Update constraints in java build files / Constrain lib in UI #3623
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Java project with Gradle | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle | |
| name: Run Underlay Tests | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - 'README.md' | |
| - 'docs/**' | |
| pull_request: | |
| branches: [ '**' ] | |
| paths-ignore: | |
| - 'README.md' | |
| - 'docs/**' | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| if: "!contains( github.event.sender.login, 'broadbot')" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }}-${{ hashFiles('**/*.gradle') }} | |
| restore-keys: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }} | |
| - name: Pull credentials | |
| id: pull_credentials | |
| run: | | |
| # For security reasons, Broad prefers we read GHA secrets instead of reading from vault. | |
| # This step does the equivalent of the pull-credentials.sh script. | |
| # On local machines, the script fetches a SA from Vault. | |
| # In GH actions, the SA key is stored in a GH repo secret. | |
| # Regardless of how it was fetched, tests and scripts expect these | |
| # keys to be stored in rendered/. | |
| mkdir -p rendered/broad/ | |
| echo "$TEST_PROJECT_SA_KEY" > rendered/broad/tanagra_sa.json | |
| env: | |
| TEST_PROJECT_SA_KEY: ${{ secrets.TEST_PROJECT_SA_KEY }} | |
| - name: Gradle Build and Check | |
| # The check task includes the build, test and static analysis tasks. | |
| run: ./gradlew underlay:check --scan | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GOOGLE_APPLICATION_CREDENTIALS: ../rendered/broad/tanagra_sa.json |