Skip to content

fix(deps): bump com.guardsquare:proguard-core from 9.0.10 to 9.1.0 #524

fix(deps): bump com.guardsquare:proguard-core from 9.0.10 to 9.1.0

fix(deps): bump com.guardsquare:proguard-core from 9.0.10 to 9.1.0 #524

Workflow file for this run

# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
# SPDX-License-Identifier: Apache-2.0
#
# Author: Sebastian Thomschke, Vegard IT GmbH
#
# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions
name: Build
on:
push:
branches:
- '**'
tags-ignore:
- '**'
paths-ignore:
- '**/*.adoc'
- '**/*.md'
- '.github/*.yml'
pull_request:
workflow_dispatch:
# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/
inputs:
additional_maven_args:
description: 'Additional Maven Args'
required: false
default: ''
defaults:
run:
shell: bash
env:
# don't upgrade to 22.1.0.1 which breaks Windows builds https://github.com/oracle/graal/issues/4340
GRAALVM_VERSION: 21.3.3.1 # https://github.com/graalvm/graalvm-ce-builds/releases
JAVA_VERSION: 17
RELEASE_NAME: "snapshot"
jobs:
###########################################################
maven-build:
###########################################################
runs-on: ubuntu-latest
steps:
- name: Git Checkout
uses: actions/checkout@v4 #https://github.com/actions/checkout
- name: Set up JDK ${{ env.JAVA_VERSION }}
uses: actions/setup-java@v3 #https://github.com/actions/setup-java
with:
distribution: temurin
java-version: ${{ env.JAVA_VERSION }}
- name: "Cache: Local Maven Repository"
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-mvnrepo-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-mvnrepo-
- name: "Cache: Maven Binaries"
uses: actions/cache@v3
with:
path: |
~/.m2/bin
key: ${{ runner.os }}-mvnbin-${{ hashFiles('.ci/build.sh') }}
- name: Test with Maven
id: maven-test
if: ${{ github.ref_name != 'main' || env.ACT }}
env:
GITHUB_USER: ${{ github.actor }}
GITHUB_API_KEY: ${{ github.token }}
MAY_CREATE_RELEASE: false
run: |
bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}
- name: Build with Maven
id: maven-build
if: ${{ github.ref_name == 'main' && !env.ACT }}
env:
GITHUB_USER: ${{ github.actor }}
GITHUB_API_KEY: ${{ secrets.GH_API_TOKEN }}
MAY_CREATE_RELEASE: true
run: |
set -eu
# https://gh.neting.ccmunity/t/github-actions-bot-email-address/17204
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}
- name: Test minimized fat jar
run: |
set -ex
mv target/copycat-*-fat-minimized.jar target/copycat-fat.jar
java -jar target/copycat-fat.jar --help
java -jar target/copycat-fat.jar -V
java -jar target/copycat-fat.jar sync target/classes target/classes.copy -v
- name: "Share: maven-build-artifacts"
uses: actions/upload-artifact@v3
with:
name: maven-build-artifacts
path: |
target/copycat-fat.jar
target/picocli-reflections.json
target/bash/bashcompletion.sh
###########################################################
native-image:
###########################################################
runs-on: ${{ matrix.os }}
needs: [maven-build]
strategy:
fail-fast: false
matrix:
include:
- arch: "linux-amd64"
os: "ubuntu-latest"
graal_install_root: "/opt/graalvm"
- arch: "linux-arm64"
os: "ubuntu-latest"
graal_install_root: "/opt/graalvm"
- arch: "darwin-amd64"
os: "macos-latest"
graal_install_root: "graalvm"
- arch: "windows-amd64"
os: "windows-latest"
graal_install_root: "graalvm"
env:
# https://www.graalvm.org/21.3/reference-manual/native-image/Options/
# -H:NativeLinkerOption=-no-pie -> do not to generate Position Independent Executables (PIE)
NATIVE_IMAGE_ARGS:
-H:NativeLinkerOption=-no-pie
