This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new d1191fc1d4 Check build reproducibility in CI
d1191fc1d4 is described below
commit d1191fc1d4fe4f273dee5233022d945a9015e3c0
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Tue Feb 14 22:23:52 2023 +0100
Check build reproducibility in CI
---
.github/workflows/build.yml | 43 +++++++++++++++++++++++++++++++++++--------
1 file changed, 35 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index fa22e78f49..e0867c7e6e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -64,21 +64,46 @@ jobs:
architecture: x64
cache: maven
- - name: Maven "verify"
+ # We could have used `verify`, but `clean install` is required for the
following:
+ # 1. The build reproducibility report
+ # For details, see:
https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
+ # 2. `javadoc:javadoc-no-fork`, which is attached to the `site` goal
+ - name: Build
timeout-minutes: 60
shell: bash
run: |
./mvnw \
--show-version --batch-mode --errors --no-transfer-progress \
+ --global-toolchains ".github/workflows/maven-toolchains.xml" \
-DtrimStackTrace=false \
-Dsurefire.rerunFailingTestsCount=2 \
-Dlog4j2.junit.fileCleanerSleepPeriodMillis=1000 \
+ -DinstallAtEnd=true \
+ clean install
+
+ # `clean verify artifact:compare` is required to generate the build
reproducibility report.
+ # For details, see:
https://maven.apache.org/guides/mini/guide-reproducible-builds.html#how-to-test-my-maven-build-reproducibility
+ - name: Report build reproducibility
+ shell: bash
+ run: |
+ ./mvnw \
+ --show-version --batch-mode --errors --no-transfer-progress \
--global-toolchains ".github/workflows/maven-toolchains.xml" \
- verify
+ -DskipTests=true \
+ clean verify artifact:compare
+
+ - name: Verify build reproducibility
+ shell: bash
+ run: |
+ for report_file in target/*.buildcompare **/target/*.buildcompare; do
+ if ! grep -q "^ko=0$" "$report_file"; then
+ echo "Spotted build reproducibility failure in \`$report_file\`:"
+ cat "$report_file"
+ exit 1
+ fi
+ done
- name: Maven "site"
- # FreeMarker integration of `log4j-changelog` is broken on Windows:
https://github.com/apache/logging-log4j-tools/issues/19
- if: runner.os != 'Windows'
timeout-minutes: 10
shell: bash
run: |
@@ -135,20 +160,22 @@ jobs:
-Dexec.args='${project.version}' --non-recursive exec:exec)
id: get_version
- - name: Maven "deploy"
+ - name: Deploy artifacts
# Do not deploy release versions
if: ${{ endsWith(steps.get_version.outputs.version, '-SNAPSHOT') }}
timeout-minutes: 15
shell: bash
# `package install:install deploy:deploy` goal is needed to deploy
without configuring the plugin in the POM.
- # For details see:
https://maven.apache.org/plugins/maven-gpg-plugin/examples/deploy-signed-artifacts.html
+ # For details, see:
https://maven.apache.org/plugins/maven-gpg-plugin/examples/deploy-signed-artifacts.html
run: |
./mvnw \
--show-version --batch-mode --errors --no-transfer-progress \
+ --global-toolchains ".github/workflows/maven-toolchains.xml" \
+ --settings .github/workflows/maven-settings.xml \
-Dgpg.skip=true \
-DskipTests=true \
- --settings .github/workflows/maven-settings.xml \
- --global-toolchains ".github/workflows/maven-toolchains.xml" \
+ -DinstallAtEnd=true \
+ -DdeployAtEnd=true \
package install:install deploy:deploy
env:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
