specific-gradle-version) to be installed | +| gradle-cache | ❌ | true | boolean | Whether Gradle caching is enabled or not | +| working-directory | ❌ | . | string | Working directory of your Gradle artifacts | +| download-lfs-files | ❌ | "false" | string | Whether the Git checkout action should resolve LFS files or not | + +### Secret Parameters + +For Sonarcloud you need to provide a `sonar-token` and a `sonar-organization` to publish code quality results. In case of Sonatype, the action +requires you to have a `signing-secret-key-ring` (base64 encoded), a `signing-key-id` and a `signing-password` to sign +your build artifacts. + +| Name | Required | Description | +| ----------------------- | :------: | -------------------------------------------------------------- | +| signing-key-id | ✅ | Key id for signing the Sonatype publication | +| signing-password | ✅ | Password for signing the Sonatype publication | +| signing-secret-key-ring | ✅ | Key ring (base64 encoded) for signing the Sonatype publication | +| sonar-organization | ✅ | Organization for Sonarcloud | +| sonar-token | ✅ | Token for Sonarcloud | + +### Calling the workflow + +```yaml +name: Call this reusable workflow + +on: + push: + branches: [main] + +jobs: + call-workflow-passing-data: + name: Java Gradle Docker + uses: bakdata/ci-templates/.github/workflows/java-gradle-base.yaml@main + with: + java-distribution: "microsoft" # (Optional) Default is microsoft + java-version: "11" # (Optional) Default is 11 + gradle-version: "wrapper" # (Optional) Default is wrapper + gradle-cache: false # (Optional) Default is true + working-directory: "." # (Optional) Default is . + secrets: + sonar-token: ${{ secrets.SONARCLOUD_TOKEN }} + sonar-organization: ${{ secrets.SONARCLOUD_ORGANIZATION }} + signing-secret-key-ring: ${{ secrets.SIGNING_SECRET_KEY_RING }} + signing-key-id: ${{ secrets.SIGNING_KEY_ID }} + signing-password: ${{ secrets.SIGNING_PASSWORD }} +``` + +## Java Gradle Docker + +This workflow will build, test and publish a Java Gradle project including a tarball image. Additionally, +the workflow creates a GitHub Release when running on a tag branch. + +### Prerequisites + +Your Java project needs to be set up with Gradle and either needs to contain a `build.gradle` or a `build.gradle.kts` +file that uses the [Sonar](https://github.com/bakdata/gradle-plugins/tree/master/sonar), [Sonatype](https://github.com/bakdata/gradle-plugins/tree/master/sonatype) and [Jib](https://github.com/GoogleContainerTools/jib/tree/master/jib-gradle-plugin) plugins. Moreover, prepare credentials for Sonarcloud, Sonatype, GitHub and Docker. + +### Dependencies + +This workflow is built from multiple composite actions and workflows listed below: + +- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml) - [java-gradle-build-jib](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build-jib) - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish) - [docker-publish](https://github.com/bakdata/ci-templates/tree/main/actions/docker-publish) @@ -799,10 +868,9 @@ file that uses the [Sonar](https://github.com/bakdata/gradle-plugins/tree/master ### Dependencies -This workflow is built from multiple composite actions listed below: +This workflow is built from multiple composite actions and workflows listed below: -- [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build) -- [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test) +- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml) - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish) - [java-gradle-release-github](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-release-github) @@ -880,10 +948,9 @@ and Gradle Plugin Portal. ### Dependencies -This workflow is built from multiple composite actions listed below: +This workflow is built from multiple composite actions and workflows listed below: -- [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build) -- [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test) +- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml) - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish) - [java-gradle-publish-plugin](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish-plugin) - [java-gradle-release-github](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-release-github) diff --git a/.github/workflows/java-gradle-base.yaml