AJ-1094: Initial Project Setup and Hello World CLI #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Test | |
on: | |
push: | |
branches: [ main ] | |
paths-ignore: [ '*.md' ] | |
pull_request: | |
branches: [ '**' ] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- name: Install black and link shellcheck into expected location | |
run: | | |
pip install black --force-reinstall black==22.3.0 | |
sudo ln -s $(which shellcheck) /usr/local/bin/shellcheck | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: 'gradle' | |
- name: Build all projects without running tests | |
run: ./gradlew --build-cache build -x test | |
- name: Upload spotbugs results | |
uses: github/codeql-action/upload-sarif@main | |
with: | |
sarif_file: lib/build/reports/spotbugs/main.sarif | |
jib: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: 'gradle' | |
- name: Construct docker image name and tag | |
id: image-name | |
run: | | |
GITHUB_REPO=$(basename ${{ github.repository }}) | |
GIT_SHORT_HASH=$(git rev-parse --short HEAD) | |
echo "name=${GITHUB_REPO}:${GIT_SHORT_HASH}" >> $GITHUB_OUTPUT | |
- name: Build image locally with jib | |
run: | | |
./gradlew --build-cache :service:jibDockerBuild \ | |
--image=${{ steps.image-name.outputs.name }} \ | |
-Djib.console=plain | |
dispatch-trivy: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' | |
steps: | |
- name: Fire off Trivy action | |
uses: broadinstitute/workflow-dispatch@v1 | |
with: | |
workflow: Trivy | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
ref: ${{ github.event.pull_request.head.ref }} | |
source-clear: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: 'gradle' | |
- name: SourceClear scan | |
env: | |
SRCCLR_API_TOKEN: ${{ secrets.SRCCLR_API_TOKEN }} | |
run: ./gradlew --build-cache srcclr | |
unit-tests-and-sonarqube: | |
needs: [ build ] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
# Needed by sonar to get the git history for the branch the PR will be merged into. | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: 'gradle' | |
notify-slack: | |
needs: [ build, unit-tests-and-sonarqube, source-clear ] | |
runs-on: ubuntu-latest | |
if: failure() && github.ref == 'refs/heads/main' | |
steps: | |
- name: Notify slack on failure | |
uses: broadinstitute/action-slack@v3.8.0 | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#dsp-analysis-journeys-alerts' | |
status: failure | |
author_name: Build on dev | |
fields: job,message | |
text: 'Build failed :sadpanda:' | |
username: 'Java-PFB GitHub Action' | |
dispatch-tag: | |
needs: [ build, unit-tests-and-sonarqube, source-clear ] | |
runs-on: ubuntu-latest | |
if: success() && github.ref == 'refs/heads/main' | |
steps: | |
- name: Fire off tag action | |
uses: broadinstitute/workflow-dispatch@v1 | |
with: | |
workflow: Tag | |
token: ${{ secrets.BROADBOT_TOKEN }} |