.github/workflows/ci.yml

# This file was automatically generated by sbt-github-actions using the
# githubWorkflowGenerate task. You should add and commit this file to
# your git repository. It goes without saying that you shouldn't edit
# this file by hand! Instead, if you wish to make changes, you should
# change your sbt build configuration to revise the workflow description
# to meet your needs, then regenerate this file.

name: Continuous Integration

on:
  pull_request:
    branches: ['**', '!update/**', '!pr/**']
  push:
    branches: ['**', '!update/**', '!pr/**']
    tags: [v*]

env:
  PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
  SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
  SONATYPE_CREDENTIAL_HOST: ${{ secrets.SONATYPE_CREDENTIAL_HOST }}
  SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
  PGP_SECRET: ${{ secrets.PGP_SECRET }}
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

jobs:
  build:
    name: Build and Test
    strategy:
      matrix:
        os: [ubuntu-latest]
        scala: [2.11.12, 2.12.16, 2.13.7, 3.1.3]
        java: [temurin@8]
        ci: [ciNode, ciFirefox, ciChrome, ciJSDOMNodeJS]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout current branch (full)
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Download Java (temurin@8)
        id: download-java-temurin-8
        if: matrix.java == 'temurin@8'
        uses: typelevel/download-java@v2
        with:
          distribution: temurin
          java-version: 8

      - name: Setup Java (temurin@8)
        if: matrix.java == 'temurin@8'
        uses: actions/setup-java@v3
        with:
          distribution: jdkfile
          java-version: 8
          jdkFile: ${{ steps.download-java-temurin-8.outputs.jdkFile }}

      - name: Cache sbt
        uses: actions/cache@v3
        with:
          path: |
            ~/.sbt
            ~/.ivy2/cache
            ~/.coursier/cache/v1
            ~/.cache/coursier/v1
            ~/AppData/Local/Coursier/Cache/v1
            ~/Library/Caches/Coursier/v1
          key: ${{ runner.os }}-sbt-cache-v2-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}

      - name: Setup NodeJS v18 LTS
        if: matrix.ci == 'ciNode' || matrix.ci == 'ciJSDOMNodeJS'
        uses: actions/setup-node@v3
        with:
          node-version: 18
          cache: npm

      - name: Install jsdom
        if: matrix.ci == 'ciJSDOMNodeJS'
        run: npm install

      - name: Check that workflows are up to date
        run: sbt githubWorkflowCheck

      - run: sbt '++ ${{ matrix.scala }}' '${{ matrix.ci }}'

  publish:
    name: Publish Artifacts
    needs: [build]
    if: github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main')
    strategy:
      matrix:
        os: [ubuntu-latest]
        java: [temurin@8]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout current branch (full)
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Download Java (temurin@8)
        id: download-java-temurin-8
        if: matrix.java == 'temurin@8'
        uses: typelevel/download-java@v2
        with:
          distribution: temurin
          java-version: 8

      - name: Setup Java (temurin@8)
        if: matrix.java == 'temurin@8'
        uses: actions/setup-java@v3
        with:
          distribution: jdkfile
          java-version: 8
          jdkFile: ${{ steps.download-java-temurin-8.outputs.jdkFile }}

      - name: Cache sbt
        uses: actions/cache@v3
        with:
          path: |
            ~/.sbt
            ~/.ivy2/cache
            ~/.coursier/cache/v1
            ~/.cache/coursier/v1
            ~/AppData/Local/Coursier/Cache/v1
            ~/Library/Caches/Coursier/v1
          key: ${{ runner.os }}-sbt-cache-v2-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}

      - name: Import signing key
        if: env.PGP_SECRET != '' && env.PGP_PASSPHRASE == ''
        run: echo $PGP_SECRET | base64 -di | gpg --import

      - name: Import signing key and strip passphrase
        if: env.PGP_SECRET != '' && env.PGP_PASSPHRASE != ''
        run: |
          echo "$PGP_SECRET" | base64 -di > /tmp/signing-key.gpg
          echo "$PGP_PASSPHRASE" | gpg --pinentry-mode loopback --passphrase-fd 0 --import /tmp/signing-key.gpg
          (echo "$PGP_PASSPHRASE"; echo; echo) | gpg --command-fd 0 --pinentry-mode loopback --change-passphrase $(gpg --list-secret-keys --with-colons 2> /dev/null | grep '^sec:' | cut --delimiter ':' --fields 5 | tail -n 1)

      - name: Publish
        run: sbt tlCiRelease

  validate-steward:
    name: Validate Steward Config
    strategy:
      matrix:
        os: [ubuntu-latest]
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout current branch (fast)
        uses: actions/checkout@v3

      - uses: coursier/setup-action@v1
        with:
          apps: scala-steward

      - run: scala-steward validate-repo-config .scala-steward.conf