From bd26ce7b3798be1603b5e2741acc957773a43afc Mon Sep 17 00:00:00 2001 From: hieplq Date: Thu, 25 Apr 2024 10:37:33 +0700 Subject: [PATCH] IDEMPIERE-6121:github action fail by tycho update => setup maven to 3.9 (#2330) * IDEMPIERE-6121:github action fail by tycho update => setup maven to 3.9 1. update maven to 9.3 2. step setup java generate 2 file .m2/toolchains.xml .m2/settings.xml bellow case make conflict 1. setup java for java-17 => create toolchains.xml point to java-17 home 2. cache save toolchains.xml 3. update java to java-17.1 create toolchains.xml point to java-17.1 home 4. cache restore old toolchains.xml make conflict because it point to java-17 home so change to cache only .m2/repository * IDEMPIERE-6121:github action fail by tycho update => setup maven to 3.9 update some action, add comment --- .github/workflows/codeql-analysis.yml | 72 +++++++++++++++++---------- 1 file changed, 46 insertions(+), 26 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index bf8f8bc231..6709a52b42 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,33 +35,42 @@ jobs: # Install Java - name: Setup Java - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '${{ env.java }}' distribution: ${{ env.java_distribution }} + check-latest: true + + # setup maven to 3.9 for tycho + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.6 # on case PR it check out to commit is merger of PR to base (master) - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: # fetch all commit so sornar can know who change a line, it's resolved Warning: Shallow clone detected, no blame information will be provided. You can convert to non-shallow with 'git fetch --unshallow'. fetch-depth: 0 + # restore sonar cache - name: Cache sonar material restore id: cache-sonar-material-restore - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: | ~/.sonar/cache key: ${{ runner.os }}-sonar-${{ env.branch_name }} + # restore maven cache - name: Cache maven material restore id: cache-maven-material-restore - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: | - ~/.m2 - key: ${{ runner.os }}-maven-${{ env.branch_name }} + ~/.m2/repository + key: ${{ runner.os }}-maven-${{ env.branch_name }}-repository # run sonar on master only because sonar for PR come from other repository isn't support at moment (already on develop) # https://stackoverflow.com/a/39720346 @@ -78,19 +87,21 @@ jobs: codeql="-Dfindbugs.skip -Dcheckstyle.skip -Dpmd.skip=true -Denforcer.skip -Dmaven.javadoc.skip -DskipTests -Dmaven.test.skip.exec -Dlicense.skip=true -Drat.skip=true" mvn -B -V -e $codeql $sonar $sonarProject $sonarExclusions package org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + # save sonar cache - name: Cache sonar material save - uses: actions/cache/save@v3 + uses: actions/cache/save@v4 with: path: | ~/.sonar/cache key: ${{ steps.cache-sonar-material-restore.outputs.cache-primary-key }} - + + # save maven cache - name: Cache maven material save - uses: actions/cache/save@v3 + uses: actions/cache/save@v4 with: path: | - ~/.m2 - key: ${{ steps.cache-maven-material-restore.outputs.cache-primary-key }} + ~/.m2/repository + key: ${{ steps.cache-maven-material-restore.outputs.cache-primary-key }}-repository analyze_java_codeQL: name: Analyze java by code QL @@ -103,26 +114,34 @@ jobs: # Install Java - name: Setup Java - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '${{ env.java }}' distribution: ${{ env.java_distribution }} + check-latest: true + + # setup maven to 3.9 for tycho + - name: Set up Maven + uses: stCarolas/setup-maven@v5 + with: + maven-version: 3.9.6 # on case PR it check out to commit is merger of PR to base (master) - name: Checkout repository - uses: actions/checkout@v3 - + uses: actions/checkout@v4 + + # restore maven cache - name: Cache maven material restore id: cache-maven-material-restore - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: | - ~/.m2 - key: ${{ runner.os }}-maven-${{ env.branch_name }} + ~/.m2/repository + key: ${{ runner.os }}-maven-${{ env.branch_name }}-repository # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: java # If you wish to specify custom queries, you can do so here or in a config file. @@ -131,17 +150,18 @@ jobs: # queries: ./path/to/local/query, your-org/your-repo/queries@main - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 + # save maven cache - name: Cache maven material save - uses: actions/cache/save@v3 + uses: actions/cache/save@v4 with: path: | - ~/.m2 - key: ${{ steps.cache-maven-material-restore.outputs.cache-primary-key }} + ~/.m2/repository + key: ${{ steps.cache-maven-material-restore.outputs.cache-primary-key }}-repository analyze_javascript_codeQL: @@ -155,12 +175,12 @@ jobs: # on case PR it check out to commit is merger of PR to base (master) - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: javascript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3