CI Jobs (#3)

* nit: gitattribute updates Signed-off-by: Sam Gammon <[email protected]> * nit: fix contributing.md location Signed-off-by: Sam Gammon <[email protected]> * chore: ci jobs, readme improvements - chore: ci jobs for build/test - chore: readme links (top) - chore: dependency graph upload - chore: dependency review check - chore: gradle wrapper check Signed-off-by: Sam Gammon <[email protected]> * fixup! use main mvn for maven sample Signed-off-by: Sam Gammon <[email protected]> * fixup! name of dependency graph job Signed-off-by: Sam Gammon <[email protected]> --------- Signed-off-by: Sam Gammon <[email protected]>
elide-dev · Mar 11, 2024 · 33aa32e · 33aa32e
1 parent b58691a
commit 33aa32e
Show file tree

Hide file tree

Showing 7 changed files with 93 additions and 1 deletion.
diff --git a/.github/workflows/check.dependency-review.yml b/.github/workflows/check.dependency-review.yml
@@ -0,0 +1,24 @@
+name: "Checks: Dependency Review"
+
+"on":
+ workflow_call: {}
+ workflow_dispatch: {}
+
+permissions:
+ contents: read
+
+jobs:
+ dependency-review:
+ name: "Dependency Review"
+ runs-on: ubuntu-latest
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+ with:
+ egress-policy: audit
+ - name: "Setup: Checkout"
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ with:
+ persist-credentials: false
+ - name: "Checks: Dependency Review"
+ uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3
diff --git a/.github/workflows/ci.build-test.yml b/.github/workflows/ci.build-test.yml
@@ -20,8 +20,19 @@ jobs:
  uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
  with:
  persist-credentials: false
+ submodules: true
  - name: "Setup: Java 21"
  uses: actions/setup-java@v4
  with:
  java-version: '21'
  distribution: 'zulu'
+ - name: "Setup: Cache"
+ uses: actions/cache@v4
+ with:
+ path: |
+ jdk
+ annotation-tools
+ .m2
+ key: jpms-attic-v1-${{ runner.os }}
+ - name: "Build & Test Repository"
+ run: make TESTS=yes SIGNING=no JAVADOC=no SNAPSHOT=yes
diff --git a/.github/workflows/ci.dependency-graph.yml b/.github/workflows/ci.dependency-graph.yml
@@ -0,0 +1,32 @@
+name: "Dependency Graph"
+
+"on":
+ workflow_call: {}
+ workflow_dispatch: {}
+
+permissions:
+ contents: read
+
+jobs:
+ build-graph:
+ name: "Dependency Graph"
+ runs-on: ubuntu-latest
+ permissions:
+ contents: write # needed for graph write 
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+ with:
+ egress-policy: audit
+ - name: "Setup: Checkout"
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ with:
+ persist-credentials: false
+ - name: "Setup: Java 21"
+ uses: actions/setup-java@v4
+ with:
+ java-version: '21'
+ distribution: 'zulu'
+ - name: "Build: Maven Dependency Graph"
+ continue-on-error: true
+ uses: advanced-security/maven-dependency-submission-action@bfd2106013da0957cdede0b6c39fb5ca25ae375e # v4.0.2
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
@@ -13,6 +13,17 @@ jobs:
  name: "Build & Test"
  uses: ./.github/workflows/ci.build-test.yml
 
+ build-dependency-graph:
+ name: "Build & Test"
+ uses: ./.github/workflows/ci.dependency-graph.yml
+ permissions:
+ contents: write # needed for graph write
+
  checks-gradle:
  name: "Checks"
  uses: ./.github/workflows/check.gradle-wrapper.yml
+
+ checks-dependency-review:
+ name: "Checks"
+ needs: [build-dependency-graph]
+ uses: ./.github/workflows/check.dependency-review.yml
diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml
@@ -13,6 +13,17 @@ jobs:
  name: "Build & Test"
  uses: ./.github/workflows/ci.build-test.yml
 
+ build-dependency-graph:
+ name: "Build & Test"
+ uses: ./.github/workflows/ci.dependency-graph.yml
+ permissions:
+ contents: write # needed for graph write
+
  checks-gradle:
  name: "Checks"
  uses: ./.github/workflows/check.gradle-wrapper.yml
+
+ checks-dependency-review:
+ name: "Checks"
+ needs: [build-dependency-graph]
+ uses: ./.github/workflows/check.dependency-review.yml 
diff --git a/README.md b/README.md
@@ -1,6 +1,9 @@
 
 # JPMS Attic
 
+- [GitHub Repo](https:/javamodules/attic)
+- [Docs](https://jpms.pkg.st)
+
 This repository provides sub-module library overrides for popular Java libraries which don't yet provide JPMS support (at least until some PRs are merged!). There is a Maven repository which contains these artifacts, too, so you can safely use them in your projects.
 
 #### Pending PRs

diff --git a/samples/Makefile b/samples/Makefile
@@ -20,4 +20,4 @@ modular-guava-repo/app/build:
 modular-guava-maven: modular-guava-maven/target
 modular-guava-maven/target:
  @echo "Building Modular Guava sample (Maven, remote repo)..."
- $(RULE)cd modular-guava-maven && mvnw clean package exec:exec@modular
+ $(RULE)cd modular-guava-maven && mvn clean package exec:exec@modular