Add codeql workflow #620
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Global workflow | |
on: | |
pull_request: | |
types: [ opened, synchronize, reopened ] | |
push: | |
branches: | |
- dev | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: 'corretto' | |
- name: Analyze push | |
# If push, we analyze the code | |
if: github.event_name == 'push' | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
run: ./gradlew sonar --info | |
- name: Analyse pull request | |
# If pull request, we analyze the code, and if the target branch is not master | |
if: github.event_name == 'pull_request' && github.event.pull_request.base.ref != 'master' && github.actor != 'dependabot[bot]' | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
run: ./gradlew sonar --info -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} -Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} -Dsonar.pullrequest.base=${{ github.event.pull_request.base.ref }} -Dsonar.qualitygate.wait=true | |
- name: Test | |
if: github.event_name == 'pull_request' && (github.event.pull_request.base.ref == 'master' || github.actor == 'dependabot[bot]') | |
run: ./gradlew clean test --info | |
- name: Cache gradle dependencies | |
uses: actions/cache@v4 | |
# If author is dependabot, we don't cache dependencies | |
if: github.actor != 'dependabot[bot]' | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-dev-dependencies-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-dev-dependencies-${{ hashFiles('**/build.gradle.kts') }} | |
build: | |
runs-on: ubuntu-latest | |
needs: | |
- test | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 21 | |
distribution: 'corretto' | |
- name: Cache gradle dependencies | |
uses: actions/cache@v4 | |
# If author is dependabot, we don't cache dependencies | |
if: github.actor != 'dependabot[bot]' | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-dev-dependencies-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-dev-dependencies-${{ hashFiles('**/build.gradle.kts') }} | |
- name: Build | |
run: gradle clean installDist -x test | |
- name: Cache build | |
uses: actions/cache@v4 | |
# If author is dependabot, we don't cache dependencies | |
if: github.actor != 'dependabot[bot]' | |
with: | |
path: build/install/core | |
key: ${{ runner.os }}-build-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ hashFiles('**/build.gradle.kts') }} | |
docker: | |
strategy: | |
matrix: | |
platform: [linux/amd64, linux/arm64, linux/arm64/v8] | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Cache build | |
uses: actions/cache@v4 | |
# If author is dependabot, we don't cache dependencies | |
if: github.actor != 'dependabot[bot]' | |
with: | |
path: build/install/core | |
key: ${{ runner.os }}-build-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ hashFiles('**/build.gradle.kts') }} | |
- name: Build | |
if: github.actor == 'dependabot[bot]' | |
run: gradle clean installDist -x test | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build docker file | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: false | |
tags: registry.ziedelth.fr:5000/shikkanime-core:dev | |
platforms: ${{ matrix.platform }} | |
clear_cache: | |
runs-on: ubuntu-latest | |
if: github.actor != 'dependabot[bot]' | |
needs: | |
- docker | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Clear build cache | |
uses: prantlf/delete-cache-action@v2 | |
with: | |
key: ${{ runner.os }}-build-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} | |
- name: Clear gradle cache | |
uses: prantlf/delete-cache-action@v2 | |
with: | |
key: ${{ runner.os }}-dev-dependencies-${{ hashFiles('**/build.gradle.kts') }}-${{ github.sha }} |