diff --git a/.github/actions/await-http-resource/action.yml b/.github/actions/await-http-resource/action.yml index 7d2b3462b537..ba177fb757b5 100644 --- a/.github/actions/await-http-resource/action.yml +++ b/.github/actions/await-http-resource/action.yml @@ -1,8 +1,8 @@ name: Await HTTP Resource -description: Waits for an HTTP resource to be available (a HEAD request succeeds) +description: 'Waits for an HTTP resource to be available (a HEAD request succeeds)' inputs: url: - description: 'The URL of the resource to await' + description: 'URL of the resource to await' required: true runs: using: composite diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 78188ae631b9..126d25b6ba8a 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -1,31 +1,35 @@ name: 'Build' description: 'Builds the project, optionally publishing it to a local deployment repository' inputs: - java-version: + develocity-access-key: + description: 'Access key for authentication with ge.spring.io' required: false - default: '17' - description: 'The Java version to compile and test with' - java-early-access: + java-distribution: + description: 'Java distribution to use' required: false - default: 'false' + default: 'liberica' + java-early-access: description: 'Whether the Java version is in early access' - java-toolchain: required: false default: 'false' + java-toolchain: description: 'Whether a Java toolchain should be used' - publish: required: false default: 'false' + java-version: + description: 'Java version to compile and test with' + required: false + default: '17' + publish: description: 'Whether to publish artifacts ready for deployment to Artifactory' - develocity-access-key: required: false - description: 'The access key for authentication with ge.spring.io' + default: 'false' outputs: build-scan-url: - description: 'The URL, if any, of the build scan produced by the build' + description: 'URL, if any, of the build scan produced by the build' value: ${{ (inputs.publish == 'true' && steps.publish.outputs.build-scan-url) || steps.build.outputs.build-scan-url }} version: - description: 'The version that was built' + description: 'Version that was built' value: ${{ steps.read-version.outputs.version }} runs: using: composite @@ -34,9 +38,10 @@ runs: uses: ./.github/actions/prepare-gradle-build with: develocity-access-key: ${{ inputs.develocity-access-key }} - java-version: ${{ inputs.java-version }} + java-distribution: ${{ inputs.java-distribution }} java-early-access: ${{ inputs.java-early-access }} java-toolchain: ${{ inputs.java-toolchain }} + java-version: ${{ inputs.java-version }} - name: Build id: build if: ${{ inputs.publish == 'false' }} diff --git a/.github/actions/create-github-release/action.yml b/.github/actions/create-github-release/action.yml index d5cc67fb9be3..03452537adf8 100644 --- a/.github/actions/create-github-release/action.yml +++ b/.github/actions/create-github-release/action.yml @@ -1,27 +1,27 @@ name: Create GitHub Release -description: Create the release on GitHub with a changelog +description: 'Create the release on GitHub with a changelog' inputs: milestone: - description: Name of the GitHub milestone for which a release will be created - required: true - token: - description: Token to use for authentication with GitHub + description: 'Name of the GitHub milestone for which a release will be created' required: true pre-release: - description: Whether the release is a pre-release (a milestone or release candidate) + description: 'Whether the release is a pre-release (a milestone or release candidate)' required: false default: 'false' + token: + description: 'Token to use for authentication with GitHub' + required: true runs: using: composite steps: - name: Generate Changelog uses: spring-io/github-changelog-generator@185319ad7eaa75b0e8e72e4b6db19c8b2cb8c4c1 #v0.0.11 with: + config-file: .github/actions/create-github-release/changelog-generator.yml milestone: ${{ inputs.milestone }} token: ${{ inputs.token }} - config-file: .github/actions/create-github-release/changelog-generator.yml - name: Create GitHub Release + shell: bash env: GITHUB_TOKEN: ${{ inputs.token }} - shell: bash run: gh release create ${{ format('v{0}', inputs.milestone) }} --notes-file