Build

build: enable caching when using act #862

Workflow file for this run

	# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
	# SPDX-FileContributor: Sebastian Thomschke (Vegard IT GmbH)
	# SPDX-License-Identifier: Apache-2.0
	# SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/vegardit-maven-parent
	#
	# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
	name: Build

	on:
	push:
	branches-ignore: # build all branches except:
	- 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
	tags-ignore: # don't build tags
	- '**'
	paths-ignore:
	- '*/.adoc'
	- '*/.md'
	- '.editorconfig'
	- '.git*'
	- '.github/*.yml'
	- '.github/workflows/stale.yml'
	pull_request:
	paths-ignore:
	- '*/.adoc'
	- '*/.md'
	- '.editorconfig'
	- '.git*'
	- '.github/*.yml'
	workflow_dispatch:
	# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/
	inputs:
	additional_maven_args:
	description: 'Additional Maven Args'
	required: false
	default: ''
	debug-with-ssh:
	description: "Start an SSH session for debugging purposes at the end of the build:"
	default: never
	type: choice
	options: [ always, on_failure, on_failure_or_cancelled, never ]
	debug-with-ssh-only-for-actor:
	description: "Limit access to the SSH session to the GitHub user that triggered the job."
	default: true
	type: boolean


	defaults:
	run:
	shell: bash


	env:
	JAVA_VERSION: 17


	jobs:

	###########################################################
	maven-build:
	###########################################################
	runs-on: ubuntu-latest


	# https://docs.github.com/en/actions/using-jobs/using-concurrency
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: false


	steps:
	- name: "Show: GitHub context"
	env:
	GITHUB_CONTEXT: ${{ toJSON(github) }}
	run: echo $GITHUB_CONTEXT


	- name: "Show: environment variables"
	run: env \| sort


	- name: Git Checkout
	uses: actions/checkout@v4 # https://github.com/actions/checkout


	- name: "Install: JDK ${{ env.JAVA_VERSION }} ☕"
	uses: actions/setup-java@v4 # https://github.com/actions/setup-java
	with:
	distribution: temurin
	java-version: ${{ env.JAVA_VERSION }}


	# reusing CDS archives of the same JVM randomly fails in GitHub Actions with
	# "An error has occurred while processing the shared archive file. shared class paths mismatch"
	#- name: Calculate Java version checksum
	# id: java-version-checksum
	# run: \|
	# echo "md5sum=$(java -version 2>&1 \| md5sum \| cut -f1 -d" ")" >> $GITHUB_OUTPUT
	#- name: Cache Java CDS archive
	# uses: actions/cache@v3
	# with:
	# path: \|
	# ~/.xshare/${{ steps.java-version-checksum.outputs.md5sum }}
	# key: ${{ runner.os }}-xshare-${{ steps.java-version-checksum.outputs.md5sum }}


	- name: "Cache: Maven Binary"
	uses: actions/cache@v4 # https://github.com/actions/cache/blob/main/restore/README.md
	with:
	path: \|
	~/.m2/wrapper
	key: ${{ runner.os }}-${{ runner.arch }}-mvn-binary-${{ hashFiles('.mvn/wrapper/maven-wrapper.properties') }}


	- name: "Cache: Restore"
	id: cache-restore
	uses: actions/cache/restore@v4 # https://github.com/actions/cache/blob/main/restore/README.md
	with:
	# IMPORTANT: path must have exactly the same value as in the cache save step otherwise restore will fail with cache key not found
	path: \|
	~/.m2/bin
	~/.m2/repository
	!~/.m2/repository/.cache
	!~/.m2/repository/.meta
	!~/.m2/repository/com/vegardit/maven
	!~/.m2/repository/SNAPSHOT
	key: ${{ runner.os }}-${{ runner.arch }}-mvn-repo-${{ hashFiles('**/pom.xml') }}
	restore-keys: \|
	${{ runner.os }}-${{ runner.arch }}-mvn-repo-


	- name: "Move Restored Repo"
	if: ${{ steps.cache-restore.outputs.cache-hit }}
	run: \|
	RESTORED_REPO_PATH=$HOME/.m2/repository-restored
	mv -v ~/.m2/repository $RESTORED_REPO_PATH
	echo "RESTORED_REPO_PATH=$RESTORED_REPO_PATH" >> $GITHUB_ENV


