Skip to content

Verify and Release

Verify and Release #5

name: Verify and Release
# trigger on push to branches and PR
on:
push:
branches:
- '**' # matches every branch
tags:
- 'v[0-9]+'
- 'v[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-*'
pull_request:
env:
# restore to default url to download maven
MVNW_REPOURL: https://repo.maven.apache.org/maven2
jobs:
lint_shellcheck:
name: shellcheck
runs-on: ubuntu-latest
# execute on any push or pull request from forked repo
if: github.event_name == 'push' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork )
env:
SHELLCHECK_VERSION: '0.10.0'
steps:
- uses: actions/checkout@v4
- name: download shellcheck
run: |
curl --silent --fail --show-error --retry 2 --retry-delay 1 --connect-timeout 5 --location --url "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" -o shellcheck-v${SHELLCHECK_VERSION}.tar.xz
tar xvf "shellcheck-v${SHELLCHECK_VERSION}.tar.xz"
rm -f "shellcheck-v${SHELLCHECK_VERSION}.tar.xz"
chmod +x "$GITHUB_WORKSPACE/shellcheck-v${SHELLCHECK_VERSION}/shellcheck"
- name: check
run: |
echo "$GITHUB_WORKSPACE/shellcheck-v${SHELLCHECK_VERSION}" >> $GITHUB_PATH
shellcheck core/bin/hbox-* core/sbin/start-history-server.sh core/libexec/hbox-common-env.sh
find tests -name '*.sh' | xargs shellcheck
lint_maven:
name: lint pom.xml and maven plugins
runs-on: ubuntu-latest
# execute on any push or pull request from forked repo
if: github.event_name == 'push' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork )
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'temurin'
cache: maven
- name: Lint Maven Pom Format
run: ./mvnw -V -B -ntp -Dmirror.of.proxy= sortpom:verify -Dsort.verifyFail=STOP
- name: Lint Check Maven Plugins
run: ./mvnw -B -ntp -Dmirror.of.proxy= artifact:check-buildplan
verify:
name: 'Verify with JDK ${{ matrix.jdk }}'
strategy:
fail-fast: false
matrix:
jdk: [ 8, 11, 17 ]
runs-on: ubuntu-latest
# execute on any push or pull request from forked repo
if: github.event_name == 'push' || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork )
needs: [ lint_shellcheck, lint_maven ]
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: '${{ matrix.jdk }}'
distribution: 'temurin'
cache: maven
- name: Maven verify
run: ./mvnw -B -ntp -e -Dmirror.of.proxy= verify
reproducible:
name: 'Build and check reproducible'
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
needs: [ verify ]
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'temurin'
cache: maven
- name: Build reproducible artifacts
shell: bash
run: |
set -ux
./mvnw -B -ntp -e -Dmirror.of.proxy= install -Dmaven.test.skip=true -DskipTests -Dinvoker.skip -Dbuildinfo.detect.skip=false
./mvnw -B -ntp -e -Dmirror.of.proxy= clean
mkdir -p target
true artifact:compare should not contain warning or error
trap 'cat target/build.log' ERR
./mvnw -B -ntp -e -Dmirror.of.proxy= -l target/build.log package artifact:compare -Dmaven.test.skip=true -DskipTests -Dinvoker.skip -Dbuildinfo.detect.skip=false
test 0 = "$(sed -n '/^\\[INFO\\] --- maven-artifact-plugin:[^:][^:]*:compare/,/^\\[INFO\\] ---/ p' target/build.log | grep -c '^\\[\\(WARNING\\|ERROR\\)\\]')"
true all files should be ok
trap 'find . -name "*.buildcompare" -print0 | xargs -0 cat' ERR
find . -name '*.buildcompare' -print0 | xargs -0 grep -q '^ko=0$'
trap '' ERR
find . -name "*.buildcompare" -print0 | xargs -0 cat
- name: Store artifacts
uses: actions/upload-artifact@v4
with:
path: core/target/hbox-*-dist.tar.gz
retention-days: 7
create_a_draft_release:
name: Create a draft release
runs-on: ubuntu-latest
if: github.repository == 'Qihoo360/hbox' && startsWith(github.ref, 'refs/tags/v')
needs: [ reproducible ]
permissions:
contents: write
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
merge-multiple: true
path: core/target/
- name: Publish artifacts
uses: softprops/action-gh-release@v2
with:
draft: true
prerelease: ${{ contains(github.ref, '-alpha') || contains(github.ref, '-beta') || contains(github.ref, '-rc') }}
fail_on_unmatched_files: true
files: core/target/hbox-*-dist.tar.gz