-
Notifications
You must be signed in to change notification settings - Fork 0
159 lines (136 loc) · 6.09 KB
/
internal-java-code-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Java Code Structure Graph Analysis
on:
push:
branches:
- main
# Ignore changes in documentation, general configuration and reports for push events
paths-ignore:
- 'results/**'
- '**/*.md'
- '**/*.txt'
- '**/*.css'
- '**/*.html'
- '**/*.js'
- '.gitignore'
- '.gitattributes'
- 'renovate.json'
- 'changelogTemplate.mustache'
- '**.code-workspace'
- '.github/workflows/typescript-code-analysis.yml'
- '.github/workflows/*documentation.yml'
pull_request:
branches:
- main
# Ignore changes in documentation, general configuration and reports for pull request events
paths-ignore:
- 'results/**'
- '**/*.md'
- '**/*.txt'
- '**/*.css'
- '**/*.html'
- '**/*.js'
- '.gitignore'
- '.gitattributes'
- 'renovate.json'
- 'changelogTemplate.mustache'
- '**.code-workspace'
- '.github/workflows/typescript-code-analysis.yml'
- '.github/workflows/*documentation.yml'
# Requires the secret NEO4J_INITIAL_PASSWORD to be configured
jobs:
prepare-code-to-analyze:
runs-on: ubuntu-latest
outputs:
analysis-name: ${{ steps.set-analysis-name.outputs.analysis-name }}
sources-upload-name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
artifacts-upload-name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }}
env:
PROJECT_NAME: AxonFramework
# Version variable names matches renovate.json configuration entry
AXON_FRAMEWORK_VERSION: 4.10.3
steps:
- name: Checkout GIT Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Set Set output variable 'analysis-name'
id: set-analysis-name
run: echo "analysis-name=${{ env.PROJECT_NAME }}-${{ env.AXON_FRAMEWORK_VERSION }}" >> "$GITHUB_OUTPUT"
- name: Setup temp directory if missing
run: mkdir -p ./temp
- name: Download ${{ steps.set-analysis-name.outputs.analysis-name }}
working-directory: temp
run: |
mkdir -p ${{ steps.set-analysis-name.outputs.analysis-name }}
cd ${{ steps.set-analysis-name.outputs.analysis-name }}
echo "Working directory: $( pwd -P )"
./../../scripts/downloader/downloadAxonFramework.sh ${{ env.AXON_FRAMEWORK_VERSION }}
- name: Debug folder structure in temp directory
if: runner.debug == '1'
working-directory: temp
run: |
ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'
- name: (Prepare Code to Analyze) Generate ARTIFACT_UPLOAD_ID
run: echo "ARTIFACT_UPLOAD_ID=$(LC_ALL=C tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 10)" >> $GITHUB_ENV
- name: (Prepare Code to Analyze) Set sources-upload-name
id: set-sources-upload-name
run: echo "sources-upload-name=${{ steps.set-analysis-name.outputs.analysis-name }}-analysis-sources_input-${{ env.ARTIFACT_UPLOAD_ID }}" >> "$GITHUB_OUTPUT"
- name: (Prepare Code to Analyze) Set output variable 'artifacts-upload-name'
id: set-artifacts-upload-name
run: echo "artifacts-upload-name=${{ steps.set-analysis-name.outputs.analysis-name }}-analysis-artifacts-input-${{ env.ARTIFACT_UPLOAD_ID }}" >> "$GITHUB_OUTPUT"
- name: (Prepare Code to Analyze) Upload sources to analyze
if: success()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
with:
name: ${{ steps.set-sources-upload-name.outputs.sources-upload-name }}
path: ./temp/${{ steps.set-analysis-name.outputs.analysis-name }}/source
include-hidden-files: true
if-no-files-found: error
retention-days: 1
- name: (Prepare Code to Analyze) Upload artifacts to analyze
if: success()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4
with:
name: ${{ steps.set-artifacts-upload-name.outputs.artifacts-upload-name }}
path: ./temp/${{ steps.set-analysis-name.outputs.analysis-name }}/artifacts
if-no-files-found: error
retention-days: 1
analyze-code-graph:
needs: [prepare-code-to-analyze]
uses: ./.github/workflows/public-analyze-code-graph.yml
with:
analysis-name: ${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
artifacts-upload-name: ${{ needs.prepare-code-to-analyze.outputs.artifacts-upload-name }}
sources-upload-name: ${{ needs.prepare-code-to-analyze.outputs.sources-upload-name }}
commit-analysis-results:
if: github.event_name == 'push'
needs: [prepare-code-to-analyze, analyze-code-graph]
runs-on: ubuntu-latest
env:
CI_COMMIT_MESSAGE: Automated code structure analysis analysis-results (CI)
CI_COMMIT_AUTHOR: ${{ github.event.repository.name }} Continuous Integration
steps:
- name: Checkout GIT Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
token: ${{ secrets.WORKFLOW_GIT_ACCESS_TOKEN }}
- name: (Code Analysis Setup) Download source code and artifacts for analysis
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: ${{ needs.analyze-code-graph.outputs.uploaded-analysis-results }}
path: ./results/${{ needs.prepare-code-to-analyze.outputs.analysis-name }}
- name: Commit "results" directory containing the reports
# Only run when a pull request gets merged or a commit is pushed to the main branch
# git add parameters need to match paths-ignore parameters above
# Git pull before add/commit/push to reduce race conditions on parallel builds
run: |
git config --global user.name '${{ env.CI_COMMIT_AUTHOR }}'
git config --global user.email "[email protected]"
git config --local http.postBuffer 524288000
git fetch origin
git status
git add results
git status
git commit -m "${{ env.CI_COMMIT_MESSAGE }}"
git status
git rebase --strategy-option=theirs origin/main --verbose
git status
git push --verbose