Skip to content

upgrade errorprone-support static analysis #4530

upgrade errorprone-support static analysis

upgrade errorprone-support static analysis #4530

Workflow file for this run

name: build
on:
pull_request: {}
push:
branches: [master, v2.dev, v3.dev]
permissions: read-all
env:
DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
ALLOWED_ENDPOINTS: >
*.actions.githubusercontent.com:443
api.adoptium.net:443
api.github.com:443
api.snapcraft.io:443
caffeine.gradle-enterprise.cloud:443
cdn.azul.com:443
cloudflare.com:443
docker.io:443
download.java.net:443
download.oracle.com:443
downloads.gradle.org:443
downloads.gradle-dn.com:443
gds.oracle.com:443
ghcr.io:443
github.com:443
jdk.java.net:443
jcenter.bintray.com:443
objects.githubusercontent.com:443
oss.sonatype.org:443
plugins.gradle.org:443
plugins-artifacts.gradle.org:443
raw.githubusercontent.com:443
registry.npmjs.org:443
repo.gradle.org:443
repo.maven.apache.org:443
repo1.maven.org:443
scans-in.gradle.com:443
services.gradle.org:443
schemastore.org:443
www.graalvm.org:443
PUBLISH_JDK: 11
jobs:
compile:
name: Compile
timeout-minutes: 15
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 11, 23, 24, GraalVM ]
env:
JAVA_VERSION: ${{ matrix.java }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Compile
uses: ./.github/actions/run-gradle
with:
java: ${{ env.JAVA_VERSION }}
arguments: check -x test ${{ env.GRADLE_ARGS }}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Cancel if failed
uses: andymckay/cancel-action@a955d435292c0d409d104b57d8e78435a93a6ef1 # 0.5
continue-on-error: true
if: failure()
tests:
name: Tests
timeout-minutes: 60
runs-on: ubuntu-latest
needs: compile
strategy:
matrix:
suite:
- caffeine:weakKeysAndStrongValuesStatsAsyncCaffeineSlowTest
- caffeine:weakKeysAndStrongValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndSoftValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesStatsAsyncCaffeineTest
- caffeine:weakKeysAndWeakValuesStatsSyncCaffeineSlowTest
- caffeine:weakKeysAndSoftValuesStatsSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesStatsAsyncCaffeineTest
- caffeine:weakKeysAndStrongValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesAsyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesStatsSyncCaffeineTest
- caffeine:strongKeysAndSoftValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndWeakValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndSoftValuesSyncCaffeineSlowTest
- caffeine:weakKeysAndWeakValuesStatsSyncCaffeineTest
- caffeine:weakKeysAndSoftValuesStatsSyncCaffeineTest
- caffeine:strongKeysAndStrongValuesAsyncCaffeineTest
- caffeine:weakKeysAndWeakValuesSyncCaffeineSlowTest
- caffeine:weakKeysAndSoftValuesSyncCaffeineSlowTest
- caffeine:strongKeysAndStrongValuesSyncCaffeineTest
- caffeine:weakKeysAndStrongValuesAsyncCaffeineTest
- caffeine:weakKeysAndStrongValuesSyncCaffeineTest
- caffeine:strongKeysAndWeakValuesSyncCaffeineTest
- caffeine:strongKeysAndSoftValuesSyncCaffeineTest
- caffeine:weakKeysAndWeakValuesSyncCaffeineTest
- caffeine:weakKeysAndSoftValuesSyncCaffeineTest
- caffeine:lincheckTest
- caffeine:isolatedTest
- caffeine:junitTest
- simulator:check
- jcache:check
- guava:check
java: [ 11, 23 ]
include:
- suite: caffeine:weakKeysAndStrongValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesStatsSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndStrongValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesStatsSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesSyncGuavaSlowTest
java: 11
- suite: caffeine:strongKeysAndStrongValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndStrongValuesSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndWeakValuesSyncGuavaTest
java: 11
- suite: caffeine:strongKeysAndSoftValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndWeakValuesSyncGuavaTest
java: 11
- suite: caffeine:weakKeysAndSoftValuesSyncGuavaTest
java: 11
- suite: caffeine:fuzzTest
java: 11
env:
JAVA_VERSION: ${{ matrix.java }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run tests (${{ env.JAVA_VERSION }})
uses: ./.github/actions/run-gradle
with:
java: ${{ env.JAVA_VERSION }}
arguments: ${{ matrix.suite }}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Format Test Artifact Name
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
run: |
RAW_NAME=${{ matrix.suite }}-${{ env.JAVA_VERSION }}
ARTIFACT_NAME=$(echo $RAW_NAME | sed 's/:/-/g')
echo "ARTIFACT_NAME=$ARTIFACT_NAME" >> $GITHUB_ENV
- name: Compress test results
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