	- name: "Test with Maven 🔨"
	if: ${{ github.ref_name != 'main' \|\| env.ACT }}
	env:
	GITHUB_USER: ${{ github.actor }}
	GITHUB_API_KEY: ${{ github.token }}
	MAY_CREATE_RELEASE: false
	run: \|
	bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}


	- name: "Build with Maven 🔨"
	if: ${{ github.ref_name == 'main' && !env.ACT }}
	env:
	DEPLOY_SNAPSHOTS_TO_GITHUB_BRANCH: true
	GITHUB_USER: ${{ github.actor }}
	GITHUB_API_KEY: ${{ secrets.GH_API_TOKEN }}
	MAY_CREATE_RELEASE: true
	SIGN_KEY: ${{ secrets.GPG_SIGN_KEY }}
	SIGN_KEY_PASS: ${{ secrets.GPG_SIGN_KEY_PWD }}
	SONATYPE_OSSRH_USER: ${{ secrets.SONATYPE_OSSRH_USER }}
	SONATYPE_OSSRH_USER_TOKEN: ${{ secrets.SONATYPE_OSSRH_USER_TOKEN }}
	run: \|
	set -eu

	# https://github.community/t/github-actions-bot-email-address/17204
	git config user.name "github-actions[bot]"
	git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
	bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}


	##################################################
	# Cache Update
	# See https://github.com/actions/cache/issues/342#issuecomment-1399442670
	##################################################
	- name: "Cache: Delete Previous"
	if: ${{ steps.cache-restore.outputs.cache-hit && !env.ACT }}
	env:
	GH_TOKEN: ${{ github.token }}
	run: \|
	gh extension install actions/gh-actions-cache
	# "\|\| true" is to avoid "Error: Resource not accessible by integration" from failing the job
	gh actions-cache delete ${{ steps.cache-restore.outputs.cache-primary-key }} --confirm \|\| true

	- name: "Cache: Update"
	uses: actions/cache/save@v4 # https://github.com/actions/cache/blob/main/save/README.md
	if: ${{ always() && !cancelled() }}
	with:
	path: \|
	~/.m2/bin
	~/.m2/repository
	!~/.m2/repository/.cache
	!~/.m2/repository/.meta
	!~/.m2/repository/com/vegardit/maven
	!~/.m2/repository/SNAPSHOT
	key: ${{ steps.cache-restore.outputs.cache-primary-key }}


	##################################################
	# Setup SSH debug session
	##################################################
	- name: "SSH session for debugging: check"
	id: DEBUG_SSH_SESSSION_CHECK
	if: always()
	run: \|
	set -eu

	when="${{ inputs.debug-with-ssh }}"

	if [[ $when == "always" ]] \|\| case "${{ job.status }}" in
	success) [[ $when == "always" ]] ;;
	cancelled) [[ $when == "on_failure_or_cancelled" ]] ;;
	failure) [[ $when == "on_failure"* ]] ;;
	esac; then
	echo "start_ssh_session=true" \| tee -a "$GITHUB_OUTPUT"
	fi


	- name: "SSH session for debugging: start"
	uses: mxschmitt/action-tmate@v3 # https://github.com/mxschmitt/action-tmate
	if: always() && steps.DEBUG_SSH_SESSSION_CHECK.outputs.start_ssh_session
	with:
	limit-access-to-actor: ${{ inputs.debug-with-ssh-only-for-actor }}


	###########################################################
	dependabot-pr-auto-merge:
	###########################################################
	needs: maven-build
	if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
	runs-on: ubuntu-latest

	concurrency: dependabot-pr-auto-merge

	permissions:
	contents: write
	pull-requests: write

	steps:
	- name: Dependabot metadata
	id: metadata
	uses: dependabot/fetch-metadata@v2 # https://github.com/dependabot/fetch-metadata/
	with:
	github-token: "${{ secrets.GITHUB_TOKEN }}"


	- name: Enable auto-merge for Dependabot PRs
	if: \|
	${{
	(
	steps.dependabot-metadata.outputs.package-ecosystem == 'github-actions' &&
	steps.metadata.outputs.update-type == 'version-update:semver-major'
	) \|\| (
	steps.dependabot-metadata.outputs.package-ecosystem == 'maven' &&
	steps.metadata.outputs.update-type == 'version-update:semver-minor'
	)
	}}
	run: \|
	gh pr merge --auto --rebase "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: enable caching when using act #862

Workflow file

build: enable caching when using act #862

Jobs

Run details

Workflow file for this run