chore(deps): update dependency com.google.protobuf to v0.9.4 #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| ## Event: Merge group checks | |
| merge_group: {} | |
| ## Event: Push on `main` or `stable` | |
| push: | |
| branches: | |
| - main | |
| - stable | |
| tags: | |
| - "v*" | |
| ## Event: PR | |
| pull_request: | |
| types: | |
| - opened | |
| - closed | |
| - reopened | |
| - synchronize | |
| paths: | |
| ## Trigger: CI Changes | |
| - ".github/workflows/trigger.yml" | |
| ## Trigger: Global changes/release | |
| - ".version" | |
| - ".release" | |
| ## Trigger: Server Changes | |
| - "gradle.properties" | |
| - "*.kts" | |
| - "**/*.kts" | |
| - "**/*.kt" | |
| - "**/*.java" | |
| - "**/*.properties" | |
| - "app/server/**" | |
| - "gradle/**" | |
| env: | |
| CI: true | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| ## Build: Gradle Plugin | |
| build-plugin: | |
| name: "Build" | |
| uses: elide-dev/build-infra/.github/workflows/jvm.gradle.yml@main | |
| secrets: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: write | |
| actions: read | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 6 | |
| matrix: | |
| platform: [Linux, Windows, macOS] | |
| gradleLabel: ["Gradle 8.2", "Gradle 8.1"] | |
| include: | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| tasks: koverXmlReport sonar | |
| gradle: "8.2" | |
| gradleLabel: "Gradle 8.2" | |
| main: true | |
| labs: false | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.2" | |
| gradle: "8.2" | |
| main: false | |
| labs: false | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.2" | |
| gradle: "8.2" | |
| main: false | |
| labs: false | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle 8.1" | |
| gradle: "8.1" | |
| main: false | |
| labs: false | |
| - platform: Windows | |
| runner: windows-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| - platform: macOS | |
| runner: macos-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| - platform: Linux | |
| runner: ubuntu-latest | |
| gradleLabel: "Gradle Latest" | |
| gradle: "release-candidate" | |
| main: false | |
| labs: true | |
| with: | |
| label: "Plugin" | |
| runner: "${{ matrix.runner }}" | |
| action: "build test ${{ matrix.tasks }}" | |
| flags: "--scan --stacktrace" | |
| artifact: "buildless-plugin-gradle" | |
| gradle: ${{ matrix.gradle }} | |
| labs: ${{ fromJson(matrix.labs) }} | |
| coverage_report: "build/reports/kover/report.xml" | |
| provenance: "${{ fromJson(matrix.main) }}" | |
| coverage: "${{ fromJson(matrix.main) }}" | |
| artifacts: "${{ fromJson(matrix.main) }}" | |
| ## Checks: API Breakage | |
| check-api: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.apicheck.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| contents: read | |
| ## Checks: CodeQL | |
| check-codeql: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.codeql.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Detekt | |
| check-detekt: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.detekt.yml | |
| secrets: | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Qodana | |
| check-qodana: | |
| name: "Check" | |
| needs: ["build-plugin"] | |
| uses: ./.github/workflows/module.qodana.yml | |
| secrets: | |
| QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} | |
| BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} | |
| permissions: | |
| checks: write | |
| pull-requests: read | |
| id-token: write | |
| contents: read | |
| actions: read | |
| security-events: write | |
| ## Checks: Dependency Review | |
| dependency-review: | |
| name: "Dependency Review" | |
| needs: ["build-plugin"] | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 | |
| with: | |
| egress-policy: audit | |
| - name: "Setup: Checkout" | |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | |
| - name: "Analysis: Dependency Review" | |
| uses: actions/dependency-review-action@1360a344ccb0ab6e9475edef90ad2f46bf8003b1 # v3 |