Skip to content
CI

use release for m-compiler-p and m-javadoc-p #771

Sign in to view logs

use release for m-compiler-p and m-javadoc-p

use release for m-compiler-p and m-javadoc-p #771

Workflow file for this run

.github/workflows/ci.yml at ada6d0f
name: CI
on:
workflow_dispatch:
pull_request: # all pull requests
push:
branches:
- master
env:
MVN_CMD: ./mvnw --no-transfer-progress -B
jobs:
build:
strategy:
matrix:
java: [ '8', '11', '17', '21', '24' ]
distribution: [ 'zulu', 'temurin', 'corretto' ]
runs-on: 'ubuntu-latest'
name: jdk-${{ matrix.java }}-${{ matrix.distribution }}
steps:
- uses: actions/checkout@v4
- name: Set up JDK ${{ matrix.java }}-${{ matrix.distribution }}
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: 'maven'
check-latest: true
- name: Install softhsm2
run: sudo apt-get install -y softhsm2
- name: Install opensc
run: sudo apt-get install -y opensc
- name: Ensure SoftHSM user configuration
run: impl/src/test/scripts/softhsm configure
- name: Populate SoftHSM with JJWT test keys
run: impl/src/test/scripts/softhsm import
- name: Build
# run a full build, just as we would for a release (i.e. the `ossrh` profile), but don't use gpg
# to sign artifacts, since we don't want to mess with storing signing credentials in CI:
run: ${{env.MVN_CMD}} verify -Possrh -Dgpg.skip=true
# ensure all of our files have the correct/updated license header
license-check:
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # avoid license plugin history warnings (plus it needs full history)
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '8'
cache: 'maven'
check-latest: true
- name: License Check
# This adds about 1 minute to any build, which is why we don't want to do it on every other build:
run: |
${{env.MVN_CMD}} license:check
code-coverage:
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '8'
cache: 'maven'
check-latest: true
- name: Install softhsm2
run: sudo apt-get install -y softhsm2
- name: Install opensc
run: sudo apt-get install -y opensc
- name: Ensure SoftHSM user configuration
run: impl/src/test/scripts/softhsm configure
- name: Populate SoftHSM with JJWT test keys
run: impl/src/test/scripts/softhsm import
- name: Wait to start
# wait a little to start: SoftHSM install and code coverage usually takes 3 1/2 minutes, and we don't want
# it fail before other jobs; we want to see if jobs fail due to build issues, not just due to the code-coverage
# job causing the others to cancel).
#
# We choose a sleep/delay approach here instead of using the GitHub Actions `needs` attribute
# because `needs` requires its dependency to fully finish before starting this one, and doing so
# would double the overall build time. Instead we want to run this concurrently with the other builds for
# speed. The sleep should allow this to finish around the same time, or just slightly after, all the other
# jobs.
run: sleep 10s
shell: bash
- name: Code Coverage
# run a full build, just as we would for a release (i.e. the `ossrh` profile), but don't use gpg
# to sign artifacts, since we don't want to mess with storing signing credentials in CI:
run: |
${{env.MVN_CMD}} clover:setup test && \
${{env.MVN_CMD}} -pl . clover:clover clover:check coveralls:report \
-DrepoToken="${{ secrets.GITHUB_TOKEN }}" \
-DserviceName=github \
-DserviceBuildNumber="${{ env.GITHUB_RUN_ID }}"