-H:ReflectionConfigurationFiles=picocli-reflections.json
-H:Log=registerResource:3
-H:+ReportExceptionStackTraces
-H:+RemoveUnusedSymbols
-H:ExcludeResources=com/sun/.*.properties
--exclude-config copycat-fat.jar META-INF/native-image/net.sf.jstuff/.*.json
--exclude-config copycat-fat.jar META-INF/native-image/jansi/.*.json
--allow-incomplete-classpath
--no-fallback
--no-server
--verbose
-Dfile.encoding=UTF-8
--class-path native-image-metadata
--class-path copycat-fat.jar
com.vegardit.copycat.CopyCatMain
copycat-${{ matrix.arch }}
steps:
- name: "Cache: GraalVM binaries"
uses: actions/cache@v3
with:
path: |
${{ matrix.graal_install_root }}
key: ${{ matrix.arch }}-graalvm-${{ env.GRAALVM_VERSION }}-java-${{ env.JAVA_VERSION }}
- name: "Create arm64 container"
if: matrix.arch == 'linux-arm64'
run: |
sudo apt-get update -y
sudo apt-get install --no-install-recommends -y qemu-user-static
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker container create --name arm64 --tty \
-v /opt:/opt:rw \
-v $PWD:/workspace:rw \
arm64v8/ubuntu:22.04
docker container start arm64
docker exec --tty arm64 apt-get update -y
docker exec --tty arm64 apt-get install -y curl sudo
- name: "Install: GraalVM"
run: |
set -eu
case "${{ matrix.arch }}" in
linux-amd64)
sudo apt-get install --no-install-recommends -y gcc g++ libz-dev
GRAAL_VM_HOME=${{ matrix.graal_install_root }}
if [ ! -e $GRAAL_VM_HOME/bin/native-image ]; then
rm -rf $GRAAL_VM_HOME
mkdir -p $GRAAL_VM_HOME
curl -fL "https://github.com/graalvm/graalvm-ce-builds/releases/download/vm-${{ env.GRAALVM_VERSION }}/graalvm-ce-java${{ env.JAVA_VERSION}}-linux-amd64-${{ env.GRAALVM_VERSION }}.tar.gz" \
| tar zxv -C $GRAAL_VM_HOME --strip-components=1 \
--exclude=*/bin/jvisualvm \
--exclude=*/lib/src.zip \
--exclude=*/lib/visualvm
$GRAAL_VM_HOME/bin/gu install native-image
fi
$GRAAL_VM_HOME/bin/native-image --version
echo "JAVA_HOME=$GRAAL_VM_HOME" >> $GITHUB_ENV
echo "$GRAAL_VM_HOME/bin" >> $GITHUB_PATH
;;
linux-arm64)
cat <<EOF > install_graalvm.sh
set -eu
sudo apt-get install --no-install-recommends -y gcc g++ libz-dev
GRAAL_VM_HOME=${{ matrix.graal_install_root }}
if [ ! -e \$GRAAL_VM_HOME/bin/native-image ]; then
rm -rf \$GRAAL_VM_HOME
mkdir -p \$GRAAL_VM_HOME
curl -fL "https://github.com/graalvm/graalvm-ce-builds/releases/download/vm-${{ env.GRAALVM_VERSION }}/graalvm-ce-java${{ env.JAVA_VERSION }}-linux-aarch64-${{ env.GRAALVM_VERSION }}.tar.gz" \
| tar zxv -C \$GRAAL_VM_HOME --strip-components=1 \
--exclude=*/bin/jvisualvm \
--exclude=*/lib/src.zip \
--exclude=*/lib/visualvm
\$GRAAL_VM_HOME/bin/gu install native-image
fi
\$GRAAL_VM_HOME/bin/native-image --version
EOF
docker exec --tty -w /workspace arm64 /bin/bash ./install_graalvm.sh
;;
darwin-amd64)
GRAAL_VM_HOME=${{ matrix.graal_install_root }}/Contents/Home
if [ ! -e $GRAAL_VM_HOME/bin/native-image ]; then
rm -rf ${{ matrix.graal_install_root }}
mkdir ${{ matrix.graal_install_root }}
curl -fL "https://github.com/graalvm/graalvm-ce-builds/releases/download/vm-${{ env.GRAALVM_VERSION }}/graalvm-ce-java${{ env.JAVA_VERSION }}-darwin-amd64-${{ env.GRAALVM_VERSION }}.tar.gz" \
| tar zxv -C graalvm --strip-components=1 \
--exclude=*/bin/jvisualvm \
--exclude=*/lib/src.zip \
--exclude=*/lib/visualvm
$GRAAL_VM_HOME/bin/gu install native-image
fi
$GRAAL_VM_HOME/bin/native-image --version
echo "JAVA_HOME=$GRAAL_VM_HOME" >> $GITHUB_ENV
echo "$GRAAL_VM_HOME/bin" >> $GITHUB_PATH
;;
windows-amd64)
GRAAL_VM_HOME=${{ matrix.graal_install_root }}
if [ ! -e $GRAAL_VM_HOME/bin/native-image ]; then
rm -rf $GRAAL_VM_HOME
echo "Downloading GraalVM..."
