Improve Resilience & Repeatability Of Linux Installers Packaging Process #1093
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Linux Packages | |
on: | |
workflow_dispatch: | |
push: | |
paths: | |
- 'linux/**' | |
- '.github/workflows/linux.yml' | |
pull_request: | |
branches: [ master ] | |
paths: | |
- 'linux/**' | |
- '.github/workflows/linux.yml' | |
# Cancel existing runs if user makes another push. | |
concurrency: | |
group: "${{ github.ref }}" | |
cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
permissions: | |
contents: read | |
jobs: | |
generate-matrix: | |
if: github.event_name == 'pull_request' || github.repository_owner != 'adoptium' | |
runs-on: ubuntu-latest | |
# Map a step output to a job output | |
outputs: | |
matrix: ${{ steps.generate-matrix.outputs.matrix }} | |
cacerts: ${{ steps.changes.outputs.cacerts }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: Get changed files | |
id: changes | |
# Set outputs using the command. | |
run: | | |
changed_files=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | xargs) | |
echo $changed_files | |
echo "all=$changed_files" >> $GITHUB_OUTPUT | |
cacerts=$(git diff --name-only --diff-filter=ACMRT ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | grep ca-certificates | xargs) | |
echo "cacerts=$cacerts" >> $GITHUB_OUTPUT | |
- name: Generate CI matrix | |
id: generate-matrix | |
run: | | |
# Generate the matrix based on the changed files | |
# Loop through the changed files and generate a matrix of jobs to run | |
# The matrix is a JSON string that is used in the next step | |
# Set test versions if version cannot be determined from the path | |
versions_to_test=( | |
"8" | |
"11" | |
"17" | |
"20" | |
) | |
# If this job is being run on a pull request, only run the matrix for the changed files | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
changed_files="${{ steps.changes.outputs.all }}" | |
else | |
changed_files=$(git ls-files linux) | |
fi | |
matrix='[' | |
for file in $(echo ${changed_files} | tr " " "\n") | |
do | |
# capitalize distro unless it's redhat (set as RedHat) | |
capitalize () { | |
if [[ $1 == "redhat" ]]; then | |
echo "RedHat" | |
else | |
echo $1 | awk '{print toupper(substr($0,0,1))tolower(substr($0,2))}' | |
fi | |
} | |
case $file in | |
linux/jdk/*|linux/jre/*) | |
# extract values from the path | |
type=$(echo $file | cut -d'/' -f 2 | tr '[a-z]' '[A-Z]') | |
distro=$(echo $file | cut -d'/' -f 3) | |
# if distro = build.gradle skip it | |
if [[ $distro == "build.gradle" ]]; then | |
continue | |
fi | |
distro=$(capitalize $distro) | |
name=$(echo $file | cut -d'/' -f 7) | |
# if name != temurin and !microsoft skip it | |
if [[ $name != "temurin" && $name != "microsoft" ]]; then | |
continue | |
fi | |
version=$(echo $file | cut -d'/' -f 8) | |
# test if version is a number and otherwise use versions_to_test | |
if ! [[ $version =~ ^[0-9]+$ ]]; then | |
name="temurin" | |
for version in "${versions_to_test[@]}" | |
do | |
matrix+='{"image_type":"'"$type"'","distro":"'"$distro"'","product":{"name":"'"$name"'","version":"'"$version"'"}},' | |
done | |
else | |
matrix+='{"image_type":"'"$type"'","distro":"'"$distro"'","product":{"name":"'"$name"'","version":"'"$version"'"}},' | |
fi | |
;; | |
esac | |
done | |
# remove trailing comma | |
matrix=${matrix%?} | |
matrix+=']' | |
# check if matrix is empty | |
if [[ $matrix == ']' ]]; then | |
echo "No jobs to run" | |
matrix='[]' | |
else | |
# remove any duplicate entries | |
matrix=$(echo $matrix | jq -S 'unique') | |
fi | |
echo "matrix<<EOF"$'\n'"$matrix"$'\n'EOF >> $GITHUB_OUTPUT | |
check-ca-certificates: | |
name: "Check ca-certificates" | |
needs: generate-matrix | |
if: (github.event_name == 'pull_request' && needs.generate-matrix.outputs.cacerts) || github.repository_owner != 'adoptium' | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./linux | |
steps: | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.8.0 | |
with: | |
java-version: '17' | |
java-package: jdk | |
architecture: x64 | |
distribution: 'temurin' | |
- name: Build | |
run: | | |
export _JAVA_OPTIONS="-Xmx4G" | |
./gradlew --parallel :ca-certificates:check --stacktrace | |
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
if: always() # always run even if the previous step fails | |
with: | |
name: test-results | |
path: '**/build/test-results/**/TEST-*.xml' | |
check-packages: | |
name: "Check ${{ matrix.image_type }} on ${{ matrix.product.name }} ${{ matrix.product.version }} ${{ matrix.distro }}" | |
if: github.event_name == 'pull_request' || github.repository_owner != 'adoptium' | |
needs: generate-matrix | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./linux | |
strategy: | |
fail-fast: false | |
matrix: | |
include: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.8.0 | |
with: | |
java-version: '17' | |
java-package: jdk | |
architecture: x64 | |
distribution: 'temurin' | |
- name: Build # only simulate in Jenkins when select ARCH="all" | |
run: | | |
export _JAVA_OPTIONS="-Xmx4G" | |
export DOCKER_BUILDKIT=1 | |
./gradlew --parallel package$( echo "${{ matrix.image_type }}" | tr [DKRE] [dkre] )${{ matrix.distro }} check${{ matrix.image_type }}${{ matrix.distro }} -PPRODUCT=${{ matrix.product.name }} -PPRODUCT_VERSION=${{ matrix.product.version }} --stacktrace | |
- name: Relocate test results | |
if: always() # always run even if the previous step fails | |
run: | | |
mkdir ${{ matrix.product.version }} | |
mv $( echo "${{ matrix.image_type }}" | tr [:upper:] [:lower:] ) ${{ matrix.product.version }} | |
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
if: always() # always run even if the previous step fails | |
with: | |
name: test-results | |
path: '**/build/test-results/**/TEST-*.xml' | |
# Ensures we don't accept a Gradle Wrapper update that has been tampered with. | |
validation: | |
name: "Validate Gradle Wrapper" | |
if: github.event_name == 'pull_request' || github.repository_owner != 'adoptium' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # v1.1.0 |