chore(deps): bump JetBrains/qodana-action from c0a36fb50f89f631c068153f5cf03964ba32861f to 4266d68b6d44cd2c1483ba20a4e2700c9107ea0c #537
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| ## Event: Merge group checks | |
| merge_group: {} | |
| ## Event: Push on `main` or `stable` | |
| push: | |
| branches: | |
| - main | |
| - stable | |
| tags: | |
| - "v*" | |
| ## Event: PR | |
| pull_request: | |
| types: | |
| - opened | |
| - closed | |
| - reopened | |
| - synchronize | |
| env: | |
| CI: true | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| ## Build: Gradle Plugin | |
| build-plugin: | |
| name: "Build" | |
| uses: elide-dev/build-infra/.github/workflows/jvm.gradle.yml@main | |
| secrets: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: write | |
| actions: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: [Linux, Windows, macOS] | |
| gradleLabel: ["Gradle 8.5", "Gradle 8.4", "Gradle 8.3", "Gradle 8.2", "Gradle 8.1", "Gradle Latest"] | |
| java: ["17", "21"] | |
| include: | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle 8.5" | |
| gradle: "8.5" | |
| tasks: koverXmlReport sonar | |
| main: true | |
| labs: false | |
| java: 21 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.5" | |
| gradle: "8.5" | |
| main: false | |
| labs: false | |
| java: 21 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.5" | |
| gradle: "8.5" | |
| main: false | |
| labs: false | |
| java: 21 | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle 8.4" | |
| gradle: "8.4" | |
| main: false | |
| labs: false | |
| java: 21 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.4" | |
| gradle: "8.4" | |
| main: false | |
| labs: false | |
| java: 21 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.4" | |
| gradle: "8.4" | |
| main: false | |
| labs: false | |
| java: 21 | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle 8.3" | |
| gradle: "8.3" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.3" | |
| gradle: "8.3" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.3" | |
| gradle: "8.3" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradle: "8.2" | |
| gradleLabel: "Gradle 8.2" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.2" | |
| gradle: "8.2" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.2" | |
| gradle: "8.2" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| java: 17 | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| java: 17 | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| java: 17 | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| java: 17 | |
| with: | |
| label: "Plugin" | |
| runner: "${{ matrix.runner }}" | |
| action: "build test ${{ matrix.tasks }}" | |
| flags: "--scan" | |
| artifact: "buildless-plugin-gradle" | |
| checks: ${{ fromJson(matrix.main) }} | |
| gradle: ${{ matrix.gradle }} | |
| labs: ${{ fromJson(matrix.labs) }} | |
| coverage_report: "build/reports/kover/report.xml" | |
| provenance: "${{ fromJson(matrix.main) }}" | |
| coverage: "${{ fromJson(matrix.main) }}" | |
| artifacts: "${{ fromJson(matrix.main) }}" | |
| jvm: ${{ matrix.java }} | |
| ## Checks: API Breakage | |
| check-api: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.apicheck.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| contents: read | |
| ## Checks: CodeQL | |
| check-codeql: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.codeql.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Detekt | |
| check-detekt: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.detekt.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Qodana | |
| check-qodana: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.qodana.yml | |
| secrets: | |
| QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Dependency Review | |
| dependency-review: | |
| name: "Dependency Review" | |
| needs: ["build-plugin"] | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
| with: | |
| egress-policy: audit | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3 | |
| - name: "Analysis: Dependency Review" | |
| uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v3 |