spring-security/.github/workflows/continuous-integration-work...

name: CI

on:
  push:
    branches:
      - main
  schedule:
    - cron: '0 10 * * *' # Once per day at 10am UTC
  workflow_dispatch: # Manual trigger

env:
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}
  GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}
  GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}
  COMMIT_OWNER: ${{ github.event.pusher.name }}
  COMMIT_SHA: ${{ github.sha }}
  ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
  ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
  RUN_JOBS: ${{ github.repository == 'spring-projects/spring-security' }}

jobs:
  prerequisites:
    name: Pre-requisites for building
    runs-on: ubuntu-latest
    outputs:
      runjobs: ${{ steps.continue.outputs.runjobs }}
    steps:
      - uses: actions/checkout@v2
      - name: Initiate error tracking
        uses: spring-projects/track-build-errors-action@v1
        with:
          job-name: "prerequisites"
      - name: Export errors file
        uses: actions/upload-artifact@v2
        with:
          name: errors
          path: job-prerequisites.txt
      - id: continue
        name: Determine if should continue
        if: env.RUN_JOBS == 'true'
        run: echo "::set-output name=runjobs::true"
  build_jdk_11:
    name: Build JDK 11
    needs: [prerequisites]
    runs-on: ubuntu-latest
    if: needs.prerequisites.outputs.runjobs
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Cache Gradle packages
        uses: actions/cache@v2
        with:
          path: ~/.gradle/caches
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
      - name: Build with Gradle
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD"
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  build_windows:
    name: Build Windows
    needs: [prerequisites]
    runs-on: windows-latest
    if: needs.prerequisites.outputs.runjobs
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Cache Gradle packages
        uses: actions/cache@v2
        with:
          path: ~/.gradle/caches
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
      - name: Build with Gradle
        run: |
          set GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          set GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          set GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD"
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  snapshot_tests:
    name: Test against snapshots
    needs: [prerequisites]
    runs-on: ubuntu-latest
    if: needs.prerequisites.outputs.runjobs
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Snapshot Tests
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew test --refresh-dependencies -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PspringVersion='5.+' -PreactorVersion='20+' -PspringDataVersion='Neumann-BUILD-SNAPSHOT' -PrsocketVersion=1.1.0-SNAPSHOT -PspringBootVersion=2.4.0-SNAPSHOT -PlocksDisabled --stacktrace
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  sonar_analysis:
    name: Static Code Analysis
    needs: [prerequisites]
    runs-on: ubuntu-latest
    if: needs.prerequisites.outputs.runjobs
    env:
      SONAR_URL: ${{ secrets.SONAR_URL }}
      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Run Sonar on given (non-main) branch
        if: ${{ github.ref != 'refs/heads/main' }}
        run: |
          export BRANCH=${GITHUB_REF#refs/heads/}
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew sonarqube -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PexcludeProjects='**/samples/**' -Dsonar.projectKey="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.projectName="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace
      - name: Run Sonar on main
        if: ${{ github.ref == 'refs/heads/main' }}
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew sonarqube -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PexcludeProjects='**/samples/**' -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  deploy_artifacts:
    name: Deploy Artifacts
    needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Deploy artifacts
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          export VERSION_HEADER=$'Version: GnuPG v2\n\n'
          export ORG_GRADLE_PROJECT_signingKey=${GPG_PRIVATE_KEY_NO_HEADER#"$VERSION_HEADER"}
          export ORG_GRADLE_PROJECT_signingPassword="$GPG_PASSPHRASE"
          ./gradlew deployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel
          ./gradlew finalizeDeployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel
        env:
          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
          OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }}
          OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }}
          ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  deploy_docs:
    name: Deploy Docs
    needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Deploy Docs
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace
        env:
          DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}
          DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}
          DOCS_HOST: ${{ secrets.DOCS_HOST }}
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  deploy_schema:
    name: Deploy Schema
    needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Set up JDK
        uses: actions/setup-java@v1
        with:
          java-version: '11'
      - name: Deploy Schema
        run: |
          export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"
          export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"
          export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"
          ./gradlew deploySchema -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace --info
        env:
          DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}
          DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}
          DOCS_HOST: ${{ secrets.DOCS_HOST }}
      - name: Track error step
        uses: spring-projects/track-build-errors-action@v1
        if: ${{ failure() }}
        with:
          job-name: ${{ github.job }}
      - name: Export errors file
        uses: actions/upload-artifact@v2
        if: ${{ failure() }}
        with:
          name: errors
          path: job-${{ github.job }}.txt
  notify_result:
    name: Check for failures
    needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis, deploy_artifacts, deploy_docs, deploy_schema]
    if: always()
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Download errors folder
        uses: actions/download-artifact@v2
        with:
          name: errors
      - name: Send Slack message
        uses: spring-projects/notify-slack-errors-action@v1
        with:
          slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
          branch-name: ${{ github.ref }}
          commit-sha: ${{ github.sha }}
          commit-owner: ${{ github.actor }}
          repo-name: ${{ github.repository }}
          run-id: ${{ github.run_id }}
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`name: CI`