curl -fL -o graalvm.zip https://github.com/graalvm/graalvm-ce-builds/releases/download/vm-${{ env.GRAALVM_VERSION }}/graalvm-ce-java${{ env.JAVA_VERSION }}-windows-amd64-${{ env.GRAALVM_VERSION }}.zip
echo "Extracting GraalVM..."
7z x graalvm.zip
mv graalvm-ce-* $GRAAL_VM_HOME
$GRAAL_VM_HOME/bin/gu.cmd install native-image
fi
$GRAAL_VM_HOME/bin/native-image.cmd --version
echo "JAVA_HOME=$(cygpath -wa $GRAAL_VM_HOME)" >> $GITHUB_ENV
echo "$(cygpath -wa $GRAAL_VM_HOME/bin)" >> $GITHUB_PATH
;;
esac
- name: "Install: binutils (strip)"
run: |
case "${{ matrix.arch }}" in
linux-amd64)
sudo apt-get --no-install-recommends install -y binutils
;;
linux-arm64)
docker exec --tty arm64 \
sudo apt-get --no-install-recommends install -y binutils
;;
esac
- name: "Install: UPX"
run: |
case "${{ matrix.arch }}" in
linux-amd64)
mkdir /opt/upx
upx_download_url=$(curl -fsSL -H "Authorization: token ${{ github.token }}" https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep amd64_linux.tar.xz | cut "-d\"" -f4)
echo "Downloading [$upx_download_url]..."
curl -fL $upx_download_url | tar Jxv -C /opt/upx --strip-components=1
;;
linux-arm64)
mkdir /opt/upx
upx_download_url=$(curl -fsSL -H "Authorization: token ${{ github.token }}" https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep arm64_linux.tar.xz | cut "-d\"" -f4)
echo "Downloading [$upx_download_url]..."
curl -fL $upx_download_url | tar Jxv -C /opt/upx --strip-components=1
;;
darwin-amd64)
brew install upx
;;
windows-amd64)
# first choco install in a build takes 3+ minutes
# choco install -y upx
upx_download_url=$(curl -fsSL -H "Authorization: token ${{ github.token }}" https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep win64.zip | cut "-d\"" -f4)
echo "Downloading [$upx_download_url]..."
curl -fL -o /tmp/upx.zip $upx_download_url
echo "Extracting upx.zip..."
mkdir /tmp/upx
7z e /tmp/upx.zip -o/tmp/upx *.exe -r
echo "$(cygpath -wa /tmp/upx)" >> $GITHUB_PATH
;;
esac
- name: "Get: maven-build-artifacts"
uses: actions/download-artifact@v3
with:
name: maven-build-artifacts
- name: Enable Developer Command Prompt
if: matrix.arch == 'windows-amd64'
# makes cl.exe available on PATH
# https://github.com/marketplace/actions/enable-developer-command-prompt
uses: ilammy/msvc-dev-cmd@v1
- name: "Collect metadata"
run: |
set -eu
# https://www.graalvm.org/22.3/reference-manual/native-image/metadata/AutomaticMetadataCollection/#tracing-agent
cat <<'EOF' > collect_metadata.sh
set -eu
rm -rf native-image-metadata
function traceCall() {
echo "Tracing copycat ${@}..."
