GH Actions CI reporting #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-License-Identifier: Apache-2.0 | |
# Copyright Red Hat Inc. and Hibernate Authors | |
name: GH Actions CI reporting | |
on: | |
workflow_run: | |
workflows: [ "GH Actions CI" ] | |
types: [ completed ] | |
defaults: | |
run: | |
shell: bash | |
env: | |
MAVEN_ARGS: "-e -B --settings .github/mvn-settings.xml --fail-at-end -Pci-build --no-transfer-progress" | |
jobs: | |
publish-build-scans: | |
name: Publish Develocity build scans | |
if: github.repository == 'hibernate/hibernate-validator' && github.event.workflow_run.conclusion != 'cancelled' | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout target branch which has trusted code | |
- name: Check out target branch | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
ref: ${{ github.ref }} | |
- name: Set up Java 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: temurin | |
# https://github.com/actions/cache/blob/main/examples.md#java---maven | |
- name: Cache local Maven repository | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
# use a different key than workflows running untrusted code | |
key: trusted-${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
trusted-${{ runner.os }}-maven- | |
- name: Set up Maven | |
run: ./mvnw -v | |
- name: Download GitHub Actions artifacts for the Develocity build scans | |
id: downloadBuildScan | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: build-scan-data-* | |
github-token: ${{ github.token }} | |
repository: ${{ github.repository }} | |
run-id: ${{ github.event.workflow_run.id }} | |
path: /tmp/downloaded-build-scan-data/ | |
# Don't fail the build if there are no matching artifacts | |
continue-on-error: true | |
- name: Publish Develocity build scans for previous builds | |
if: ${{ steps.downloadBuildScan.outcome != 'failure'}} | |
run: | | |
shopt -s nullglob # Don't run the loop below if there are no artifacts | |
status=0 | |
mkdir -p ~/.m2/.develocity/ | |
for build_scan_data_directory in /tmp/downloaded-build-scan-data/* | |
do | |
rm -rf ~/.m2/.develocity/build-scan-data | |
mv "$build_scan_data_directory" ~/.m2/.develocity/build-scan-data \ | |
&& ./mvnw $MAVEN_ARGS develocity:build-scan-publish-previous || status=1 | |
done | |
exit $status | |
env: | |
DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY_PR }} |