forked from ge-high-assurance/VERDICT
-
Notifications
You must be signed in to change notification settings - Fork 0
119 lines (101 loc) · 3.53 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# Runs whenever the main branch has a change made to it (except for
# tag-only pushes)
name: VERDICT Main Workflow
on:
push:
branches: [ master ]
tags-ignore: [ '*' ]
workflow_dispatch:
# Runs main workflow and builds most artifacts:
# - Builds soteria_pp native binary
# - Builds VERDICT source & runs unit tests
# - Pushes verdict-dev image to Docker Hub
# - Updates verdict-dev in VERDICT-update-sites
jobs:
main:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
distribution: [ temurin ]
java-version: [ 11 ]
ocaml-compiler: [ 4.09.1 ]
os: [ macos-12, ubuntu-20.04 ]
steps:
- name: Check out VERDICT source
uses: actions/[email protected]
- name: Set up OCaml
uses: ocaml/[email protected]
with:
ocaml-compiler: ${{ matrix.ocaml-compiler }}
- name: Build soteria_pp
run: |
cd tools/verdict-back-ends/soteria_pp
opam install --yes . --deps-only
opam exec make
- name: Upload soteria_pp
uses: actions/[email protected]
with:
name: ${{ runner.os }}-binaries
path: tools/verdict-back-ends/soteria_pp/bin/soteria_pp
# Run rest of steps only on Linux - macOS isn't needed
- name: Set up GraphViz
if: runner.os == 'Linux'
uses: ts-graphviz/setup-graphviz@v1
- name: Set up Java and Maven
if: runner.os == 'Linux'
uses: actions/[email protected]
with:
cache: maven
distribution: ${{ matrix.distribution }}
java-version: ${{ matrix.java-version }}
- name: Build VERDICT source
if: runner.os == 'Linux'
run: |
mvn -B install --file tools/verdict-back-ends/verdict-bundle/z3-native-libs/pom.xml
mvn -B package -Dtycho.localArtifacts=ignore --file tools/pom.xml
env:
GraphVizPath: /usr/bin
- name: Upload verdict-bundle-app
if: runner.os == 'Linux'
uses: actions/[email protected]
with:
name: ${{ runner.os }}-binaries
path: tools/verdict-back-ends/verdict-bundle/verdict-bundle-app/target/verdict-bundle-app-1.0.0-SNAPSHOT-capsule.jar
- name: Set up Docker Buildx
if: runner.os == 'Linux'
uses: docker/[email protected]
- name: Login to Docker Hub
if: runner.os == 'Linux'
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push verdict-dev image
if: runner.os == 'Linux'
uses: docker/[email protected]
with:
context: tools/verdict-back-ends
file: tools/verdict-back-ends/Dockerfile
push: true
cache-from: type=registry,ref=gehighassurance/verdict-dev:latest
cache-to: type=inline
tags: gehighassurance/verdict-dev:latest
- name: Check out VERDICT-update-sites
if: runner.os == 'Linux'
uses: actions/[email protected]
with:
repository: ge-high-assurance/VERDICT-update-sites
token: ${{ secrets.CI_PAT }}
path: VERDICT-update-sites
- name: Update verdict-dev in VERDICT-update-sites
if: runner.os == 'Linux'
run: |
cd VERDICT-update-sites
rm -rf verdict-dev
mv ../tools/verdict/com.ge.research.osate.verdict.updatesite/target/repository verdict-dev
git config user.name github-actions
git config user.email [email protected]
git add .
git commit -m "Update verdict-dev in VERDICT-update-sites"
git push