.github/workflows/build.yml

name: CI

on:
  push:
    tags: [ '[0-9]+.[0-9]+.[0-9]+' ]
    branches: [ main ]
  pull_request:
    branches: [ main ]
    types: [ opened, reopened, synchronize ]
  workflow_dispatch:

concurrency:
  group: ${{ github.ref }}
  cancel-in-progress: true

jobs:
  test-project:
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os: [ ubuntu-22.04, macos-14, windows-2022 ]
        java: [ 21 ]
    steps:
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      - name: Setup Java
        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b
        with:
          distribution: temurin
          java-version: ${{ matrix.java }}
          cache: maven
      - name: Executable Maven Wrapper
        if: contains(matrix.os, 'win') == false
        run: chmod +x ./mvnw
      - name: Test project
        run: ./mvnw test

  quality-check:
    needs: test-project
    runs-on: ubuntu-22.04
    permissions:
      security-events: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          fetch-depth: 0
      - name: Setup Java
        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b
        with:
          distribution: temurin
          java-version: 21
          cache: maven
      - name: Initialize CodeQL
        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169
        with:
          languages: java
          queries: security-and-quality
      - name: Executable Maven Wrapper
        run: chmod +x ./mvnw
      - name: Compile project
        run: ./mvnw compile
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169
      - name: Perform SonarCloud Analysis
        run: |
          ./mvnw verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
            -Dsonar.host.url=https://sonarcloud.io \
            -Dsonar.token=${{ secrets.SONAR_TOKEN }} \
            -Dsonar.organization=${{ secrets.SONAR_KEY }} \
            -Dsonar.qualitygate.wait=true

  package-jars:
    needs: quality-check
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
      - name: Setup Java
        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b
        with:
          distribution: temurin
          java-version: 21
          cache: maven
      - name: Executable Maven Wrapper
        run: chmod +x ./mvnw
      - name: Package project
        run: ./mvnw package -Passembly -DskipTests
      - name: Upload artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08
        with:
          name: opdf-jar
          path: ./opdf-assembly/target/opdf.jar

  build-native:
    needs: package-jars
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os: [ ubuntu-22.04, macos-14, windows-2022 ]
        include:
          - os: ubuntu-22.04
            artifact_name: opdf
            package_name: opdf-linux
          - os: macos-14
            artifact_name: opdf
            package_name: opdf-macos
          - os: windows-2022
            artifact_name: opdf.exe
            package_name: opdf-windows
    steps:
      - name: Download artifacts
        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
        with:
          name: opdf-jar
      - name: Setup GraalVM
        uses: graalvm/setup-graalvm@4a200f28cd70d1940b5e33bd00830b7dc71a7e2b
        with:
          java-version: 21
          distribution: graalvm
          github-token: ${{ secrets.GITHUB_TOKEN }}
      - name: Build native image
        run: native-image --no-fallback -H:+AddAllCharsets -jar opdf.jar
      - name: Upload artifacts
        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08
        with:
          name: ${{ matrix.package_name }}
          path: ${{ matrix.artifact_name }}