chore(deps): update dependency centralized-templates to v21.6.3 #263
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # THIS CODE WAS AUTOGENERATED. DO NOT MODIFY THIS FILE DIRECTLY | |
| # THE SOURCE CODE LIVES IN A DIFFERENT REPOSITORY: | |
| # - centralized-templates | |
| # FILE STEWARD: @pleo-io/devx | |
| name: Build & Test Kotlin | |
| on: push | |
| concurrency: | |
| group: ci-${{ github.workflow }}-${{ github.ref }} | |
| # Only cancel previous runs unless on 'defaultBranch' (which is set in template configuration). | |
| # defaultBranch is set to: 'main'. | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| jobs: | |
| only-config-changed: | |
| name: Configuration change validation | |
| timeout-minutes: 5 | |
| runs-on: ubuntu-latest | |
| outputs: | |
| result: ${{ steps.only-config-changed.outputs.only_configuration_files_have_changed }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: ${{ (github.event.repository.default_branch == github.ref_name && 2) || 0 }} | |
| ref: ${{ github.event.repository.default_branch }} | |
| - name: Validate that only configuration files have been changed | |
| shell: python | |
| id: only-config-changed | |
| env: | |
| CONFIG_DIRECTORIES: '["k8s/product-staging", "k8s/product-dev", "k8s/product-production"]' | |
| run: | | |
| import os | |
| import json | |
| import subprocess | |
| cmd_str="" | |
| if "${{ github.event.repository.default_branch }}" == "${{ github.ref_name }}": | |
| # This means we are in the default branch, we want the directories that changed since the previous commit | |
| cmd_str="git diff --name-only HEAD^ HEAD | xargs dirname" | |
| else: | |
| # We're in a PR, we want the directories changed from the PR branch | |
| cmd_str="git diff --name-only origin/${{ github.ref_name }} | xargs dirname" | |
| diff=subprocess.run(cmd_str, capture_output=True, shell=True).stdout.decode('utf-8') | |
| changed_files = str(diff).splitlines() | |
| sanitized_changed_files = set(filter(None, changed_files)) | |
| print("Changed files: ", sanitized_changed_files) | |
| config_directories = set(json.loads(os.getenv('CONFIG_DIRECTORIES'))) | |
| print("Config directories: ", config_directories) | |
| only_configuration_files_have_changed = str(sanitized_changed_files.issubset(config_directories)).lower() | |
| print(only_configuration_files_have_changed) | |
| with open(os.environ['GITHUB_OUTPUT'], 'a') as fh: | |
| print(f'only_configuration_files_have_changed={only_configuration_files_have_changed}', file=fh) | |
| build: | |
| name: Build & Test | |
| if: ${{ needs.only-config-changed.outputs.result == 'false' }} | |
| needs: only-config-changed | |
| runs-on: ubuntu-latest-8-cores | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/[email protected] | |
| # Login to AWS for fetching CI/CD cache. | |
| - name: Configure AWS credentials | |
| if: ${{ github.event.repository.visibility != 'public' }} | |
| uses: aws-actions/[email protected] | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CICD_S3_CACHE }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CICD_S3_CACHE }} | |
| aws-region: eu-west-1 | |
| # Check whether the current code has already been run in CI/CD. | |
| - name: Check CI/CD cache | |
| if: ${{ github.event.repository.visibility != 'public' }} | |
| uses: pleo-io/[email protected] | |
| id: s3-cache | |
| with: | |
| bucket-name: pleo-cicd-s3-cache | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CICD_S3_CACHE }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CICD_S3_CACHE }} | |
| aws-region: eu-west-1 | |
| # Set up a JDK environment for building, testing and releasing. | |
| - name: Set up JDK 17 | |
| uses: actions/[email protected] | |
| with: | |
| java-version: 17.0.4 | |
| distribution: temurin | |
| # Allow caching Gradle executions to further speed up CI/CD steps invoking Gradle. | |
| - name: Setup Gradle | |
| uses: gradle/[email protected] | |
| with: | |
| gradle-executable: ./gradlew | |
| gradle-version: wrapper | |
| cache-read-only: true | |
| # Check whether the project builds. | |
| - name: Gradle Build | |
| run: ./gradlew build -x test | |
| env: | |
| GRADLE_USER: ${{ secrets.GITHUB_ACTOR }} | |
| GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }} | |
| - name: Run Unit Tests | |
| if: steps.s3-cache.outputs.processed != 'true' | |
| run: ./gradlew check | |
| env: | |
| GRADLE_USER: ${{ secrets.GITHUB_ACTOR }} | |
| GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }} | |
| - name: Publish Unit Tests report to GitHub | |
| if: steps.s3-cache.outputs.processed != 'true' | |
| uses: mikepenz/[email protected] | |
| with: | |
| check_name: Unit Tests report | |
| report_paths: "**/build/test-results/test/TEST-*.xml" | |
| - name: Generate aggregated code coverage report | |
| if: steps.s3-cache.outputs.processed != 'true' | |
| run: ./gradlew jacocoAggregateReport | |
| env: | |
| GRADLE_USER: ${{ secrets.GITHUB_ACTOR }} | |
| GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }} | |
| - name: Publish code coverage report to Coveralls | |
| if: steps.s3-cache.outputs.processed != 'true' | |
| continue-on-error: true | |
| env: | |
| COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }} | |
| run: ./gradlew :coverallsJacoco | |
| # Run Detekt | |
| - name: Run Detekt | |
| continue-on-error: true | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| run: ./gradlew detekt --stacktrace | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }} | |
| GRADLE_READ_KEY: ${{ secrets.GH_REGISTRY_GRADLE_TOKEN }} | |
| # Publish Detekt results to GitHub. | |
| - name: Publish Detekt SARIF report to GitHub | |
| continue-on-error: true | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: build/reports/detekt/detekt.sarif | |
| - name: Trigger release | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: peter-evans/repository-dispatch@v2 | |
| with: | |
| event-type: release |