Skip to content

Bump BouncyCastle version to 1.77. #123

Bump BouncyCastle version to 1.77.

Bump BouncyCastle version to 1.77. #123

Workflow file for this run

name: Java CI with Maven and CMake
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
env:
# Java version to use for the release
RELEASE_JAVA_VERSION: 11
UBUNTU_MIRROR_AMD64: http://azure.archive.ubuntu.com/ubuntu
DOCKER_BUILDKIT: 1
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 11, 17 ]
name: Java ${{ matrix.java }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: ${{ matrix.java }}
cache: maven
- name: Build and test with Maven
run: mvn -B verify -DperformRelease=true -Pcoverage -DskipNativeTests=true
- name: Upload coverage report
if: matrix.java == env.RELEASE_JAVA_VERSION
uses: codecov/codecov-action@v2
- name: Upload JNI headers
if: matrix.java == env.RELEASE_JAVA_VERSION
uses: actions/upload-artifact@v3
with:
name: javah
path: target/native
ubuntu_natives:
needs: test
runs-on: ubuntu-latest
name: Ubuntu Natives (${{ matrix.arch }}, OpenSSL ${{ matrix.dist.libssl }})
strategy:
matrix:
dist:
- { dist: focal, libssl: "1.1" }
- { dist: jammy, libssl: "3" }
arch:
- amd64
- arm64
- ppc64el
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get JNI headers
uses: actions/download-artifact@v3
with:
name: javah
path: target/native
- name: Build natives with CMake in Docker
run: resources/ubuntu-build-docker.sh ${{ matrix.arch }} ${{ matrix.dist.dist }} ${{ env.RELEASE_JAVA_VERSION }} ${{ matrix.dist.libssl }}
- name: Upload lib as artifact
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.dist.dist }}-${{ matrix.arch }}
path: src/main/resources/*
mac_natives:
needs: test
runs-on: macos-latest
name: Mac Natives (${{ matrix.arch }}, OpenSSL ${{ matrix.libssl }})
strategy:
fail-fast: false
matrix:
libssl:
- "1.1"
- "3"
arch:
- x86_64
- arm64
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get JNI headers
uses: actions/download-artifact@v3
with:
name: javah
path: target/native
- name: Set up JDK ${{ env.RELEASE_JAVA_VERSION }}
id: install_java
uses: actions/setup-java@v3
with:
distribution: zulu
java-version: ${{ env.RELEASE_JAVA_VERSION }}
architecture: ${{ matrix.arch }}
- name: Install OpenSSL ${{ matrix.libssl }}
if: matrix.arch == 'x86_64'
run: brew install openssl@${{ matrix.libssl }}
- name: Install OpenSSL ${{ matrix.libssl }}
if: matrix.arch == 'arm64'
run: |
brew uninstall --ignore-dependencies openssl@${{ matrix.libssl }} || true
brew fetch --force --bottle-tag=arm64_monterey openssl@${{ matrix.libssl }} | grep "Downloaded to:" | awk '{ print $3 }' | xargs -n 1 brew install
- name: Build natives with CMake
run: resources/mac-cmake.sh "${{ steps.install_java.outputs.path }}" "${{ matrix.arch }}" "${{ matrix.libssl }}"
- name: Upload lib as artifact
uses: actions/upload-artifact@v3
with:
name: darwin-${{ matrix.arch }}
path: src/main/resources/*
release:
name: Test including natives and release
needs:
- test
- ubuntu_natives
- mac_natives
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up JDK
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: ${{ env.RELEASE_JAVA_VERSION }}
cache: maven
server-id: ossrh
server-username: SONATYPE_USER
server-password: SONATYPE_PW
- name: Download natives
uses: actions/download-artifact@v3
with:
path: target
- name: Copy natives for Maven
run: |
BASEDIR=$(pwd)/src/main/resources
mkdir -p $BASEDIR
cd target
for dist in */*/ ; do
last_dir=$(basename $dist)
if [[ "$last_dir" =~ ^(linux|darwin) ]]; then
mkdir -p "$BASEDIR/$last_dir" || true
cp "$dist"/*.{so,dylib} "$BASEDIR/$last_dir" || true
fi;
done;
- name: Set version
run: |
VERSION=`git describe --match "v[0-9\.]*" --long --dirty --always`
mvn -B versions:set -DnewVersion=${VERSION:1} -DgenerateBackupPoms=false
- name: Run Maven tests with native (if PR)
if: github.ref != 'refs/heads/master'
run: mvn -B verify -Dosgi-native=true -DperformRelease=true
- name: Run Maven tests with native (if release)
if: github.ref == 'refs/heads/master'
run: mvn -B test -Dosgi-native=true
- name: Attach final jars (if PR)
uses: actions/upload-artifact@v3
if: github.ref != 'refs/heads/master'
with:
name: jars
path: target/*.jar
- name: Test including natives and release to Maven Central
if: github.ref == 'refs/heads/master'
env:
SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
SONATYPE_PW: ${{ secrets.SONATYPE_PW }}
run: |
cat <(echo -e "${{ secrets.GPG_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
mvn \
--no-transfer-progress \
--batch-mode \
-Dgpg.passphrase="${{ secrets.GPG_PW }}" \
-DperformRelease=true \
-Drelease=true \
-DskipTests \
-Dosgi-native=true \
deploy
- name: Attach final jars (after releasing to Maven Central)
uses: actions/upload-artifact@v3
if: github.ref == 'refs/heads/master'
with:
name: jars
path: target/*.jar