ci: normalize workflows #83
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # On commit push or pull request events, verifies that the project builds successfully on JDK 17, | |
| # 21, 25. On success, its Dependency Snapshot is submitted. | |
| # | |
| name: Build | |
| on: [push, pull_request] | |
| permissions: | |
| contents: write | |
| security-events: write | |
| jobs: | |
| build: | |
| name: Java ${{ matrix.Java }} build | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| java: [ '17', '21', '25' ] | |
| fail-fast: false | |
| env: | |
| JAVA_DISTRO: 'temurin' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up build JDK | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version: ${{ matrix.java }} | |
| distribution: ${{ env.JAVA_DISTRO }} | |
| cache: maven | |
| - name: Set up tool JDK | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version-file: '.tool-versions' | |
| distribution: ${{ env.JAVA_DISTRO }} | |
| - name: Build with Maven | |
| run: ./mvnw verify --batch-mode --errors -Djava.version=${{ matrix.java }} | |
| - name: Submit Dependency Snapshot | |
| # NOTE: Automatic dependency submission (see | |
| # <https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository>) | |
| # didn't work, so manual submission (aka user submission) was integrated here, running | |
| # on push events affecting the main branch only. | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.java == '17' | |
| uses: advanced-security/maven-dependency-submission-action@v5 | |