b/.github/workflows/java-gradle-base.yaml new file mode 100644 index 000000000..98eae76ad --- /dev/null +++ b/.github/workflows/java-gradle-base.yaml @@ -0,0 +1,101 @@ +name: Java Gradle Base +# Reusable workflow for building testing and assessing code quality + +on: + workflow_call: + inputs: + download-lfs-files: + description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)" + required: false + type: boolean + default: false + gradle-cache: + description: "Whether Gradle caching is enabled or not. (Default is true)" + required: false + type: boolean + default: true + gradle-version: + description: "Gradle version to be installed. (Default is wrapper)" + required: false + type: string + default: "wrapper" + java-distribution: + description: "Java distribution to be installed. (Default is microsoft)" + required: false + type: string + default: "microsoft" + java-version: + description: "Java version to be installed. (Default is 11)" + required: false + type: string + default: "11" + working-directory: + description: "Working directory of your Gradle artifacts. (Default is .)" + required: false + type: string + default: "." + secrets: + signing-key-id: + description: "Key id for signing the Sonatype publication." + required: true + signing-password: + description: "Password for signing the Sonatype publication." + required: true + signing-secret-key-ring: + description: "Key ring (base64 encoded) for signing the Sonatype publication." + required: true + sonar-organization: + description: "Organization for Sonarcloud" + required: true + sonar-token: + description: "Token for Sonarcloud." + required: true + +jobs: + build: + name: Build + runs-on: ubuntu-22.04 + + steps: + - name: Build + uses: bakdata/ci-templates/actions/java-gradle-build@v1.16.0 + with: + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + gradle-version: ${{ inputs.gradle-version }} + gradle-cache: ${{ inputs.gradle-cache }} + working-directory: ${{ inputs.working-directory }} + + test: + name: Test + runs-on: ubuntu-22.04 + needs: build + steps: + - name: Run unit tests + uses: bakdata/ci-templates/actions/java-gradle-test@1.39.0 + with: + gradle-cache: ${{ inputs.gradle-cache }} + gradle-version: ${{ inputs.gradle-version }} + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + working-directory: ${{ inputs.working-directory }} + + assess-code-quality: + name: Asses code quality + runs-on: ubuntu-22.04 + needs: build + steps: + - name: Assess code quality + uses: bakdata/ci-templates/actions/java-gradle-assess-code-quality@1.39.0 + with: + download-lfs-files: ${{ inputs.download-lfs-files }} + gradle-cache: ${{ inputs.gradle-cache }} + gradle-version: ${{ inputs.gradle-version }} + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + signing-key-id: ${{ secrets.signing-key-id }} + signing-password: ${{ secrets.signing-password }} + signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} + sonar-organization: ${{ secrets.sonar-organization }} + sonar-token: ${{ secrets.sonar-token }} + working-directory: ${{ inputs.working-directory }} diff --git a/.github/workflows/java-gradle-docker.yaml b/.github/workflows/java-gradle-docker.yaml index 7294e39f9..90e816142 100644 --- a/.github/workflows/java-gradle-docker.yaml +++ b/.github/workflows/java-gradle-docker.yaml @@ -69,44 +69,26 @@ on: required: true jobs: - build: - name: Build - runs-on: ubuntu-22.04 - - steps: - - name: Build - uses: bakdata/ci-templates/actions/java-gradle-build@v1.16.0 - with: - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} - - test: - name: Test - runs-on: ubuntu-22.04 - needs: build + build-and-test: + name: Build, Test and Assess code quality + uses: bakdata/ci-templates/.github/workflows/java-gradle-base.yaml@1.39.0 + with: + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + gradle-version: ${{ inputs.gradle-version }} + gradle-cache: ${{ inputs.gradle-cache }} + working-directory: ${{ inputs.working-directory }} + secrets: + signing-key-id: ${{ secrets.signing-key-id }} + signing-password: ${{ secrets.signing-password }} + signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} + sonar-organization: ${{ secrets.sonar-organization }} + sonar-token: ${{ secrets.sonar-token }} - steps: - - name: Test - uses: bakdata/ci-templates/actions/java-gradle-test@v1.16.0 - with: - sonar-token: ${{ secrets.sonar-token }} - sonar-organization: ${{ secrets.sonar-organization }} - signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} - signing-key-id: ${{ secrets.signing-key-id }} - signing-password: ${{ secrets.signing-password }} - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} - build-jib: name: Build tarball image runs-on: ubuntu-22.04 - needs: test + needs: build-and-test steps: - name: Build tarball image @@ -155,7 +137,7 @@ jobs: name: Create Github release if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-22.04 - needs: publish + needs: [publish, publish-jib-image] steps: - name: Release on Github diff --git a/.github/workflows/java-gradle-library.yaml b/.github/workflows/java-gradle-library.yaml index c7c3eeecc..02daba5d1 100644 --- a/.github/workflows/java-gradle-library.yaml +++ b/.github/workflows/java-gradle-library.yaml @@ -59,44 +59,27 @@ on: required: true jobs: - build: - name: Build - runs-on: ubuntu-22.04 - - steps: - - name: Build - uses: bakdata/ci-templates/actions/java-gradle-build@v1.16.0 - with: - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} - - test: - name: Test - runs-on: ubuntu-22.04 - needs: build + build-and-test: + name: Build, Test and Assess code quality + uses: bakdata/ci-templates/.github/workflows/java-gradle-base.yaml@1.39.0 + with: + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + gradle-version: ${{ inputs.gradle-version }} + gradle-cache: ${{ inputs.gradle-cache }} + working-directory: ${{ inputs.working-directory }} - steps: - - name: Test - uses: bakdata/ci-templates/actions/java-gradle-test@v1.16.0 - with: - sonar-token: ${{ secrets.sonar-token }} - sonar-organization: ${{ secrets.sonar-organization }} - signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} - signing-key-id: ${{ secrets.signing-key-id }} - signing-password: ${{ secrets.signing-password }} - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} + secrets: + signing-key-id: ${{ secrets.signing-key-id }} + signing-password: ${{ secrets.signing-password }} + signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} + sonar-token: ${{ secrets.sonar-token }} + sonar-organization: ${{ secrets.sonar-organization }} publish: name: Publish runs-on: ubuntu-22.04 - needs: test + needs: build-and-test steps: - name: Publish diff --git a/.github/workflows/java-gradle-plugin.yaml b/.github/workflows/java-gradle-plugin.yaml index eec4c3980..50363340f 100644 --- a/.github/workflows/java-gradle-plugin.yaml +++ b/.github/workflows/java-gradle-plugin.yaml @@ -65,44 +65,26 @@ on: required: true jobs: - build: - name: Build - runs-on: ubuntu-22.04 - - steps: - - name: Build - uses: bakdata/ci-templates/actions/java-gradle-build@v1.16.0 - with: - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} - - test: - name: Test - runs-on: ubuntu-22.04 - needs: build - - steps: - - name: Test - uses: bakdata/ci-templates/actions/java-gradle-test@v1.16.0 - with: - sonar-token: ${{ secrets.sonar-token }} - sonar-organization: ${{ secrets.sonar-organization }} - signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} - signing-key-id: ${{ secrets.signing-key-id }} - signing-password: ${{ secrets.signing-password }} - java-distribution: ${{ inputs.java-distribution }} - java-version: ${{ inputs.java-version }} - gradle-version: ${{ inputs.gradle-version }} - gradle-cache: ${{ inputs.gradle-cache }} - working-directory: ${{ inputs.working-directory }} + build-and-test: + name: Build, Test and Assess code quality + uses: bakdata/ci-templates/.github/workflows/java-gradle-base.yaml@1.39.0 + with: + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + gradle-version: ${{ inputs.gradle-version }} + gradle-cache: ${{ inputs.gradle-cache }} + working-directory: ${{ inputs.working-directory }} + secrets: + signing-key-id: ${{ secrets.signing-key-id }} + signing-password: ${{ secrets.signing-password }} + signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} + sonar-organization: ${{ secrets.sonar-organization }} + sonar-token: ${{ secrets.sonar-token }} publish: name: Publish runs-on: ubuntu-22.04 - needs: test + needs: build-and-test steps: - name: Publish @@ -123,7 +105,7 @@ jobs: name: Publish plugin if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-22.04 - needs: test + needs: build-and-test steps: - name: Publish plugin @@ -144,7 +126,7 @@ jobs: name: Create Github release if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-22.04 - needs: publish + needs: [publish, publish-plugin] steps: - name: Release on Github diff --git a/.github/workflows/java-gradle-release.yaml b/.github/workflows/java-gradle-release.yaml index d4e7738da..374b3e2a8 100644 --- a/.github/workflows/java-gradle-release.yaml +++ b/.github/workflows/java-gradle-release.yaml @@ -8,7 +8,6 @@ on: description: "Scope of the release (major, minor or patch)." required: true type: string - changelog-file: description: Path to the changelog file in the GitHub repository required: false diff --git a/actions/java-gradle-assess-code-quality/README.md b/actions/java-gradle-assess-code-quality/README.md new file mode 100644 index 000000000..b45a3f964 --- /dev/null +++ b/actions/java-gradle-assess-code-quality/README.md @@ -0,0 +1,40 @@ +# assess-code-quality + +This action assess code quality and tests signing for Sonatype. + +## Input Parameters + +If you do not set input parameters for publishing code quality test results on Sonarcloud or for testing the signing for +Sonatype, then these steps are skipped. + +| Name | Required | Default Value | Type | Description | +| ----------------------- | :------: | :-----------: | :-----: | ------------------------------------------------------------------------------------------------------------- | +| download-lfs-files | ❌ | false | boolean | Whether the Git checkout action should resolve LFS files or not | +| gradle-cache | ❌ | true | boolean | Whether Gradle caching is enabled or not | +| gradle-version | ❌ | wrapper | string | [Gradle version](https://github.com/gradle/gradle-build-action#use-a-specific-gradle-version) to be installed | +| java-distribution | ❌ | microsoft | string | [Java distribution](https://github.com/actions/setup-java#supported-distributions) to be installed | +| java-version | ❌ | 11 | string | Java version to be installed | +| sonar-organization | ❌ | - | string | Organization for Sonarcloud | +| sonar-token | ❌ | - | string | Token for Sonarcloud | +| signing-key-id | ❌ | - | string | Key id for signing the Sonatype publication | +| signing-password | ❌ | - | string | Password for signing the Sonatype publication | +| signing-secret-key-ring | ❌ | - | string | Key ring (base64 encoded) for signing the Sonatype publication | +| working-directory | ❌ | "." | string | Working directory of your Gradle artifacts | + +## Usage + +```yaml +steps: + - name: Test + uses: bakdata/ci-templates/actions/java-gradle-test@main + with: + sonar-token: ${{ secrets.sonar-token }} # (Optional) If not set, code quality tests are skipped + sonar-organization: ${{ secrets.sonar-organization }} # (Optional) If not set, code quality tests are skipped + signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} # (Optional) If not set, signing for Sonatype is not tested + signing-key-id: ${{ secrets.signing-key-id }} # (Optional) If not set, signing for Sonatype is not tested + signing-password: ${{ secrets.signing-password }} # (Optional) If not set, signing for Sonatype is not tested + java-distribution: "microsoft" # (Optional) + java-version: "11" # (Optional) + gradle-version: "wrapper" # (Optional) + working-directory: "." # (Optional) +``` diff --git a/actions/java-gradle-assess-code-quality/action.yaml b/actions/java-gradle-assess-code-quality/action.yaml new file mode 100644 index 000000000..09aec8e46 --- /dev/null +++ b/actions/java-gradle-assess-code-quality/action.yaml @@ -0,0 +1,82 @@ +name: "Assess code quality" +description: "Assess code quality and optionally test signing for Sonatype" + +inputs: + download-lfs-files: + description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)" + required: false + default: false + gradle-cache: + description: "Whether Gradle caching is enabled or not. (Default is true)" + required: false + default: true + gradle-version: + description: "Gradle version to be installed. (Default is wrapper)" + required: false + default: "wrapper" + java-distribution: + description: "Java distribution to be installed. (Default is microsoft)" + required: false + default: "microsoft" + java-version: + description: "Java version to be installed. (Default is 11)" + required: false + default: "11" + signing-key-id: + description: "Key id for signing the Sonatype publication." + required: false + signing-password: + description: "Password for signing the