build(deps): update github/codeql-action action to v3.28.1 (#6136) #8207
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Workflow for testing Spoon. | |
# | |
# Note that actions are specified by commit hash. This is to avoid the security | |
# risk of someone injecting malicious code into a release and then simply | |
# changing a tag. | |
name: tests | |
on: | |
pull_request: | |
branches: | |
- master | |
push: | |
branches: | |
- master | |
- chore/flakey-flakey-rise-and-shine | |
schedule: | |
- cron: "0 0 * * *" | |
env: | |
MAVEN_OPTS: >- | |
-Dmaven.resolver.transport=native | |
-Daether.connector.connectTimeout=300000 | |
-Daether.connector.requestTimeout=300000 | |
NIX_OPTIONS: >- | |
--ignore-environment | |
--keep MAVEN_OPTS --keep PATH --keep LANG | |
jobs: | |
test-linux: | |
runs-on: ${{ matrix.os }} | |
name: Tests with Java ${{ matrix.java }} on ${{ matrix.os }} | |
strategy: | |
matrix: | |
java: [17, 21] | |
os: [ubuntu-latest] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop .#jdk${{ matrix.java }} ${{ env.NIX_OPTIONS }} --command true | |
- name: Test | |
run: nix develop .#jdk${{ matrix.java }} ${{ env.NIX_OPTIONS }} --command test | |
test-windows: | |
runs-on: windows-latest | |
name: Tests with Java 17 on windows-latest | |
steps: | |
- name: Disable Git's autocrlf | |
run: git config --global core.autocrlf false | |
- name: git checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
cache: 'maven' | |
- name: Test | |
run: | | |
cp chore/logback.xml src/test/resources/ | |
mvn -f spoon-pom test | |
cat testResults.spoon | |
coverage: | |
runs-on: ubuntu-latest | |
name: Test with coverage | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} --command true | |
- name: Run tests with coverage | |
run: nix develop ${{ env.NIX_OPTIONS }} --keep PR_NUMBER --keep GITHUB_TOKEN --command coverage | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PR_NUMBER: ${{ github.event.number }} | |
extra: | |
runs-on: ubuntu-latest | |
name: Extra checks | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command true | |
- name: Run extra checks | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command extra | |
- name: Trigger extra remote tasks | |
if: github.repository == 'INRIA/spoon' && github.event_name == 'pull_request' | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command extra-remote | |
javadoc: | |
runs-on: ubuntu-latest | |
name: Javadoc quality | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command true | |
- name: Build spoon | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command mvn -f spoon-pom -B install -Dmaven.test.skip=true | |
- name: Run Javadoc quality check | |
run: nix develop ${{ env.NIX_OPTIONS }} .#extraChecks --command javadoc-quality | |
reproducible-builds: | |
runs-on: ubuntu-latest | |
name: reproducible-builds | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} --command true | |
- name: Check status | |
run: nix develop ${{ env.NIX_OPTIONS }} --command reproducible-builds | |
maven-central-requirements: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} --command true | |
- name: Check maven pom quality | |
run: nix develop ${{ env.NIX_OPTIONS }} --command maven-pom-quality | |
codegen: | |
runs-on: ubuntu-latest | |
name: Codegeneration | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup env | |
uses: ./.github/actions/setup-tests | |
- name: Time nix setup | |
run: nix develop ${{ env.NIX_OPTIONS }} --command true | |
- name: Run codegen checks | |
run: nix develop ${{ env.NIX_OPTIONS }} --command codegen |