Deploy #2

Workflow file for this run

.github/workflows/step.publish.yml at e734d6f

	name: "Deploy"

	on:
	workflow_dispatch:
	inputs:
	version:
	description: "Version to publish"
	required: false
	type: string
	default: 1.0-SNAPSHOT
	repository:
	description: "Target repository"
	required: false
	type: string
	default: gcs://elide-snapshots/repository/v3
	logLevel:
	description: "Logging level"
	required: true
	default: info
	type: choice
	options:
	- info
	- debug
	snapshot:
	description: "Is this a snapshot?"
	required: false
	type: boolean
	default: true
	release:
	description: "Is this a release?"
	required: false
	type: boolean
	default: false
	signing:
	description: "Enable signing"
	required: false
	type: boolean
	default: false
	label:
	description: "Label"
	required: false
	type: string
	default: "Sandbox"
	flags:
	description: "Extra flags"
	required: false
	type: string
	default: ""
	gcs:
	description: "Is this a GCS publish?"
	required: false
	type: boolean
	default: false
	environment:
	description: "Environment target"
	type: environment
	required: true
	workflow_call:
	inputs:
	logLevel:
	required: false
	default: info
	type: string
	version:
	required: false
	type: string
	default: 1.0-SNAPSHOT
	repository:
	required: false
	type: string
	default: gcs://elide-snapshots/repository/v3
	snapshot:
	required: false
	type: boolean
	default: true
	release:
	required: false
	type: boolean
	default: false
	signing:
	required: false
	type: boolean
	default: false
	label:
	required: false
	type: string
	default: "Sandbox"
	flags:
	required: false
	type: string
	default: ""
	gcs:
	required: false
	type: boolean
	default: false
	environment:
	type: string
	required: true
	secrets:
	PUBLISH_USER:
	required: false
	PUBLISH_PASSWORD:
	required: false
	GOOGLE_CREDENTIALS:
	required: false
	SIGNING_KEY:
	required: false

	jobs:
	publish:
	name: Publish
	runs-on: ${{ matrix.runner }}

	permissions:
	id-token: write
	contents: read
	packages: write

	outputs:
	hashes: ${{ steps.hash.outputs.hashes }}

	strategy:
	fail-fast: false
	matrix:
	runner: [macOS-latest, windows-latest, ubuntu-latest]
	include:
	- runner: macOS-latest
	flags: "--no-configuration-cache"
	os: "macos"
	label: "Darwin"
	gvm: ${{ vars.GVM_VERSION }}
	java: ${{ vars.JVM_VERSION }}
	target: publishMac
	- runner: windows-latest
	flags: "--no-configuration-cache"
	os: "windows"
	label: "Windows"
	gvm: ${{ vars.GVM_VERSION }}
	java: ${{ vars.JVM_VERSION }}
	target: publishWindows
	- runner: ubuntu-latest
	flags: "--no-configuration-cache"
	os: "linux"
	label: "Linux"
	gvm: ${{ vars.GVM_VERSION }}
	java: ${{ vars.JVM_VERSION }}
	target: publishLinux

	steps:
	- name: "Setup: Checkout"
	uses: actions/checkout@v3
	- name: "Setup: Cache"
	uses: buildjet/cache@v3
	with:
	key: ${{ runner.os }}-gradle-v2-${{ hashFiles('gradle/libs.versions.toml', '*.lockfile') }}
	restore-keys: \|
	${{ runner.os }}-gradle-v2-
	path: \|
	~/.sonar/cache
	~/.konan
	- id: 'auth'
	name: "Setup: GCS"
	if: ${{ inputs.gcs == true }}
	uses: "google-github-actions/auth@v1"
	with:
	credentials_json: '${{ secrets.GOOGLE_CREDENTIALS }}'
	- name: 'Set up Cloud SDK'
	if: ${{ inputs.gcs == true }}
	uses: 'google-github-actions/setup-gcloud@v1'
	with:
	version: '${{ vars.GCLOUD_VERSION }}'
	- name: "Setup: Zulu 20"
	uses: buildjet/setup-java@v3
	with:
	distribution: 'zulu'
	java-version: '20'
	- name: "Publish (${{ matrix.label }})"
	uses: gradle/gradle-build-action@v2
	id: publish
	with:
	cache-read-only: true
	gradle-version: wrapper
	gradle-home-cache-cleanup: true
	dependency-graph: generate-and-submit
	gradle-home-cache-excludes: \|
	caches/build-cache-1
	caches/keyrings
	arguments: \|
	${{ matrix.target }}
	--scan
	--no-daemon
	--warning-mode=none
	--dependency-verification=lenient
	-Pci=true
	-PVERSION="${{ inputs.version }}"
	-PREPOSITORY="${{ inputs.repository }}"
	--${{ inputs.logLevel }}
	${{ inputs.flags }}
	${{ matrix.flags }}
	- name: "Build: Provenance Subject"
	id: hash
	run: \|
	echo "hashes=$(sha256sum ./build/libs/* \| base64 -w0)" >> "$GITHUB_OUTPUT"
	- name: "Artifacts: Libraries"
	uses: actions/upload-artifact@v3
	if: failure() \|\| success()
	with:
	name: libraries
	path: \|
	build/libs/
	build/spdx/
	- name: "Artifacts: Reports"
	uses: actions/upload-artifact@v3
	if: failure() \|\| success()
	with:
	name: reports
	path: \|
	build/reports/

	## Report: Provenance
	provenance:
	name: Provenance
	needs: [publish]
	permissions:
	actions: read
	id-token: write
	contents: write
	uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.7.0
	with:
	base64-subjects: "${{ needs.build.outputs.hashes }}"
	upload-assets: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy #2

Workflow file

Deploy #2

Jobs

Run details

Workflow file for this run