changelog.md ${{ inputs.pre-release == 'true' && '--prerelease' || '' }} diff --git a/.github/actions/prepare-gradle-build/action.yml b/.github/actions/prepare-gradle-build/action.yml index e4dec8c7f0dd..fdc9eb93bf0b 100644 --- a/.github/actions/prepare-gradle-build/action.yml +++ b/.github/actions/prepare-gradle-build/action.yml @@ -1,33 +1,37 @@ -name: 'Prepare Gradle Build' +name: Prepare Gradle Build description: 'Prepares a Gradle build. Sets up Java and Gradle and configures Gradle properties' inputs: - java-version: + develocity-access-key: + description: 'Access key for authentication with ge.spring.io' required: false - default: '17' - description: 'The Java version to use for the build' + java-distribution: + description: 'Java distribution to use' + required: false + default: 'liberica' java-early-access: + description: 'Whether the Java version is in early access. When true, forces java-distribution to temurin' required: false default: 'false' - description: 'Whether the Java version is in early access' java-toolchain: + description: 'Whether a Java toolchain should be used' required: false default: 'false' - description: 'Whether a Java toolchain should be used' - develocity-access-key: + java-version: + description: 'Java version to use for the build' required: false - description: 'The access key for authentication with ge.spring.io' + default: '17' runs: using: composite steps: - name: Set Up Java uses: actions/setup-java@v4 with: - distribution: ${{ inputs.java-early-access == 'true' && 'temurin' || 'liberica' }} + distribution: ${{ inputs.java-early-access == 'true' && 'temurin' || (inputs.java-distribution || 'liberica') }} java-version: | ${{ inputs.java-early-access == 'true' && format('{0}-ea', inputs.java-version) || inputs.java-version }} ${{ inputs.java-toolchain == 'true' && '17' || '' }} - name: Set Up Gradle - uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0 + uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 with: cache-read-only: false develocity-access-key: ${{ inputs.develocity-access-key }} diff --git a/.github/actions/print-jvm-thread-dumps/action.yml b/.github/actions/print-jvm-thread-dumps/action.yml index 9b0905b77725..bcaebf3676aa 100644 --- a/.github/actions/print-jvm-thread-dumps/action.yml +++ b/.github/actions/print-jvm-thread-dumps/action.yml @@ -1,5 +1,5 @@ name: Print JVM thread dumps -description: Prints a thread dump for all running JVMs +description: 'Prints a thread dump for all running JVMs' runs: using: composite steps: diff --git a/.github/actions/send-notification/action.yml b/.github/actions/send-notification/action.yml index d1389776397a..b379e67897d1 100644 --- a/.github/actions/send-notification/action.yml +++ b/.github/actions/send-notification/action.yml @@ -1,33 +1,39 @@ name: Send Notification -description: Sends a Google Chat message as a notification of the job's outcome +description: 'Sends a Google Chat message as a notification of the job''s outcome' inputs: - webhook-url: - description: 'Google Chat Webhook URL' - required: true - status: - description: 'Status of the job' - required: true build-scan-url: description: 'URL of the build scan to include in the notification' + required: false run-name: description: 'Name of the run to include in the notification' + required: false default: ${{ format('{0} {1}', github.ref_name, github.job) }} + status: + description: 'Status of the job' + required: true + webhook-url: + description: 'Google Chat Webhook URL' + required: true runs: using: composite steps: - - shell: bash + - name: Prepare Variables + shell: bash run: | echo "BUILD_SCAN=${{ inputs.build-scan-url == '' && ' [build scan unavailable]' || format(' [<{0}|Build Scan>]', inputs.build-scan-url) }}" >> "$GITHUB_ENV" echo "RUN_URL=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> "$GITHUB_ENV" - - shell: bash + - name: Success Notification if: ${{ inputs.status == 'success' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was successful ${{ env.BUILD_SCAN }}"}' || true - - shell: bash + - name: Failure Notification if: ${{ inputs.status == 'failure' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: " *<${{ env.RUN_URL }}|${{ inputs.run-name }}> failed* ${{ env.BUILD_SCAN }}"}' || true - - shell: bash + - name: Cancel Notification if: ${{ inputs.status == 'cancelled' }} + shell: bash run: | curl -X POST '${{ inputs.webhook-url }}' -H 'Content-Type: application/json' -d '{ text: "<${{ env.RUN_URL }}|${{ inputs.run-name }}> was cancelled"}' || true diff --git a/.github/actions/sync-to-maven-central/action.yml b/.github/actions/sync-to-maven-central/action.yml index d4e86caf1196..2332ba866e1f 100644 --- a/.github/actions/sync-to-maven-central/action.yml +++ b/.github/actions/sync-to-maven-central/action.yml @@ -1,26 +1,26 @@ name: Sync to Maven Central -description: Syncs a release to Maven Central and waits for it to be available for use +description: 'Syncs a release to Maven Central and waits for it to be available for use' inputs: jfrog-cli-config-token: description: 'Config token for the JFrog CLI' required: true - spring-framework-version: - description: 'The version of Spring Framework that is being synced to Central' - required: true - ossrh-s01-token-username: - description: 'Username for authentication with s01.oss.sonatype.org' + ossrh-s01-staging-profile: + description: 'Staging profile to use when syncing to Central' required: true ossrh-s01-token-password: description: 'Password for authentication with s01.oss.sonatype.org' required: true - ossrh-s01-staging-profile: - description: 'Staging profile to use when syncing to Central' + ossrh-s01-token-username: + description: 'Username for authentication with s01.oss.sonatype.org' + required: true + spring-framework-version: + description: 'Version of Spring Framework that is being synced to Central' required: true runs: using: composite steps: - name: Set Up JFrog CLI - uses: jfrog/setup-jfrog-cli@105617d23456a69a92485207c4f28ae12297581d # v4.2.1 + uses: jfrog/setup-jfrog-cli@9fe0f98bd45b19e6e931d457f4e98f8f84461fb5 # v4.4.1 env: JF_ENV_SPRING: ${{ inputs.jfrog-cli-config-token }} - name: Download Release Artifacts @@ -29,14 +29,14 @@ runs: - name: Sync uses: spring-io/nexus-sync-action@42477a2230a2f694f9eaa4643fa9e76b99b7ab84 # v0.0.1 with: - username: ${{ inputs.ossrh-s01-token-username }} + close: true + create: true + generate-checksums: true password: ${{ inputs.ossrh-s01-token-password }} + release: true staging-profile-name: ${{ inputs.ossrh-s01-staging-profile }} - create: true upload: true - close: true - release: true - generate-checksums: true + username: ${{ inputs.ossrh-s01-token-username }} - name: Await uses: ./.github/actions/await-http-resource with: diff --git a/.github/workflows/backport-bot.yml b/.github/workflows/backport-bot.yml index 4d025ece2ceb..db40e9f94ea9 100644 --- a/.github/workflows/backport-bot.yml +++ b/.github/workflows/backport-bot.yml @@ -1,5 +1,4 @@ name: Backport Bot - on: issues: types: [labeled] @@ -29,6 +28,6 @@ jobs: run: wget https://github.com/spring-io/backport-bot/releases/download/latest/backport-bot-0.0.1-SNAPSHOT.jar - name: Backport env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_EVENT: ${{ toJSON(github.event) }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: java -jar backport-bot-0.0.1-SNAPSHOT.jar --github.accessToken="$GITHUB_TOKEN" --github.event_name "$GITHUB_EVENT_NAME" --github.event "$GITHUB_EVENT" diff --git a/.github/workflows/build-and-deploy-snapshot.yml b/.github/workflows/build-and-deploy-snapshot.yml index 6af768dcf127..7f8885773aa0 100644 --- a/.github/workflows/build-and-deploy-snapshot.yml +++ b/.github/workflows/build-and-deploy-snapshot.yml @@ -8,9 +8,9 @@ concurrency: jobs: build-and-deploy-snapshot: name: Build and Deploy Snapshot + if: ${{ github.repository == 'spring-projects/spring-framework' }} runs-on: ubuntu-latest timeout-minutes: 60 - if: ${{ github.repository == 'spring-projects/spring-framework' }} steps: - name: Check Out Code uses: actions/checkout@v4 @@ -18,31 +18,31 @@ jobs: id: build-and-publish uses: ./.github/actions/build with: - develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} publish: true - name: Deploy uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: 'https://repo.spring.io' - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - build-name: 'spring-framework-6.2.x' - repository: 