			`on:`
			`push:`
			`branches:`
master->main Closes gh-9683 2021-04-26 17:50:35 -04:00			`- main`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`schedule:`
			`- cron: '0 10 * * *' # Once per day at 10am UTC`
Add manual trigger to CI workflow Closes gh-9360 2021-01-21 08:02:54 -05:00			`workflow_dispatch: # Manual trigger`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00
			`env:`
			`SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}`
			`GRADLE_ENTERPRISE_CACHE_USER: ${{ secrets.GRADLE_ENTERPRISE_CACHE_USER }}`
			`GRADLE_ENTERPRISE_CACHE_PASSWORD: ${{ secrets.GRADLE_ENTERPRISE_CACHE_PASSWORD }}`
			`GRADLE_ENTERPRISE_SECRET_ACCESS_KEY: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }}`
			`COMMIT_OWNER: ${{ github.event.pusher.name }}`
			`COMMIT_SHA: ${{ github.sha }}`
Add artifactoryUsername/Password to download new dependencies 2020-11-16 14:02:11 -05:00			`ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}`
			`ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`RUN_JOBS: ${{ github.repository == 'spring-projects/spring-security' }}`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00
			`jobs:`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`prerequisites:`
			`name: Pre-requisites for building`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`outputs:`
			`runjobs: ${{ steps.continue.outputs.runjobs }}`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Initiate error tracking`
			`uses: spring-projects/track-build-errors-action@v1`
			`with:`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`job-name: "prerequisites"`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`with:`
			`name: errors`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`path: job-prerequisites.txt`
			`- id: continue`
			`name: Determine if should continue`
Adjust Needs Output - There is no need to emit the value of RUN_JOBS to the rest of the workflow. As a boolean, it is sufficient to ask whether or not the corresponding output is present at all - Prerequisites is apparently easy to misspell Issue gh-9701 2021-05-11 18:20:46 -04:00			`if: env.RUN_JOBS == 'true'`
			`run: echo "::set-output name=runjobs::true"`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`build_jdk_11:`
			`name: Build JDK 11`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`needs: [prerequisites]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
Adjust Needs Output - There is no need to emit the value of RUN_JOBS to the rest of the workflow. As a boolean, it is sufficient to ask whether or not the corresponding output is present at all - Prerequisites is apparently easy to misspell Issue gh-9701 2021-05-11 18:20:46 -04:00			`if: needs.prerequisites.outputs.runjobs`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`steps:`
			`- uses: actions/checkout@v2`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`- name: Set up JDK 11`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Cache Gradle packages`
			`uses: actions/cache@v2`
			`with:`
			`path: ~/.gradle/caches`
			`key: ${{ runner.os }}-gradle-${{ hashFiles('*/.gradle') }}`
			`- name: Build with Gradle`
			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
Add artifactoryUsername/Password to download new dependencies 2020-11-16 14:02:11 -05:00			`./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD"`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`build_windows:`
			`name: Build Windows`
Add New Job to Verify Windows Build on CI Workflow Issue gh-9727 2021-05-07 07:47:47 -04:00			`needs: [prerequisites]`
			`runs-on: windows-latest`
			`if: needs.prerequisites.outputs.runjobs`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK 11`
			`uses: actions/setup-java@v1`
			`with:`
			`java-version: '11'`
			`- name: Cache Gradle packages`
			`uses: actions/cache@v2`
			`with:`
			`path: ~/.gradle/caches`
			`key: ${{ runner.os }}-gradle-${{ hashFiles('*/.gradle') }}`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`- name: Build with Gradle`
Add New Job to Verify Windows Build on CI Workflow Issue gh-9727 2021-05-07 07:47:47 -04:00			`run: \|`
			`set GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`set GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`set GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`./gradlew clean build --continue -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD"`
			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`snapshot_tests:`
			`name: Test against snapshots`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`needs: [prerequisites]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
Adjust Needs Output - There is no need to emit the value of RUN_JOBS to the rest of the workflow. As a boolean, it is sufficient to ask whether or not the corresponding output is present at all - Prerequisites is apparently easy to misspell Issue gh-9701 2021-05-11 18:20:46 -04:00			`if: needs.prerequisites.outputs.runjobs`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK`
			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Snapshot Tests`
			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
Add artifactoryUsername/Password to other workflow steps Added artifactoryUsername/Password to other CI workflow steps to ensure all steps will pass if a new dependency is added. 2020-11-16 14:11:07 -05:00			`./gradlew test --refresh-dependencies -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PforceMavenRepositories=snapshot -PspringVersion='5.+' -PreactorVersion='20+' -PspringDataVersion='Neumann-BUILD-SNAPSHOT' -PrsocketVersion=1.1.0-SNAPSHOT -PspringBootVersion=2.4.0-SNAPSHOT -PlocksDisabled --stacktrace`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
			`sonar_analysis:`
			`name: Static Code Analysis`
Stop CI Jobs on Forks Closes gh-9701 2021-05-03 16:12:12 -04:00			`needs: [prerequisites]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
