fix(deps): bump actions/github-script from 6 to 7 #1053
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) | |
# SPDX-FileContributor: Sebastian Thomschke | |
# SPDX-License-Identifier: Apache-2.0 | |
# SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-graalvm-maven | |
# | |
# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions | |
name: Build | |
on: | |
push: | |
branches: # build all branches | |
- '**' | |
tags-ignore: # but don't build tags | |
- '**' | |
paths-ignore: | |
- '**/*.md' | |
- '.github/*.yml' | |
schedule: | |
# https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows | |
- cron: '0 4 * * */3' # At 04:00 on every 3rd day-of-week | |
pull_request: | |
workflow_dispatch: | |
# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ | |
inputs: | |
GRAALVM_VERSION: | |
description: 'GraalVM Version' | |
required: true | |
default: 'latest' | |
defaults: | |
run: | |
shell: bash | |
env: | |
DOCKER_IMAGE_REPO: vegardit/graalvm-maven | |
TRIVY_CACHE_DIR: ~/.trivy/cache | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
continue-on-error: ${{ matrix.experimental }} | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
# https://github.com/graalvm/graalvm-ce-builds/releases | |
- GRAALVM_VERSION: ${{ github.event.inputs.GRAALVM_VERSION || 'latest' }} | |
GRAALVM_JAVA_VERSION: 11 | |
experimental: false | |
- GRAALVM_VERSION: ${{ github.event.inputs.GRAALVM_VERSION || 'latest' }} | |
GRAALVM_JAVA_VERSION: 17 | |
experimental: false | |
- GRAALVM_VERSION: ${{ github.event.inputs.GRAALVM_VERSION || 'latest' }} | |
GRAALVM_JAVA_VERSION: 21 | |
experimental: true | |
# https://github.com/graalvm/graalvm-ce-dev-builds/releases | |
- GRAALVM_VERSION: dev | |
GRAALVM_JAVA_VERSION: 21 | |
experimental: true | |
steps: | |
- name: Show environment variables | |
run: env | sort | |
- name: Git Checkout | |
uses: actions/checkout@v4 #https://github.com/actions/checkout | |
- name: Cache trivy cache | |
uses: actions/cache@v3 | |
if: env.ACT != 'true' # https://github.com/nektos/act#skipping-steps | |
with: | |
path: ${{ env.TRIVY_CACHE_DIR }} | |
# https://github.com/actions/cache/issues/342#issuecomment-673371329 | |
key: ${{ runner.os }}-trivy-${{ github.run_id }} | |
restore-keys: | | |
${{ runner.os }}-trivy- | |
- name: Cache local Maven repository | |
uses: actions/cache@v3 | |
if: env.ACT != 'true' # https://github.com/nektos/act#skipping-steps | |
with: | |
path: /tmp/maven-repo | |
key: ${{ runner.os }}-mvnrepo-${{ hashFiles('example/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-mvnrepo- | |
- name: Configure fast APT repository mirror | |
uses: vegardit/fast-apt-mirror.sh@v1 | |
- name: Install dos2unix | |
run: sudo apt-get install --no-install-recommends -y dos2unix | |
- name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }} | |
env: | |
DOCKER_REGISTRY: docker.io | |
DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
DOCKER_REGISTRY_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }} | |
GITHUB_TOKEN: ${{ github.token }} | |
GRAALVM_VERSION: ${{ matrix.GRAALVM_VERSION }} | |
GRAALVM_JAVA_VERSION: ${{ matrix.GRAALVM_JAVA_VERSION }} | |
TRIVY_GITHUB_TOKEN: ${{ github.token }} | |
run: | | |
set -eu | |
if [[ $GITHUB_REF_NAME == "main" && $GITHUB_EVENT_NAME != "pull_request" && ${ACT:-} != "true" ]]; then | |
export DOCKER_PUSH=1 | |
echo "$DOCKER_REGISTRY_TOKEN" | docker login -u="$DOCKER_REGISTRY_USERNAME" "$DOCKER_REGISTRY" --password-stdin | |
fi | |
bash build-image.sh | |
- name: Test ${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }} | |
run: | | |
docker run --rm -t ${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }} /bin/bash -c " | |
cd /tmp | |
echo 'class HelloWorld { public static void main(String[] args) { System.out.println(\"HelloWorld!\"); }}' > HelloWorld.java | |
javac HelloWorld.java | |
# test dynamic executable | |
native-image HelloWorld | |
./helloworld | |
# test static executable | |
native-image --static HelloWorld | |
./helloworld | |
" | |
- name: Test ${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }} via Maven | |
env: | |
RUN_IN_DOCKER_IMAGE: ${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }} | |
run: | | |
set -eux | |
bash example/tools/run-in-docker.sh mvn clean package | |
bash example/tools/run-in-docker.sh bash -c target/example | |
- name: Publish Docker image to GH registry | |
if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps | |
run: | | |
set -eux | |
echo "${{ github.token }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin | |
image_name="$DOCKER_IMAGE_REPO:${{ matrix.GRAALVM_VERSION }}-java${{ matrix.GRAALVM_JAVA_VERSION }}" | |
docker image tag $image_name ghcr.io/$image_name | |
docker push ghcr.io/$image_name | |
purge-untagged-images: | |
runs-on: ubuntu-latest | |
needs: [build] | |
steps: | |
- name: Delete untagged images | |
uses: actions/github-script@v7 | |
if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps | |
with: | |
github-token: ${{ secrets.GHA_DELETE_PACKAGES }} | |
script: | | |
const imageName = /[^/]*$/.exec(process.env.DOCKER_IMAGE_REPO)[0] | |
const basePath = `/orgs/${{ github.repository_owner }}/packages/container/${imageName}/versions` | |
for (version of (await github.request(`GET ${basePath}`, { per_page: 100 })).data) { | |
if (version.metadata.container.tags.length == 0) { | |
console.log(`deleting ${version.name}...`) | |
const delResponse = await github.request(`DELETE ${basePath}/${version.id}`) | |
console.log(`status: ${delResponse.status}`) | |
} | |
} |