'libs-snapshot-local' - folder: 'deployment-repository' - signing-key: ${{ secrets.GPG_PRIVATE_KEY }} - signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} artifact-properties: | /**/framework-api-*.zip::zip.name=spring-framework,zip.deployed=false /**/framework-api-*-docs.zip::zip.type=docs /**/framework-api-*-schema.zip::zip.type=schema + build-name: 'spring-framework-6.2.x' + folder: 'deployment-repository' + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + repository: 'libs-snapshot-local' + signing-key: ${{ secrets.GPG_PRIVATE_KEY }} + signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} + uri: 'https://repo.spring.io' + username: ${{ secrets.ARTIFACTORY_USERNAME }} - name: Send Notification - uses: ./.github/actions/send-notification if: always() + uses: ./.github/actions/send-notification with: - webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} - status: ${{ job.status }} build-scan-url: ${{ steps.build-and-publish.outputs.build-scan-url }} run-name: ${{ format('{0} | Linux | Java 17', github.ref_name) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} outputs: version: ${{ steps.build-and-publish.outputs.version }} verify: diff --git a/.github/workflows/build-pull-request.yml b/.github/workflows/build-pull-request.yml index 0927c5c77bc7..c386514fbda9 100644 --- a/.github/workflows/build-pull-request.yml +++ b/.github/workflows/build-pull-request.yml @@ -1,38 +1,36 @@ name: Build Pull Request on: pull_request - permissions: contents: read - jobs: build: name: Build Pull Request + if: ${{ github.repository == 'spring-projects/spring-framework' }} runs-on: ubuntu-latest timeout-minutes: 60 - if: ${{ github.repository == 'spring-projects/spring-framework' }} steps: - - name: Set up JDK 17 + - name: Set Up JDK 17 uses: actions/setup-java@v4 with: - java-version: '17' distribution: 'liberica' + java-version: '17' - name: Check Out uses: actions/checkout@v4 - name: Validate Gradle Wrapper - uses: gradle/actions/wrapper-validation@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0 + uses: gradle/actions/wrapper-validation@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 - name: Set Up Gradle - uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0 + uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 - name: Build env: CI: 'true' GRADLE_ENTERPRISE_URL: 'https://ge.spring.io' run: ./gradlew -Dorg.gradle.internal.launcher.welcomeMessageEnabled=false --no-daemon --no-parallel --continue build - name: Print JVM Thread Dumps When Cancelled - uses: ./.github/actions/print-jvm-thread-dumps if: cancelled() + uses: ./.github/actions/print-jvm-thread-dumps - name: Upload Build Reports - uses: actions/upload-artifact@v4 if: failure() + uses: actions/upload-artifact@v4 with: name: build-reports path: '**/build/reports/' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6919a741e672..8333721ef590 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,9 +7,9 @@ concurrency: jobs: ci: name: '${{ matrix.os.name}} | Java ${{ matrix.java.version}}' + if: ${{ github.repository == 'spring-projects/spring-framework' }} runs-on: ${{ matrix.os.id }} timeout-minutes: 60 - if: ${{ github.repository == 'spring-projects/spring-framework' }} strategy: matrix: os: @@ -23,7 +23,6 @@ jobs: - version: 22 toolchain: true - version: 23 - early-access: true toolchain: true exclude: - os: @@ -43,15 +42,16 @@ jobs: id: build uses: ./.github/actions/build with: - java-version: ${{ matrix.java.version }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} java-early-access: ${{ matrix.java.early-access || 'false' }} + java-distribution: ${{ matrix.java.distribution }} java-toolchain: ${{ matrix.java.toolchain }} - develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} + java-version: ${{ matrix.java.version }} - name: Send Notification - uses: ./.github/actions/send-notification if: always() + uses: ./.github/actions/send-notification with: - webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} - status: ${{ job.status }} build-scan-url: ${{ steps.build.outputs.build-scan-url }} run-name: ${{ format('{0} | {1} | Java {2}', github.ref_name, matrix.os.name, matrix.java.version) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 