Adjust Needs Output - There is no need to emit the value of RUN_JOBS to the rest of the workflow. As a boolean, it is sufficient to ask whether or not the corresponding output is present at all - Prerequisites is apparently easy to misspell Issue gh-9701 2021-05-11 18:20:46 -04:00			`if: needs.prerequisites.outputs.runjobs`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`env:`
			`SONAR_URL: ${{ secrets.SONAR_URL }}`
			`SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK`
			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
master->main Closes gh-9683 2021-04-26 17:50:35 -04:00			`- name: Run Sonar on given (non-main) branch`
			`if: ${{ github.ref != 'refs/heads/main' }}`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`run: \|`
			`export BRANCH=${GITHUB_REF#refs/heads/}`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
Add artifactoryUsername/Password to other workflow steps Added artifactoryUsername/Password to other CI workflow steps to ensure all steps will pass if a new dependency is added. 2020-11-16 14:11:07 -05:00			`./gradlew sonarqube -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PexcludeProjects='/samples/' -Dsonar.projectKey="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.projectName="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace`
master->main Closes gh-9683 2021-04-26 17:50:35 -04:00			`- name: Run Sonar on main`
			`if: ${{ github.ref == 'refs/heads/main' }}`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
Add artifactoryUsername/Password to other workflow steps Added artifactoryUsername/Password to other CI workflow steps to ensure all steps will pass if a new dependency is added. 2020-11-16 14:11:07 -05:00			`./gradlew sonarqube -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PexcludeProjects='/samples/' -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
			`deploy_artifacts:`
			`name: Deploy Artifacts`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK`
			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Deploy artifacts`
			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
			`export VERSION_HEADER=$'Version: GnuPG v2\n\n'`
Change to GPG_PRIVATE_KEY_NO_HEADER Closes gh-9531 2021-03-30 14:55:00 -04:00			`export ORG_GRADLE_PROJECT_signingKey=${GPG_PRIVATE_KEY_NO_HEADER#"$VERSION_HEADER"}`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`export ORG_GRADLE_PROJECT_signingPassword="$GPG_PASSPHRASE"`
			`./gradlew deployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel`
			`./gradlew finalizeDeployArtifacts -PossrhUsername="$OSSRH_TOKEN_USERNAME" -PossrhPassword="$OSSRH_TOKEN_PASSWORD" -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" --stacktrace --no-parallel`
			`env:`
			`GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}`
			`GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}`
			`OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }}`
			`OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }}`
			`ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}`
			`ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}`
			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
			`deploy_docs:`
			`name: Deploy Docs`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK`
			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Deploy Docs`
			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
			`./gradlew deployDocs -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace`
			`env:`
			`DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}`
			`DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}`
			`DOCS_HOST: ${{ secrets.DOCS_HOST }}`
			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
			`deploy_schema:`
			`name: Deploy Schema`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Set up JDK`
			`uses: actions/setup-java@v1`
			`with:`
Update Git Workflows to Use JDK 11 Closes gh-9417 2021-02-05 17:21:07 -05:00			`java-version: '11'`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`- name: Deploy Schema`
			`run: \|`
			`export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER"`
			`export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD"`
			`export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY"`
			`./gradlew deploySchema -PdeployDocsSshKey="$DOCS_SSH_KEY" -PdeployDocsSshUsername="$DOCS_USERNAME" -PdeployDocsHost="$DOCS_HOST" --stacktrace --info`
			`env:`
			`DOCS_USERNAME: ${{ secrets.DOCS_USERNAME }}`
			`DOCS_SSH_KEY: ${{ secrets.DOCS_SSH_KEY }}`
			`DOCS_HOST: ${{ secrets.DOCS_HOST }}`
			`- name: Track error step`
			`uses: spring-projects/track-build-errors-action@v1`
			`if: ${{ failure() }}`
			`with:`
			`job-name: ${{ github.job }}`
			`- name: Export errors file`
			`uses: actions/upload-artifact@v2`
			`if: ${{ failure() }}`
			`with:`
			`name: errors`
			`path: job-${{ github.job }}.txt`
			`notify_result:`
			`name: Check for failures`
Update Check Windows CI Workflow - Add slack integration for error reporting - Rename from check_windows to build_windows - Change the build command to match the one in build_jdk_11 - Add build_windows to the needs of deployment and failure check jobs Issue gh-9727 2021-05-14 13:13:18 -04:00			`needs: [build_jdk_11, build_windows, snapshot_tests, sonar_analysis, deploy_artifacts, deploy_docs, deploy_schema]`
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00			`if: always()`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v2`
			`- name: Download errors folder`
			`uses: actions/download-artifact@v2`
			`with:`
			`name: errors`
			`- name: Send Slack message`
			`uses: spring-projects/notify-slack-errors-action@v1`
			`with:`
			`slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}`
			`branch-name: ${{ github.ref }}`
			`commit-sha: ${{ github.sha }}`
			`commit-owner: ${{ github.actor }}`
			`repo-name: ${{ github.repository }}`
			`run-id: ${{ github.run_id }}`