diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 99f47e8077..acc46d6446 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -4,26 +4,31 @@ on: [workflow_dispatch, push, pull_request] permissions: read-all +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: test: runs-on: ${{ matrix.os }} + timeout-minutes: 30 strategy: matrix: cache: [maven] distribution: [temurin] - java: [17, 21, 24, 25-ea] + java: [21, 25, 26-ea] os: [macos-latest, ubuntu-latest, windows-latest] fail-fast: false - max-parallel: 4 + max-parallel: 6 name: Test JDK ${{ matrix.java }}, ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Setup Java ${{ matrix.java }} ${{ matrix.distribution }} - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: ${{ matrix.cache }} distribution: ${{ matrix.distribution }} java-version: ${{ matrix.java }} - name: Test with Maven - run: ./mvnw test -B -V --no-transfer-progress -D"license.skip=true" + run: ./mvnw test --batch-mode --no-transfer-progress --show-version -D"license.skip=true" diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 93f0f17e67..45b5818b5d 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -6,44 +6,40 @@ on: pull_request: branches: [ master ] schedule: - - cron: '37 14 * * 6' + - cron: '43 10 * * 2' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true jobs: analyze: name: Analyze - runs-on: ubuntu-latest - timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + runs-on: 'ubuntu-latest' + timeout-minutes: 30 permissions: actions: read contents: read security-events: write - strategy: - fail-fast: false - matrix: - language: [ java-kotlin ] - steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Setup Java - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: maven distribution: 'temurin' - java-version: 21 + java-version: 25 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4 with: - languages: ${{ matrix.language }} queries: +security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 - with: - category: "/language:${{ matrix.language }}" + uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4 diff --git a/.github/workflows/coveralls.yaml b/.github/workflows/coveralls.yaml index 0ca4f8f7fc..beb604ca9e 100644 --- a/.github/workflows/coveralls.yaml +++ b/.github/workflows/coveralls.yaml @@ -4,26 +4,33 @@ on: [push, pull_request] permissions: read-all +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: coveralls: if: github.repository_owner == 'mybatis' runs-on: ubuntu-latest + timeout-minutes: 30 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Setup Java - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: maven distribution: temurin - java-version: 21 + java-version: 25 + - name: Run the build + run: ./mvnw test --batch-mode --no-transfer-progress --quiet --show-version -Dlicense.skip=true - name: Report Coverage to Coveralls for Pull Requests if: github.event_name == 'pull_request' - run: ./mvnw -B -V test jacoco:report coveralls:report -q -Dlicense.skip=true -DrepoToken=$GITHUB_TOKEN -DserviceName=github -DpullRequest=$PR_NUMBER --no-transfer-progress + run: ./mvnw generate-sources jacoco:report coveralls:report --batch-mode --no-transfer-progress -DpullRequest=${{ env.PR_NUMBER }} -DrepoToken=${{ env.GITHUB_TOKEN }} -DserviceName=github env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PR_NUMBER: ${{ github.event.number }} - name: Report Coverage to Coveralls for General Push if: github.event_name == 'push' - run: ./mvnw -B -V test jacoco:report coveralls:report -q -Dlicense.skip=true -DrepoToken=$GITHUB_TOKEN -DserviceName=github --no-transfer-progress + run: ./mvnw generate-sources jacoco:report coveralls:report --batch-mode --no-transfer-progress -DrepoToken=${{ env.GITHUB_TOKEN }} -DserviceName=github env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/site.yaml b/.github/workflows/site.yaml index a5828d47f2..59df4a2df7 100644 --- a/.github/workflows/site.yaml +++ b/.github/workflows/site.yaml @@ -8,25 +8,30 @@ on: permissions: contents: write +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: build: if: github.repository_owner == 'mybatis' && ! contains(toJSON(github.event.head_commit.message), '[maven-release-plugin]') runs-on: ubuntu-latest + timeout-minutes: 60 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Setup Java - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: maven distribution: temurin - java-version: 21 + java-version: 25 - name: Build site - run: ./mvnw site site:stage -DskipTests -Dlicense.skip=true -B -V --no-transfer-progress --settings ./.mvn/settings.xml + run: ./mvnw site site:stage --batch-mode --no-transfer-progress --settings ./.mvn/settings.xml --show-version -Dlicense.skip=true -DskipTests env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: Deploy Site to gh-pages - uses: JamesIves/github-pages-deploy-action@v4 + uses: JamesIves/github-pages-deploy-action@4a3abc783e1a24aeb44c16e869ad83caf6b4cc23 # v4 with: branch: gh-pages folder: target/staging diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml index d6b918b141..72d43afe75 100644 --- a/.github/workflows/sonar.yaml +++ b/.github/workflows/sonar.yaml @@ -7,23 +7,34 @@ on: permissions: read-all +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +env: + SONAR_ORGANIZATION: mybatis + SONAR_PROJECT_KEY: spring + jobs: build: if: github.repository_owner == 'mybatis' runs-on: ubuntu-latest + timeout-minutes: 30 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 - name: Setup Java - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: maven distribution: temurin - java-version: 21 + java-version: 25 + - name: Set SONAR_SCANNER_JAVA_OPTS + run: echo "SONAR_SCANNER_JAVA_OPTS=-Xmx512m" >> ${GITHUB_ENV} - name: Analyze with SonarCloud - run: ./mvnw verify jacoco:report sonar:sonar -B -V -Dsonar.projectKey=mybatis_spring -Dsonar.organization=mybatis -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=$SONAR_TOKEN -Dlicense.skip=true --no-transfer-progress -Dsonar.scanner.skipJreProvisioning=true + run: ./mvnw verify jacoco:report sonar:sonar --batch-mode --no-transfer-progress --show-version -Dlicense.skip=true -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=${{ env.SONAR_ORGANIZATION }} -Dsonar.projectKey=${{ env.SONAR_ORGANIZATION }}_${{ env.SONAR_PROJECT_KEY }} -Dsonar.scanner.skipJreProvisioning=true -Dsonar.token=${{ env.SONAR_TOKEN }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/sonatype.yaml b/.github/workflows/sonatype.yaml index 3e3d513d1c..19862d2e53 100644 --- a/.github/workflows/sonatype.yaml +++ b/.github/workflows/sonatype.yaml @@ -7,20 +7,25 @@ on: permissions: read-all +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: build: if: github.repository_owner == 'mybatis' && ! contains(toJSON(github.event.head_commit.message), '[maven-release-plugin]') runs-on: ubuntu-latest + timeout-minutes: 30 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Setup Java - uses: actions/setup-java@v5 + uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5 with: cache: maven distribution: temurin - java-version: 21 + java-version: 25 - name: Deploy to Sonatype - run: ./mvnw deploy -DskipTests -B -V --no-transfer-progress --settings ./.mvn/settings.xml -Dlicense.skip=true + run: ./mvnw deploy --batch-mode --no-transfer-progress --settings ./.mvn/settings.xml --show-version -Dlicense.skip=true -DskipTests env: CI_DEPLOY_USERNAME: ${{ secrets.CI_DEPLOY_USERNAME }} CI_DEPLOY_PASSWORD: ${{ secrets.CI_DEPLOY_PASSWORD }}