Build - ARM/Ubuntu-22.04/JDK17 #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build - ARM/Ubuntu-22.04/JDK17 | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| project_version: | |
| description: "Project version (e.g. v1.0.0)" | |
| required: true | |
| default: "" | |
| upload-to-s3: | |
| description: 'Upload artifacts to S3' | |
| required: false | |
| type: boolean | |
| default: false | |
| permissions: | |
| id-token: write # Only allow OIDC token access | |
| contents: read # Limit repository access | |
| jobs: | |
| build: | |
| name: ${{ (inputs.upload-to-s3 != false) && 'Build and Upload to S3' || 'Build' }} - Ubuntu-22.04-${{ inputs.project_version }} | |
| runs-on: ubuntu-22.04-arm | |
| # Define environment variables for reuse | |
| env: | |
| BUILD_VERSION: ${{ inputs.project_version }} | |
| BUILD_OUTPUT_DIR: ./build/libs | |
| S3_BUCKET: s3://${{ secrets.S3_BUCKET_DEV }}/${{ secrets.S3_PREFIX }}/${{ inputs.project_version }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set short SHA and timestamp | |
| run: | | |
| echo "SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV | |
| - name: Set artifact name and S3 path | |
| run: | | |
| echo "ARTIFACT_NAME=javatron-arm-Ubuntu-22.04-${{ env.BUILD_VERSION }}-${{ env.SHORT_SHA }}" >> $GITHUB_ENV | |
| echo "S3_PATH=${{ env.S3_BUCKET }}/javatron-arm-Ubuntu-22.04-${{ env.BUILD_VERSION }}-${{ env.SHORT_SHA }}/" >> $GITHUB_ENV | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # Configure Gradle for optimal use in GitHub Actions, including caching of downloaded dependencies. | |
| # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| cache-read-only: ${{ github.event_name == 'pull_request' }} | |
| # This prevents pull requests from polluting the cache with potentially unstable changes. | |
| # --- Regular Gradle build (with dependency verification) --- | |
| - name: Build project | |
| run: ./gradlew clean build -x test | |
| # run: ./gradlew clean build --no-daemon | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ env.ARTIFACT_NAME }} | |
| path: ${{ env.BUILD_OUTPUT_DIR }} | |
| if-no-files-found: error | |
| # --- AWS S3 Upload Section --- | |
| - name: Configure AWS Credentials (OIDC) | |
| if: ${{ inputs.upload-to-s3 != false }} | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN_DEV_UPLOAD }} # 👈 replace with your IAM role | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Upload artifacts to S3 | |
| if: ${{ inputs.upload-to-s3 != false }} | |
| run: | | |
| aws s3 cp ${{ env.BUILD_OUTPUT_DIR }}/FullNode.jar "${{ env.S3_PATH }}" | |
| aws s3 cp ${{ env.BUILD_OUTPUT_DIR }}/Toolkit.jar "${{ env.S3_PATH }}" | |
| echo "## MD5 Summary of Uploaded Files" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "| Filename | MD5 Hash |" >> $GITHUB_STEP_SUMMARY | |
| echo "|----------|----------|" >> $GITHUB_STEP_SUMMARY | |
| files=( | |
| "${{ env.BUILD_OUTPUT_DIR }}/FullNode.jar" | |
| "${{ env.BUILD_OUTPUT_DIR }}/Toolkit.jar" | |
| ) | |
| for file in "${files[@]}"; do | |
| if [ -f "$file" ]; then | |
| FILENAME=$(basename "$file") | |
| LOCAL_MD5=$(md5sum $file | awk '{print $1}') | |
| echo "| $FILENAME | $LOCAL_MD5 |" >> $GITHUB_STEP_SUMMARY | |
| echo "$FILENAME: $LOCAL_MD5" | |
| fi | |
| done |