Several improvements and fixes to the DFG #6455
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
tags: | |
- v*.** | |
paths-ignore: | |
- "docs/**" | |
merge_group: | |
pull_request: | |
types: [opened, synchronize, reopened] | |
paths-ignore: | |
- "docs/**" | |
jobs: | |
build-cpgo-osx: | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: "1.21" | |
- name: Build | |
run: | | |
cd cpg-language-go/src/main/golang | |
./build.sh | |
- name: Archive cpgo library (amd64) | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: libcpgo-amd64.dylib | |
path: cpg-language-go/src/main/resources/libcpgo-amd64.dylib | |
- name: Archive cpgo library (arm64) | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: libcpgo-arm64.dylib | |
path: cpg-language-go/src/main/resources/libcpgo-arm64.dylib | |
build: | |
runs-on: [self-hosted, linux, x64, faster] | |
needs: build-cpgo-osx | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of SonarQube analysis | |
- run: | | |
cp gradle.properties.example gradle.properties | |
- uses: actions/setup-java@v3 | |
with: | |
distribution: "zulu" | |
java-version: "17" | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.10" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: "18" | |
- name: Setup neo4j | |
run: | | |
docker run -d --env NEO4J_AUTH=neo4j/password -p7474:7474 -p7687:7687 neo4j || true | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21 | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v3 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
- name: Determine Version | |
run: | | |
# determine version from tag | |
export VERSION=$(echo "${GITHUB_REF}" | cut -d "/" -f3) | |
if [[ $VERSION != v* ]] | |
then | |
export VERSION="" | |
echo "Building version-less (main or feature branch)" | |
else | |
# make version more Java-friendly by dropping the 'v' | |
export VERSION=${VERSION:1:${#VERSION}} | |
echo "Building as ${VERSION}" | |
fi | |
# store version in GitHub environment file | |
echo "version=$VERSION" >> $GITHUB_ENV | |
- name: Install JEP | |
run: | | |
pip3 install jep==$(grep "black.ninia:jep" gradle/libs.versions.toml | grep -o -E "[0-9]\d*(\.[0-9]\d*)*") | |
if [ -d "/opt/hostedtoolcache/Python" ]; then | |
find /opt/hostedtoolcache/Python/ -name libjep.so -exec sudo cp '{}' /usr/lib/ \; | |
fi | |
- name: Install pycodestyle | |
run: | | |
pip3 install pycodestyle | |
- name: Run pycodestyle | |
run: | | |
find cpg-language-python/src/main/python -iname "*.py" -print0 | xargs -n 1 -0 pycodestyle | |
- uses: actions/download-artifact@v3 | |
with: | |
name: libcpgo-arm64.dylib | |
path: cpg-language-go/src/main/resources/ | |
- uses: actions/download-artifact@v3 | |
with: | |
name: libcpgo-amd64.dylib | |
path: cpg-language-go/src/main/resources/ | |
- name: Build ${{ env.version }} | |
run: | | |
if [ "$SONAR_TOKEN" != "" ] | |
then | |
./gradlew --no-daemon --parallel -Pversion=$VERSION -Pintegration spotlessCheck -x spotlessApply build -x distZip -x distTar testCodeCoverageReport sonar \ | |
-Dsonar.projectKey=Fraunhofer-AISEC_cpg \ | |
-Dsonar.organization=fraunhofer-aisec \ | |
-Dsonar.host.url=https://sonarcloud.io \ | |
-Dsonar.login=$SONAR_TOKEN | |
else | |
./gradlew --no-daemon --parallel -Pversion=$VERSION -Pintegration spotlessCheck -x spotlessApply build -x distZip -x distTar | |
fi | |
id: build | |
env: | |
VERSION: ${{ env.version }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Prepare test and coverage reports | |
if: ${{ always() }} | |
run: | | |
zip -r reports.zip **/build/reports/**/** || true | |
- name: Archive test and coverage reports | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: reports | |
path: reports.zip | |
- name: Publish to Maven Central | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
run: | | |
export ORG_GRADLE_PROJECT_signingKey=`echo ${{ secrets.GPG_PRIVATE_KEY }} | base64 -d` | |
./gradlew --no-daemon -Dorg.gradle.internal.publish.checksums.insecure=true --parallel -Pversion=$VERSION -PenableJavaFrontend=true -PenableCXXFrontend=true -PenableGoFrontend=true -PenablePythonFrontend=true -PenableLLVMFrontend=true -PenableTypeScriptFrontend=true -PenableRubyFrontend=true publishToSonatype closeSonatypeStagingRepository | |
env: | |
VERSION: ${{ env.version }} | |
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSWORD }} | |
ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | |
ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
- name: Download old dokka versions (version) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
run: | | |
# make sure the previousDocs folder exists | |
mkdir -p previousDocs && cd previousDocs | |
# retrieve the previous documentation folders for each published version (this also includes "main") | |
wget -O - https://github.com/Fraunhofer-AISEC/cpg/archive/gh-pages.tar.gz | tar -xz --strip=2 cpg-gh-pages/dokka || echo "No dokka directory present. Will continue as if nothing happened" | |
- name: Download old dokka versions (main) | |
if: github.ref == 'refs/heads/main' | |
run: | | |
# make sure the previousDocs folder exists | |
mkdir -p previousDocs && cd previousDocs | |
# retrieve the previous documentation folders for each published version (this also includes "main") | |
wget -O - https://github.com/Fraunhofer-AISEC/cpg/archive/gh-pages.tar.gz | tar -xz --strip=2 cpg-gh-pages/dokka || echo "No dokka directory present. Will continue as if nothing happened" | |
# in order to avoid duplicate mains, remove the "main" version from the previous versions | |
rm -rf main | |
- name: Build JavaDoc | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') || github.ref == 'refs/heads/main' | |
run: | | |
./gradlew --no-daemon -Pversion=$VERSION dokkaHtmlMultiModule | |
env: | |
VERSION: ${{ env.version }} | |
- name: Publish JavaDoc (version) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/${{ env.version }} | |
target-folder: dokka/${{ env.version }} | |
- name: Publish JavaDoc (version as main) | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/${{ env.version }} | |
target-folder: dokka/main | |
- name: Publish JavaDoc (main) | |
if: github.ref == 'refs/heads/main' | |
uses: JamesIves/github-pages-deploy-action@v4 | |
with: | |
folder: build/dokkaCustomMultiModuleOutput/main | |
target-folder: dokka/main | |
- name: Create Release | |
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, 'beta') && !contains(github.ref, 'alpha') | |
id: create_release | |
uses: softprops/action-gh-release@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
name: ${{ env.version }} | |
draft: false | |
prerelease: false |