Sonatype publication." + required: false + signing-secret-key-ring: + description: "Key ring (base64 encoded) for signing the Sonatype publication." + required: false + sonar-organization: + description: "Organization for Sonarcloud." + required: false + sonar-token: + description: "Token for Sonarcloud." + required: false + working-directory: + description: "Working directory of your Gradle artifacts. (Default is .)" + required: false + default: "." + +runs: + using: "composite" + steps: + - name: Check out repository + uses: bakdata/ci-templates/actions/checkout@1.32.0 + with: + fetch-depth: 0 + lfs: ${{ inputs.download-lfs-files }} + + - name: Set up Gradle with version ${{ inputs.gradle-version }} + uses: bakdata/ci-templates/actions/java-gradle-setup@v1.16.0 + with: + java-distribution: ${{ inputs.java-distribution }} + java-version: ${{ inputs.java-version }} + gradle-version: ${{ inputs.gradle-version }} + gradle-cache: ${{ inputs.gradle-cache }} + + # sonar.branch.autoconfig.disabled is necessary for autocreation of projects on Sonarcloud to work + - name: Assess code quality + if: ${{ inputs.sonar-token != '' && inputs.sonar-organization != '' }} + run: ./gradlew -Dsonar.branch.autoconfig.disabled=true -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=${{ inputs.sonar-organization }} --info --stacktrace sonarqube + shell: bash + working-directory: ${{ inputs.working-directory }} + env: + SONAR_TOKEN: ${{ inputs.sonar-token }} + + - name: Check if everything builds (incl. javadoc) for snapshot/release and signing works + if: ${{ inputs.signing-secret-key-ring != '' && inputs.signing-key-id != '' && inputs.signing-password != '' }} + run: | + export SIGNING_SECRET_KEY_RING_FILE="$(mktemp -d)/secring.gpg" + echo '${{ inputs.signing-secret-key-ring }}' | base64 -d > $SIGNING_SECRET_KEY_RING_FILE + ./gradlew --info --stacktrace signSonatypePublication + shell: bash + working-directory: ${{ inputs.working-directory }} + env: + SIGNING_KEY_ID: ${{ inputs.signing-key-id }} + SIGNING_PASSWORD: ${{ inputs.signing-password }} + CI: true diff --git a/actions/java-gradle-test/README.md b/actions/java-gradle-test/README.md index 9e7b7f252..5e0cfe0be 100644 --- a/actions/java-gradle-test/README.md +++ b/actions/java-gradle-test/README.md @@ -4,22 +4,14 @@ This action runs Junit tests, publishes the test results and tests signing for S ## Input Parameters -If you do not set input parameters for publishing code quality test results on Sonarcloud or for testing the signing for -Sonatype, then these steps are skipped. - -| Name | Required | Default Value | Type | Description | -| ----------------------- | :------: | :-----------: | :-----: | ------------------------------------------------------------------------------------------------------------- | -| sonar-token | ❌ | - | string | Token for Sonarcloud | -| sonar-organization | ❌ | - | string | Organization for Sonarcloud | -| signing-secret-key-ring | ❌ | - | string | Key ring (base64 encoded) for signing the Sonatype publication | -| signing-key-id | ❌ | - | string | Key id for signing the Sonatype publication | -| signing-password | ❌ | - | string | Password for signing the Sonatype publication | -| java-distribution | ❌ | microsoft | string | [Java distribution](https://github.com/actions/setup-java#supported-distributions) to be installed | -| java-version | ❌ | 11 | string | Java version to be installed | -| gradle-version | ❌ | wrapper | string | [Gradle version](https://github.com/gradle/gradle-build-action#use-a-specific-gradle-version) to be installed | -| gradle-cache | ❌ | true | boolean | Whether Gradle caching is enabled or not | -| working-directory | ❌ | "." | string | Working directory of your Gradle artifacts | -| download-lfs-files | ❌ | false | boolean | Whether the Git checkout action should resolve LFS files or not | +| Name | Required | Default Value | Type | Description | +| ------------------ | :------: | :-----------: | :-----: | ------------------------------------------------------------------------------------------------------------- | +| download-lfs-files | ❌ | false | boolean | Whether the Git checkout action should resolve LFS files or not | +| java-distribution | ❌ | microsoft | string | [Java distribution](https://github.com/actions/setup-java#supported-distributions) to be installed | +| java-version | ❌ | 