Tag commit and publish snapshot artifacts on pushes (to master). All …

…is ready for jreleaser releases. (#211)

.github/workflows/xvm-verify-push.yml

@@ -1,124 +1,139 @@
-#
+  #
 # GitHub runner workflow for building, verifying and testing the XVM repo.
 #
-# It also does some quick sanity check that we can provide release artifacts. This latter part
-# will be implemented in much better detail when we have a marge to master and minimal effort
-# GitHub release plugin integration, so we can automate release generation.
-#
-# TODO: Add a release workflow, and a distribution creation workflow. Reuse parts of the
-#   "xdk-release" repo, that can run the cross product of aarch64, amd64, Linux, Windows and
-#   MacOS, including creating the Windows "exe" installer, on any platform with Nsis.
-#
-# TODO: Add workflow jobs in another GitHub workflow configuration that builds SNAPSHOT releases
-#   when a PR is merged into master.
-#
-# TODO: Discuss what other kinds of GitHub workflow actions we need. This can be anything
-#   from cron jobs that run every night, to containerization tests/efforts/creations.
-#
-# TODO: Retain more build information than the defaults (log output and build scan links). I.e.
-#   configure any build output files that we may want to inspect to be retained as well.
-#   @see https://github.com/gradle/actions/blob/main/setup-gradle/README.md#github-dependency-graph-support
-#
-# TODO: Set up Discord channel chat messages, when an action is started, successful or fails.
-#
-# TODO: Verify that the build jobs run both with and without the build cache. Since it takes
-#   time to rebuild the cache, the clean cache run should be a separate workflow, and it may be
-#   a good idea to run it only on pull requests, not on every push, or something like that.
-#   Another option is to have a GitHub cron job action, that nukes the caches every night, so that
-#   at least the first GitHub workflow of the day is known to build with a clean cache.
+# TODO: Add periodic workflows (that can be manually triggered /w workflow_disspatch and also run through a cron file)
+#   1) Cleans out old workflows that have finished but not succeeded.
+#   2) Cleans Gradle and other build caches, maybe one every 24 h
+#   3) Cleans ...
 #
-# TODO: File these TODOs as issues in the GitHub repository.
-#
-
-name: XVM Repository build, test and verification runner.
 
 # Check if "pull-request" makes it possible to add a branch protection status check requirement on master.
+# gh auth switch --hostname enterprise.internal --user monalisa  (switch auth)
+
 on:
-  push
+  push:
+  workflow_dispatch:
+    inputs:
+      extra_gradle_options:
+        description: 'Extra Gradle options to pass to the build'
+        required: false
+      skip_manual_tests:
+        description: 'Skip manual tests'
+        required: false
+      skip_manual_tests_parallel:
+        description: 'Skip parallel manual tests'
+        required: false
 
 env:
-  #
-  # This turns into a project property that outputs some important lines of the XTC plugin logic to the console.
-  # The flag is intended to provide enough information to do a reproducible run for any action performed by the Plugin.
-  #
-  ORG_XTCLANG_PLUGIN_VERBOSE: true
+  # TODO: Default should be disabled; we only want to be bothered by tagging and publishing for the master branch.
+  always_publish_snapshot: false
 
-  #
-  # The following flags were intended to be used to finish the build run with a simple sanity check, compiling
-  # and running a text program, making sure that both the build DSL and the mechanism for consuming the
-  # XDK being worked on as an artifact have not been broken.
+  # Add manual tests as an included build to the composite build configuration, and also build them.
   ORG_GRADLE_PROJECT_includeBuildManualTests: true
   ORG_GRADLE_PROJECT_includeBuildAttachManualTests: true
+  ORG_GRADLE_PROJECT_xtcPluginOverrideVerboseLogging: true
+
+  # Add sanity checks that the javatools fatjar contains appropriate classes and dependencies
+  ORG_XTCLANG_JAVATOOLS_SANITY_CHECK_JAR: true
 