java -agentlib:native-image-agent=config-merge-dir=native-image-metadata/META-INF/native-image/ -jar copycat-fat.jar ${@} >/dev/null
}
rm -rf workdir
mkdir -p workdir/source/dir1
touch workdir/source/dir1/file1
traceCall sync workdir/source workdir/target
traceCall --help
traceCall --help
traceCall --version
traceCall sync --help
traceCall watch --help
EOF
case "${{ matrix.arch }}" in
linux-arm64)
docker exec --tty -w /workspace arm64 /bin/bash -c "
export JAVA_HOME=${{ matrix.graal_install_root }}
export PATH=${{ matrix.graal_install_root }}/bin:\$PATH
bash collect_metadata.sh
"
;;
*)
bash collect_metadata.sh
;;
esac
- name: "Build executable"
run: |
case "${{ matrix.arch }}" in
linux-amd64)
/usr/bin/gcc -v
native-image \
-H:+StaticExecutableWithDynamicLibC `# https://www.graalvm.org/21.3/reference-manual/native-image/StaticImages/#build-mostly-static-native-image` \
--report-unsupported-elements-at-runtime `# avoid: Unsupported type sun.awt.X11.XBaseWindow is reachable` \
${{ env.NATIVE_IMAGE_ARGS }}
;;
linux-arm64)
docker exec --tty -w /workspace arm64 /bin/bash -c "
export JAVA_HOME=${{ matrix.graal_install_root }}
export PATH=${{ matrix.graal_install_root }}/bin:\$PATH
/usr/bin/gcc -v
native-image \
-H:+StaticExecutableWithDynamicLibC `# https://www.graalvm.org/21.3/reference-manual/native-image/StaticImages/#build-mostly-static-native-image` \
--report-unsupported-elements-at-runtime `# avoid: Unsupported type sun.awt.X11.XBaseWindow is reachable` \
-Djdk.lang.Process.launchMechanism=vfork `# https://github.com/oracle/graal/issues/4143`\
-H:-CheckToolchain `#https://github.com/oracle/graal/issues/4143`\
${{ env.NATIVE_IMAGE_ARGS }}
"
;;
darwin-amd64)
# not using "--static" because of error: DARWIN does not support building static executable images.
native-image ${{ env.NATIVE_IMAGE_ARGS }}
;;
windows-amd64)
# https://www.graalvm.org/21.3/reference-manual/native-image/StaticImages/
native-image.cmd --static ${{ env.NATIVE_IMAGE_ARGS }}
;;
esac
- name: "Test executable"
run: |
case "${{ matrix.arch }}" in
linux-arm64)
docker exec --tty -w /workspace arm64 /bin/bash -c "
chmod u+x copycat-${{ matrix.arch }} &&
./copycat-${{ matrix.arch }} --version &&
./copycat-${{ matrix.arch }} --help &&
./copycat-${{ matrix.arch }} sync --help &&
./copycat-${{ matrix.arch }} watch --help
"
;;
*)
chmod u+x copycat-${{ matrix.arch }}
./copycat-${{ matrix.arch }} --version
./copycat-${{ matrix.arch }} --help
./copycat-${{ matrix.arch }} sync --help
./copycat-${{ matrix.arch }} --help
;;
esac
- name: "Compress executable"
run: |
set -eu
case "${{ matrix.arch }}" in
linux-amd64)
strip --strip-unneeded copycat-${{ matrix.arch }}
/opt/upx/upx -v -9 --no-progress copycat-${{ matrix.arch }}
;;
linux-arm64)
docker exec --tty -w /workspace arm64 /bin/bash -c "
strip --strip-unneeded copycat-${{ matrix.arch }} &&
/opt/upx/upx -v -9 --no-progress copycat-${{ matrix.arch }}
"
;;
darwin-amd64)
# https://www.unix.com/man-page/osx/1/strip/
strip copycat-${{ matrix.arch }}
upx -v -9 --no-progress copycat-${{ matrix.arch }}
;;
windows-amd64)
cp copycat-${{ matrix.arch }}.exe copycat-${{ matrix.arch }}-uncompressed.exe
upx -v -9 --no-progress copycat-${{ matrix.arch }}.exe
;;
esac