run: >
find . -path */jacoco/*.exec -o -path */results/*.xml
| tar czf ${{ env.ARTIFACT_NAME }}.tar.gz --files-from -
- name: Upload test results
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
with:
retention-days: 1
name: ${{ env.ARTIFACT_NAME }}-results
path: ${{ env.ARTIFACT_NAME }}.tar.gz
- name: Cancel if failed
uses: andymckay/cancel-action@a955d435292c0d409d104b57d8e78435a93a6ef1 # 0.5
continue-on-error: true
if: failure()
coverage:
name: Coverage
runs-on: ubuntu-latest
needs: tests
if: (github.event_name == 'push') && (github.event.repository.fork == false)
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
artifacts.codacy.com:443
api.codacy.com:443
app.deepsource.com:443
codecov.io:443
coveralls.io:443
deepsource.io:443
fastly.com:443
nodejs.org:443
raw.githubusercontent.com
sonarcloud.io:443
scanner.sonarcloud.io:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Download Tests Results
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Combine Jacoco Reports
uses: ./.github/actions/run-gradle
with:
arguments: check -x test
java: ${{ env.PUBLISH_JDK }}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Publish to Coveralls
uses: ./.github/actions/run-gradle
env:
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
with:
arguments: coveralls
java: ${{ env.PUBLISH_JDK }}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
continue-on-error: true
- name: Publish to Codecov
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Publish to Codacy
uses: codacy/codacy-coverage-reporter-action@89d6c85cfafaec52c72b6c5e8b2878d33104c699 # v1.3.0
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
continue-on-error: true
- name: Publish to DeepSource
uses: deepsourcelabs/test-coverage-action@e02a039827236fa21a95866e7cd0b1c52ca61e76 # v1.1.2
continue-on-error: true
with:
key: java
dsn: ${{ secrets.DEEPSOURCE_DSN }}
coverage-file: ./build/reports/jacoco/jacocoFullReport/jacocoFullReport.xml
- name: Publish to SonarQube
uses: ./.github/actions/run-gradle
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
java: ${{ env.PUBLISH_JDK }}
arguments: sonar -Dsonar.branch.name=${GITHUB_REF##*/}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
continue-on-error: true
test-results:
name: Test Results
runs-on: ubuntu-latest
needs: tests
if: github.event_name == 'push'
permissions:
checks: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
badgen.net:443
- name: Download Tests
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Publish Test Results
uses: EnricoMi/publish-unit-test-result-action@170bf24d20d201b842d7a52403b73ed297e6645b # v2.18.0
continue-on-error: true
id: test-results
with:
json_thousands_separator: ','
junit_files: '**/TEST-*.xml'
comment_mode: off
ignore_runs: true
job_summary: true
- name: Create badge
id: test-badge
env:
LABEL: tests
COLOR: 31c653
STATUS: ${{ fromJSON(steps.test-results.outputs.json).formatted.stats.runs }}
continue-on-error: true
run: curl -s -f https://badgen.net/badge/${{env.LABEL}}/${{env.STATUS}}/${{env.COLOR}} > badge.svg
- name: Upload badge to Gist
uses: popsiclestick/gist-sync-action@88f8633178625914f2a01abf1a765f7272a580fa # v1.2.0
if: >
github.event.repository.fork == false
&& steps.test-badge.outcome == 'success'
&& endsWith(github.ref, github.event.repository.default_branch)
with:
gist_url: https://gist.githubusercontent.com/ben-manes/c20eb418f0e0bd6dfe1c25beb35faae4
auth: ${{ secrets.GIST_TOKEN }}
gist_description: Test Results
github_file: badge.svg
gist_title: badge.svg
publish-snapshot:
name: Publish Snapshot
runs-on: ubuntu-latest
needs: tests
if: >
github.event_name == 'push'
&& github.event.repository.fork == false
&& endsWith(github.ref, github.event.repository.default_branch)
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
${{ env.ALLOWED_ENDPOINTS }}
checkerframework.org:443
docs.oracle.com:443
errorprone.info:443
lightbend.github.io:443
guava.dev:443
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Publish Snapshot
uses: ./.github/actions/run-gradle
env:
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.NEXUS_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.NEXUS_PASSWORD }}
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
ORG_GRADLE_PROJECT_signingKeyId: ${{ secrets.OSSRH_GPG_SECRET_KEY_ID }}
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
with:
attempt-limit: 3
attempt-delay: 2
java: ${{ env.PUBLISH_JDK }}
arguments: publishToSonatype --no-configuration-cache
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}