Clean-up CodeQL & Build GitHub Actions #3554
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2020 Google LLC | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| name: "Build" | ||
| # Controls when the action will run. Triggers the workflow on push or pull request | ||
| # events for the `master` branch | ||
| on: | ||
| push: | ||
| branches: [ master ] | ||
| tags: | ||
| build* | ||
| pull_request: | ||
| # The branches below must be a subset of the branches above | ||
| branches: [ master ] | ||
| schedule: | ||
| # Run once a week (even if no new code or PRs) to detect random regressions | ||
| - cron: '12 13 * * 2' | ||
| env: | ||
| # Allow precise monitoring of the save/restore of Gradle User Home by `gradle-build-action` | ||
| # See https://github.com/marketplace/actions/gradle-build-action?version=v2.1.1#cache-debugging-and-analysis | ||
| GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true | ||
| GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: "fhir" # change this to invalidate cache | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref || || github.run_id }} | ||
|
Check failure on line 38 in .github/workflows/build.yml
|
||
| cancel-in-progress: true | ||
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | ||
| jobs: | ||
| # Build will compile APK, test APK and run tests, lint, etc. | ||
| build: | ||
| runs-on: ubuntu-22.04-8core | ||
| timeout-minutes: 60 | ||
| permissions: | ||
| actions: read | ||
| contents: read | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| language: [ 'java' ] | ||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| - name: Checkout Repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| # Fetch origin/master for spotless ratchet to work | ||
| # https://github.com/diffplug/spotless/issues/1242 | ||
| fetch-depth: 0 | ||
| - name: Switch to Java 17 from Eclipse Temurin distro | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: 17 | ||
| distribution: temurin | ||
| - name: Initialize CodeQL | ||
| uses: github/codeql-action/init@v2 | ||
| with: | ||
| languages: ${{ matrix.language }} | ||
| - name: Build (minimal, for CodeQL) with Gradle | ||
| run: ./gradlew --scan --full-stacktrace compileDebugAndroidTestSources | ||
| - name: Perform CodeQL Analysis | ||
| uses: github/codeql-action/analyze@v2 | ||
| with: | ||
| category: "/language:${{matrix.language}}" | ||
| # This needs to be done *AFTER* CodeQL; otherwise it fails weirdly, see https://github.com/google/android-fhir/issues/2310 | ||
| - name: "Setup Gradle" | ||
| uses: gradle/gradle-build-action@v2 | ||
| with: | ||
| # See https://github.com/marketplace/actions/gradle-build-action#enable-dependency-graph-generation-for-a-workflow | ||
| dependency-graph: generate-and-submit | ||
| # Limit the size of the cache entry. | ||
| # These directories contain instrumented/transformed dependency jars which can be reconstructed relatively quickly. | ||
| gradle-home-cache-excludes: | | ||
| caches/jars-9 | ||
| caches/transforms-3 | ||
| - name: Spotless check | ||
| run: ./gradlew spotlessCheck --scan --full-stacktrace | ||
| - name: Build (full) with Gradle | ||
| run: ./gradlew build --scan --full-stacktrace | ||
| - name: Check with Gradle | ||
| run: ./gradlew check --scan --full-stacktrace | ||
| - name: Release artifacts to local repo | ||
| run: ./gradlew publishReleasePublicationToCIRepository --scan | ||
| - name: Upload maven repo | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: maven-repository | ||
| path: build/ci-repo | ||
| - name: Zip artifact for debugging | ||
| if: ${{ failure() }} | ||
| run: zip build.zip ./*/build -r | ||
| # Upload the build dir for all the modules for diagnosis | ||
| - name: Upload build dir | ||
| if: ${{ failure() }} | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: build.zip | ||
