5707aedfa2
Move the dependency check job from the quality workflow that runs on every PR to the nightly reports workflow. This sometimes flakes as it does a _lot_ of HTTP requests. It's less intrusive if that happens outside of the PR workflow. Also change the nightly job that runs tests to use LFS, so it actually has access to screenshots :) The sonar task is still broken, but it seems like an upstream bug: https://community.sonarsource.com/t/sonar-plugin-4-1-0-3113-4-2-0-3129-errors/91568
69 lines
2.5 KiB
YAML
69 lines
2.5 KiB
YAML
name: Code Quality Checks
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request: { }
|
|
push:
|
|
branches: [ main, develop ]
|
|
|
|
# Enrich gradle.properties for CI/CD
|
|
env:
|
|
GRADLE_OPTS: -Dorg.gradle.jvmargs="-Xmx3072m -Dfile.encoding=UTF-8 -XX:+HeapDumpOnOutOfMemoryError" -XX:MaxMetaspaceSize=512m -Dkotlin.daemon.jvm.options="-Xmx2g" -Dkotlin.incremental=false
|
|
CI_GRADLE_ARG_PROPERTIES: --stacktrace -PpreDexEnable=false --max-workers 2 --no-daemon --warn
|
|
|
|
jobs:
|
|
checkScript:
|
|
name: Search for forbidden patterns
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: Run code quality check suite
|
|
run: ./tools/check/check_code_quality.sh
|
|
|
|
check:
|
|
name: Project Check Suite
|
|
runs-on: ubuntu-latest
|
|
# Allow all jobs on main and develop. Just one per PR.
|
|
concurrency:
|
|
group: ${{ github.ref == 'refs/heads/main' && format('check-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('check-develop-{0}', github.sha) || format('check-{0}', github.ref) }}
|
|
cancel-in-progress: true
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
# Ensure we are building the branch and not the branch after being merged on develop
|
|
# https://github.com/actions/checkout/issues/881
|
|
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.ref }}
|
|
- name: Use JDK 17
|
|
uses: actions/setup-java@v3
|
|
with:
|
|
distribution: 'temurin' # See 'Supported distributions' for available options
|
|
java-version: '17'
|
|
- name: Configure gradle
|
|
uses: gradle/gradle-build-action@v2.4.2
|
|
with:
|
|
cache-read-only: ${{ github.ref != 'refs/heads/develop' }}
|
|
- name: Run code quality check suite
|
|
run: ./gradlew runQualityChecks $CI_GRADLE_ARG_PROPERTIES
|
|
- name: Upload reports
|
|
if: always()
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: linting-report
|
|
path: |
|
|
*/build/reports/**/*.*
|
|
- name: Prepare Danger
|
|
if: always()
|
|
run: |
|
|
npm install --save-dev @babel/core
|
|
npm install --save-dev @babel/plugin-transform-flow-strip-types
|
|
yarn add danger-plugin-lint-report --dev
|
|
- name: Danger lint
|
|
if: always()
|
|
uses: danger/danger-js@11.2.6
|
|
with:
|
|
args: "--dangerfile ./tools/danger/dangerfile-lint.js"
|
|
env:
|
|
DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
|
|
# Fallback for forks
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|