-  # Provide debug information of all build cache actions:
-  GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+  # Secrets (TODO: Verify plugin portal and maven central/sonatype credentials)
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GRADLE_PUBLISH_KEY: ${{ secrets.ORG_XTCLANG_GRADLE_PLUGIN_PORTAL_PUBLISH_KEY }}
+  GRADLE_PUBLISH_SECRET: ${{ secrets.ORG_XTCLANG_GRADLE_PLUGIN_PORTAL_PUBLISH_SECRET }}
+  GPG_SIGNING_KEY: ${{ secrets.ORG_XTCLANG_GPG_SIGNING_KEY }}
+  GPG_SIGNING_PASSWORD: ${{ secrets.ORG_XTCLANG_GPG_SIGNING_PASSWORD }}
+  MAVEN_CENTRAL_USERNAME: ${{ secrets.ORG_XTCLANG_MAVEN_CENTRAL_USERNAME }}
+  MAVEN_CENTRAL_PASSWORD: ${{ secrets.ORG_XTCLANG_MAVEN_CENTRAL_PASSWORD }}
+
+  gradle_options: "-Dorg.gradle.jvmargs=-Xmx8G -Dorg.gradle.caching.debug=false -Dorg.gradle.vfs.verbose=false --stacktrace --warning-mode=all --console=plain --profile ${{ inputs.extra_gradle_options }}"
+
+  # Optional flags to skip manual tests, or at least some of them.
+  skip_manual_tests: ${{ github.event.inputs.skip_manual_tests || 'false' }}
+  skip_manual_tests_parallel: ${{ github.event.inputs.skip_manual_tests_parallel || 'false' }}
+
+  # Build environment and build workflow debug flags.
+  # ACTIONS_RUNNER_DEBUG: true
+  # ACTIONS_STEP_DEBUG: true
+  # GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
+
+# Concurrency settings: group by workflow and ref, cancel intermediate builds, but only if it's a pull request build.
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  gradle:
-    # If we do not specify a version here, the runner will pick up whatever Gradle version
-    # that is defined by our wrapper, which is exactly what we want.
+  build-verify:
+
     strategy:
       matrix:
         os: [ ubuntu-latest, windows-latest ]
 
-    # The verification actions are run on Linux and on Windows. There are MacOS runners available from GitHub,
-    # but they are rarer, which may lead to increased test times. Of course we should always make sure that
-    # the project builds and runs on all our target platforms, but for time being, we just verify Linux and Windows
-    # builds. Also note that the MacOS runners available for free are all x86 machines, whereas cycles on aarch64
-    # MacOS machines are charged for by GitHub.
     runs-on: ${{ matrix.os }}
 
     steps:
-      # 1. Checkout the repository under test.
       - uses: actions/checkout@v4
+        with:
+          show-progress: true
 
-      # 2. Set up the Java JDK. The JDK vendor should not matter, but we require Java 21.
       - uses: actions/setup-java@v4
         with:
-          distribution: 'temurin'
           java-version: '21'
+          distribution: temurin
+
+      - uses: gradle/actions/setup-gradle@v3
+        with:
+          cache-read-only: false
+
+      - uses: gradle/actions/wrapper-validation@v3
+
+      - name: Build the XDK and create a distribution layout
+        shell: bash
+        run: |
+          cwd_path=$(pwd)
+          echo "Executing Gradle 'installDist' task from path: '$cwd_path'"
+          ./gradlew ${{ env.gradle_options }} installDist 
+
+      - name: Build a machine specific XDK installation with native launchers, test run launchers on native platform
+        shell: bash
+        run: |
+          ./gradlew ${{ env.gradle_options }} xdk:installWithLaunchersDist
+          xcc_path=$(find xdk/build/install/ -name xcc)
+          xec_path=$(find xdk/build/install/ -name xec)
+          echo "Location of native launcher (xcc): $xcc_path"
+          echo "Location of native launcher (xec): $xec_path"
+          echo ">>> Testing native launchers, verifying their binary format and that they run on this platform..."
+          file $xcc_path
+          file $xec_path
+          $xcc_path --version
+          $xec_path --version
+          echo "<<< Native launchers work."
+
+      - name: Default manualTest tasks
+        if: ${{ env.skip_manual_tests != 'true' }}
+        timeout-minutes: 5
+        shell: bash
+        run: |
+          ./gradlew ${{ env.gradle_options }} manualTests:runXtc
+          ./gradlew ${{ env.gradle_options }} manualTests:runOne -PtestName=TestMisc
+          ./gradlew ${{ env.gradle_options }} manualTests:runTwoTestsInSequence
+          echo "*** manualTests:runParallel: ${{ env.skip_manual_tests_parallel }}"
+
+      - name: Parallel manualTest task
+        timeout-minutes: 5
+        if: ${{ env.skip_manual_tests_parallel != 'true' }}
+        shell: bash
+        run: |
+          ./gradlew ${{ env.gradle_options }} manualTests:runParallel
+
+      - name: Dump environment info
+        shell: bash
+        run: |
+          echo "Branch (github.ref): ${{ github.ref }}"
+          echo "Runner OS          : ${{ runner.os }}"
 