- name: "Test compressed executable"
run: |
case "${{ matrix.arch }}" in
linux-arm64)
docker exec --tty -w /workspace arm64 /bin/bash -c "
chmod u+x copycat-${{ matrix.arch }} &&
./copycat-${{ matrix.arch }} --version &&
./copycat-${{ matrix.arch }} --help &&
./copycat-${{ matrix.arch }} sync --help &&
./copycat-${{ matrix.arch }} watch --help
"
;;
*)
chmod u+x copycat-${{ matrix.arch }}
./copycat-${{ matrix.arch }} --version
./copycat-${{ matrix.arch }} --help
./copycat-${{ matrix.arch }} sync --help
./copycat-${{ matrix.arch }} --help
;;
esac
- name: "Share: native binary"
uses: actions/upload-artifact@v3
if: matrix.arch != 'windows-amd64'
with:
path: copycat-${{ matrix.arch }}
- name: "Share: native binary"
uses: actions/upload-artifact@v3
if: matrix.arch == 'windows-amd64'
with:
path: |
copycat-${{ matrix.arch }}.exe
copycat-${{ matrix.arch }}-uncompressed.exe
###########################################################
publish-release:
###########################################################
runs-on: ubuntu-latest
needs:
- native-image
if: ${{ github.ref_name == 'main' && !github.event.act }}
steps:
- name: "SCM Checkout"
# only required by "hub release create" to prevent "fatal: Not a git repository"
uses: actions/checkout@v4 #https://github.com/actions/checkout
- name: "Get: all build artifacts"
uses: actions/download-artifact@v3
- name: "Delete previous '${{ env.RELEASE_NAME }}' release"
if: env.RELEASE_NAME == 'snapshot'
run: |
set -eu
creds="${{ secrets.GH_API_TOKEN }}:x-oauth-basic"
api_base_url="$GITHUB_API_URL/repos/$GITHUB_REPOSITORY"
# delete github release
release_id=$(curl -fsL $creds https://api.github.com/repos/vegardit/copycat/releases | jq -r '.[] | select(.name == "${{ env.RELEASE_NAME }}") | .id')
if [[ -n $release_id ]]; then
echo "Deleting release [$api_base_url/releases/$release_id]..."
curl -u $creds -fsSL -X DELETE "$api_base_url/releases/$release_id"
fi
# delete git tag
tag_url="$api_base_url/git/refs/tags/${{ env.RELEASE_NAME }}"
if curl -u $creds -fsLo /dev/null --head "$tag_url"; then
echo "Deleting tag [$tag_url]..."
curl -u $creds -fsSL -u $creds -X DELETE "$tag_url"
fi
- name: "Create '${{ env.RELEASE_NAME }}' Release"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -eu
# https://hub.github.com/hub-release.1.html
hub release create \
--message "${{ env.RELEASE_NAME }}" "${{ env.RELEASE_NAME }}" \
--attach "maven-build-artifacts/copycat-fat.jar#copycat-${{ env.RELEASE_NAME }}-fat.jar" \
--attach "maven-build-artifacts/bash/bashcompletion.sh#copycat-${{ env.RELEASE_NAME }}-bashcompletion.sh" \
--attach "artifact/copycat-linux-amd64#copycat-${{ env.RELEASE_NAME }}-linux-amd64" \
--attach "artifact/copycat-linux-arm64#copycat-${{ env.RELEASE_NAME }}-linux-arm64" \
--attach "artifact/copycat-darwin-amd64#copycat-${{ env.RELEASE_NAME }}-darwin-amd64" \
--attach "artifact/copycat-windows-amd64.exe#copycat-${{ env.RELEASE_NAME }}-windows-amd64.exe" \
--attach "artifact/copycat-windows-amd64-uncompressed.exe#copycat-${{ env.RELEASE_NAME }}-windows-amd64-uncompressed.exe" \
--prerelease
- name: "Delete intermediate build artifacts"
uses: geekyeggo/delete-artifact@v2 # https://github.com/GeekyEggo/delete-artifact/
with:
name: "*"
failOnError: false