11 | string | Java version to be installed | +| gradle-cache | ❌ | true | boolean | Whether Gradle caching is enabled or not | +| gradle-version | ❌ | wrapper | string | [Gradle version](https://github.com/gradle/gradle-build-action#use-a-specific-gradle-version) to be installed | +| working-directory | ❌ | "." | string | Working directory of your Gradle artifacts | ## Usage @@ -28,11 +20,6 @@ steps: - name: Test uses: bakdata/ci-templates/actions/java-gradle-test@main with: - sonar-token: ${{ secrets.sonar-token }} # (Optional) If not set, code quality tests are skipped - sonar-organization: ${{ secrets.sonar-organization }} # (Optional) If not set, code quality tests are skipped - signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }} # (Optional) If not set, signing for Sonatype is not tested - signing-key-id: ${{ secrets.signing-key-id }} # (Optional) If not set, signing for Sonatype is not tested - signing-password: ${{ secrets.signing-password }} # (Optional) If not set, signing for Sonatype is not tested java-distribution: "microsoft" # (Optional) java-version: "11" # (Optional) gradle-version: "wrapper" # (Optional) diff --git a/actions/java-gradle-test/action.yaml b/actions/java-gradle-test/action.yaml index b3aae9ee6..375d7064e 100644 --- a/actions/java-gradle-test/action.yaml +++ b/actions/java-gradle-test/action.yaml @@ -1,22 +1,19 @@ name: "Test Java artiacts" -description: "Run Junit test, publish test results and optionally test signing for Sonatype" +description: "Run Junit test and publish test results" inputs: - sonar-token: - description: "Token for Sonarcloud." - required: false - sonar-organization: - description: "Organization for Sonarcloud." - required: false - signing-secret-key-ring: - description: "Key ring (base64 encoded) for signing the Sonatype publication." + download-lfs-files: + description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)" required: false - signing-key-id: - description: "Key id for signing the Sonatype publication." + default: false + gradle-cache: + description: "Whether Gradle caching is enabled or not. (Default is true)" required: false - signing-password: - description: "Password for signing the Sonatype publication." + default: true + gradle-version: + description: "Gradle version to be installed. (Default is wrapper)" required: false + default: "wrapper" java-distribution: description: "Java distribution to be installed. (Default is microsoft)" required: false @@ -25,22 +22,10 @@ inputs: description: "Java version to be installed. (Default is 11)" required: false default: "11" - gradle-version: - description: "Gradle version to be installed. (Default is wrapper)" - required: false - default: "wrapper" - gradle-cache: - description: "Whether Gradle caching is enabled or not. (Default is true)" - required: false - default: "true" working-directory: description: "Working directory of your Gradle artifacts. (Default is .)" required: false default: "." - download-lfs-files: - description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)" - required: false - default: "false" runs: using: "composite" @@ -69,25 +54,3 @@ runs: if: always() # always run even if the previous step fails with: report_paths: "**/build/test-results/test/TEST-*.xml" - - # sonar.branch.autoconfig.disabled is necessary for autocreation of projects on Sonarcloud to work - - name: Assess code quality - if: ${{ inputs.sonar-token != '' && inputs.sonar-organization != '' }} - run: ./gradlew -Dsonar.branch.autoconfig.disabled=true -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=${{ inputs.sonar-organization }} --info --stacktrace sonarqube - shell: bash - working-directory: ${{ inputs.working-directory }} - env: - SONAR_TOKEN: ${{ inputs.sonar-token }} - - - name: Check if everything builds (incl. javadoc) for snapshot/release and signing works - if: ${{ inputs.signing-secret-key-ring != '' && inputs.signing-key-id != '' && inputs.signing-password != '' }} - run: | - export SIGNING_SECRET_KEY_RING_FILE="$(mktemp -d)/secring.gpg" - echo '${{ inputs.signing-secret-key-ring }}' | base64 -d > $SIGNING_SECRET_KEY_RING_FILE - ./gradlew --info --stacktrace signSonatypePublication - shell: bash - working-directory: ${{ inputs.working-directory }} - env: - SIGNING_KEY_ID: ${{ inputs.signing-key-id }} - SIGNING_PASSWORD: ${{ inputs.signing-password }} - CI: "true"