-      #
-      # 3. Configure a Gradle build action.
-      #
-      # The current version of this GitHub action is v2.4.2, is at the time of writing still considered
-      # secure, and has fixed previous issues with leaking secrets to the build cache in the GitHub runner
-      # container. Dependabot will alert us to any newly discovered security problems.
-      #
-      # @see: https://github.com/gradle/gradle-build-action#readme
-      # @see: https://github.com/gradle/gradle-build-action?tab=readme-ov-file#select-which-branches-should-write-to-the-cache
-      #
-      # By default, the Gradle action will only write to the cache from jobs on the 'master' branch.
-      # it is also possible exclude certain parts of the build from the cache, with:
-      #
-      # @see: https://github.com/gradle/actions/blob/main/setup-gradle/README.md#exclude-content-from-gradle-user-home-cache
-      #
-      - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v3
-
-      # 4. Run the Gradle build, with verbose logs, and stack traces enabled to verify it works.
-      - name: Verify Gradle Build
-        run: ./gradlew build --info --stacktrace
-
-      # 5. Run the Gradle installation tasks to verify that we can create distributions, and that their
-      # layouts are correct.
-      - name: Verify Gradle Install and Distribution Layout
-        run: ./gradlew installDist --info --stacktrace
-
-      # 6. Run the Gradle installLocalDist task, and verify that its output works as expected.
-      - name: Verify Gradle Install and Local Distribution Layout
-        run: ./gradlew installLocalDist --info --stacktrace
-
-      # 7. Sanity check test run. XUnit will give us real successes or failures.
-      - name: ManualTests Run Default
-        run: ./gradlew manualTests:runXtc
-      - name: ManualTests Run One By Property
-        run: ./gradlew manualTests:runOne -PtestName=TestMisc
-      - name: ManualTests Run Two In Sequence
-        run: ./gradlew manualTests:runTwoTestsInSequence
-      - name: ManualTests parallel tests
-        run: ./gradlew manualTests:runParallel
-
-      # TODO: We need to figure out how to communicate success or failure as long as the manual tests are
-      #   not integrated into test source sets / unit tests for XTC / XUnit, or whatever test harnesses
-      #   we may want to use.
+      - name: Publish to GitHub packages iff snapshot + non-redundant build platform + branch is master
+        if: ${{ ((env.always_publish_snapshot == 'true') || (github.ref == 'refs/heads/master')) && (runner.os == 'Linux') }}
+        shell: bash
+        run: |
+          ./gradlew ${{ env.gradle_options }} xdk:ensureTags -PsnapshotOnly=true
+          ./gradlew ${{ env.gradle_options }} publishRemote -PsnapshotOnly=true

.gitignore

@@ -67,6 +67,9 @@ prj/
 *.ipr
 *.iws
 
+# Act .secrets file for local testing of GitHub Actions
+.secrets
+
 # Gradle profiler output
 gradle-user-home/
 profile-out/

VERSION

@@ -1 +1 @@
-0.4.43
+0.4.4-SNAPSHOT

build-logic/aggregator/src/main/kotlin/org.xtclang.build.aggregator.gradle.kts

@@ -25,7 +25,7 @@ private class XdkBuildAggregator(project: Project) : Runnable {
             val attachKey = "includeBuildAttach${it.replaceFirstChar(Char::titlecase)}"
             val attach = (properties[attachKey]?.toString() ?: "true").toBoolean()
             if (!attach) {
-                logger.info("$prefix Included build '$it' is explicitly configured to be outside the root lifecycle ($attachKey: $attach).")
+                logger.info("$prefix Included build '$it' is explicitly configured to be outside the root lifecycle ($attachKey: false).")
             }
             !attach
         }.toSet()
@@ -60,7 +60,7 @@ private class XdkBuildAggregator(project: Project) : Runnable {
 
             if (taskNames.count { !it.startsWith("-") && !it.contains("taskTree") } > 1) {
                 val msg =
-                    "$prefix Multiple start parameter tasks are not guaranteed to in order/in parallel. Please run each task individually. (task names: $taskNames)"
+                    "$prefix Multiple start parameter tasks are not guaranteed to run in order/in parallel. Please run each task individually. (task names: $taskNames)"
                 logger.error(msg)
                 throw GradleException(msg)
             }

build-logic/common-plugins/common-plugins.gradle.kts

@@ -1,16 +1,13 @@
+/**
+ * This is the build script for the precompile script build-logic plugin.
+ */
+
 plugins {
     `kotlin-dsl`
 }
 
 dependencies {
-    // TODO: Figure out how to get this to live in the version catalog instead. Since
-    //  build logic for talking with GitHub needs this, and because that is compiled
-    //  as a build-logic plugin, we are too early in the lifecycle to resolve from the
-    //  version catalog. Not even with the "best practice hacks", that are mostly applicable
-    //  for this.
-    val kohttpVersion = "0.12.0"
-    implementation("io.github.rybalkinsd:kohttp:$kohttpVersion")
-    implementation("io.github.rybalkinsd:kohttp-jackson:$kohttpVersion")
+    implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:latest.release") // (last checked against 1.6.3)
 }
 
 repositories {