1d66f04806b0..ea6006f52fc5 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -14,14 +14,15 @@ permissions: actions: write jobs: build: - runs-on: ubuntu-latest + name: Dispatch docs deployment if: github.repository_owner == 'spring-projects' + runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v4 with: - ref: docs-build fetch-depth: 1 + ref: docs-build - name: Dispatch (partial build) if: github.ref_type == 'branch' env: diff --git a/.github/workflows/release-milestone.yml b/.github/workflows/release-milestone.yml index c25304bbb1f1..72b531e421a3 100644 --- a/.github/workflows/release-milestone.yml +++ b/.github/workflows/release-milestone.yml @@ -23,18 +23,18 @@ jobs: - name: Stage Release uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: 'https://repo.spring.io' - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - build-name: ${{ format('spring-framework-{0}', steps.build-and-publish.outputs.version)}} - repository: 'libs-staging-local' - folder: 'deployment-repository' - signing-key: ${{ secrets.GPG_PRIVATE_KEY }} - signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} artifact-properties: | /**/framework-api-*.zip::zip.name=spring-framework,zip.deployed=false /**/framework-api-*-docs.zip::zip.type=docs /**/framework-api-*-schema.zip::zip.type=schema + build-name: ${{ format('spring-framework-{0}', steps.build-and-publish.outputs.version)}} + folder: 'deployment-repository' + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + repository: 'libs-staging-local' + signing-key: ${{ secrets.GPG_PRIVATE_KEY }} + signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} + uri: 'https://repo.spring.io' + username: ${{ secrets.ARTIFACTORY_USERNAME }} outputs: version: ${{ steps.build-and-publish.outputs.version }} verify: @@ -57,7 +57,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up JFrog CLI - uses: jfrog/setup-jfrog-cli@105617d23456a69a92485207c4f28ae12297581d # v4.2.1 + uses: jfrog/setup-jfrog-cli@9fe0f98bd45b19e6e931d457f4e98f8f84461fb5 # v4.4.1 env: JF_ENV_SPRING: ${{ secrets.JF_ARTIFACTORY_SPRING }} - name: Promote build @@ -75,5 +75,5 @@ jobs: uses: ./.github/actions/create-github-release with: milestone: ${{ needs.build-and-stage-release.outputs.version }} - token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} pre-release: true + token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3dc32071e278..ba555e9af9f5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,8 +7,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} jobs: build-and-stage-release: - if: ${{ github.repository == 'spring-projects/spring-framework' }} name: Build and Stage Release + if: ${{ github.repository == 'spring-projects/spring-framework' }} runs-on: ubuntu-latest steps: - name: Check Out Code @@ -17,37 +17,37 @@ jobs: id: build-and-publish uses: ./.github/actions/build with: - develocity-access-key: ${{ secrets.GRADLE_ENTERPRISE_SECRET_ACCESS_KEY }} + develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }} publish: true - name: Stage Release uses: spring-io/artifactory-deploy-action@26bbe925a75f4f863e1e529e85be2d0093cac116 # v0.0.1 with: - uri: 'https://repo.spring.io' - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - build-name: ${{ format('spring-framework-{0}', steps.build-and-publish.outputs.version)}} - repository: 'libs-staging-local' - folder: 'deployment-repository' - signing-key: ${{ secrets.GPG_PRIVATE_KEY }} - signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} artifact-properties: | /**/framework-api-*.zip::zip.name=spring-framework,zip.deployed=false /**/framework-api-*-docs.zip::zip.type=docs /**/framework-api-*-schema.zip::zip.type=schema + build-name: ${{ format('spring-framework-{0}', steps.build-and-publish.outputs.version)}} + folder: 'deployment-repository' + password: ${{ secrets.ARTIFACTORY_PASSWORD }} + repository: 'libs-staging-local' + signing-key: ${{ secrets.GPG_PRIVATE_KEY }} + signing-passphrase: ${{ secrets.GPG_PASSPHRASE }} + uri: 'https://repo.spring.io' + username: ${{ secrets.ARTIFACTORY_USERNAME }} outputs: version: ${{ steps.build-and-publish.outputs.version }} verify: name: Verify needs: build-and-stage-release uses: ./.github/workflows/verify.yml - with: - staging: true - version: ${{ needs.build-and-stage-release.outputs.version }} secrets: google-chat-webhook-url: ${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }} repository-password: ${{ secrets.ARTIFACTORY_PASSWORD }} repository-username: ${{ secrets.ARTIFACTORY_USERNAME }} token: ${{ secrets.GH_ACTIONS_REPO_TOKEN }} + with: + staging: true + version: ${{ needs.build-and-stage-release.outputs.version }} sync-to-maven-central: name: Sync to Maven Central needs: @@ -73,7 +73,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up JFrog CLI - uses: jfrog/setup-jfrog-cli@105617d23456a69a92485207c4f28ae12297581d # v4.2.1 + uses: jfrog/setup-jfrog-cli@9fe0f98bd45b19e6e931d457f4e98f8f84461fb5 # v4.4.1 env: JF_ENV_SPRING: ${{ secrets.JF_ARTIFACTORY_SPRING }} - name: Promote build diff --git a/.github/workflows/validate-gradle-wrapper.yml b/.github/workflows/validate-gradle-wrapper.yml deleted file mode 100644 index 7a473b3afe72..000000000000 --- a/.github/workflows/validate-gradle-wrapper.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: "Validate Gradle Wrapper" -on: [push, pull_request] -permissions: - contents: read -jobs: - validation: - name: "Validate Gradle Wrapper" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: gradle/actions/wrapper-validation@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index b9b1e17de783..3252c345c290 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -2,21 +2,27 @@ name: Verify on: workflow_call: inputs: - version: - required: true - type: string staging: + description: 'Whether the release to verify is in the staging repository' required: false default: false type: boolean + version: + description: 'Version to verify' + required: true + type: string secrets: - repository-username: - required: false - repository-password: - required: false google-chat-webhook-url: + description: 'Google Chat Webhook URL' required: true + repository-password: + description: 'Password for authentication with the repository' + required: false + repository-username: + description: 'Username for authentication with the repository' + required: false token: + description: 'Token to use for authentication with GitHub' required: true jobs: verify: @@ -26,13 +32,13 @@ jobs: - name: Check Out Release Verification Tests uses: actions/checkout@v4 with: - repository: spring-projects/spring-framework-release-verification ref: 'v0.0.2' + repository: spring-projects/spring-framework-release-verification token: ${{ secrets.token }} - name: Check Out Send Notification Action uses: actions/checkout@v4 with: - path: spring-framework + path: send-notification sparse-checkout: .github/actions/send-notification - name: Set Up Java uses: actions/setup-java@v4 @@ -40,7 +46,7 @@ jobs: distribution: 'liberica' java-version: 17 - name: Set Up Gradle - uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 # v3.5.0 + uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 with: cache-read-only: false - name: Configure Gradle Properties @@ -50,22 +56,22 @@ jobs: echo 'org.gradle.daemon=false' >> $HOME/.gradle/gradle.properties - name: Run Release Verification Tests env: - RVT_VERSION: ${{ inputs.version }} + RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.repository-password }} + RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.repository-username }} RVT_RELEASE_TYPE: oss RVT_STAGING: ${{ inputs.staging }} - RVT_OSS_REPOSITORY_USERNAME: ${{ secrets.repository-username }} - RVT_OSS_REPOSITORY_PASSWORD: ${{ secrets.repository-password }} + RVT_VERSION: ${{ inputs.version }} run: ./gradlew spring-framework-release-verification-tests:test - name: Upload Build Reports on Failure - uses: actions/upload-artifact@v4 if: failure() + uses: actions/upload-artifact@v4 with: name: build-reports path: '**/build/reports/' - name: Send Notification - uses: ./spring-framework/.github/actions/send-notification if: failure() + uses: ./send-notification/.github/actions/send-notification with: - webhook-url: ${{ secrets.google-chat-webhook-url }} - status: ${{ job.status }} run-name: ${{ format('{0} | Verification | {1}', github.ref_name, inputs.version) }} + status: ${{ job.status }} + webhook-url: ${{ secrets.google-chat-webhook-url }}