[MOSIP-29967] Added dev-check.yml #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/dependency-check.yml | ||
| name: Dependency Check | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| MESSAGE: | ||
| description: 'Triggered For Dependency Check' | ||
| required: false | ||
| type: string | ||
| default: 'dependency check' | ||
| SKIP_DEPENDENCIES: | ||
| description: 'List of dependencies to be skipped' | ||
| required: false | ||
| type: string | ||
| default: '' | ||
| DEPENDENCY_VERSIONS: | ||
| description: 'Specify versions for specific dependencies' | ||
| required: false | ||
| type: string | ||
| default: '' | ||
| secrets: | ||
| SLACK_WEBHOOK_URL: | ||
| required: true | ||
| jobs: | ||
| check-dependencies: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v2 | ||
| - name: Set up JDK | ||
| uses: actions/setup-java@v2 | ||
| with: | ||
| distribution: 'adopt' | ||
| java-version: '11' | ||
| - name: Install xmlstarlet and xmllint | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install xmlstarlet libxml2-utils | ||
| - name: Check if dependencies are marked outside the current development version in the POM file. | ||
| run: | | ||
| # Find all pom.xml files | ||
| pomfiles=$(find ./ -type f -name "*pom.xml") | ||
| skipped_dependencies=${{ inputs.SKIP_DEPENDENCIES }} | ||
| IFS=' ' read -ra dependency_versions <<< "$DEPENDENCY_VERSIONS" | ||
| # Function to resolve a version and check if it's marked outside the current development version | ||
| resolve_version() { | ||
| local version=$1 | ||
| local pomfile=$2 | ||
| if [[ " ${skipped_dependencies[@]} " =~ " $version " ]]; then | ||
| echo "Skipping VERSION $version based on user input (SKIP_DEPENDENCIES)" | ||
| else | ||
| output=$(mvn help:evaluate -Dexpression=$version -f $pomfile | grep -vE "INFO|WARNING") | ||
| if [[ $output == *"ERROR"* ]]; then | ||
| echo "VERSION $version not found; EXITING" | ||
| exit 1 | ||
| elif [[ $output != *"-SNAPSHOT"* ]]; then | ||
| if [[ ${dependency_versions["$version"]} ]]; then | ||
| expected_version="${dependency_versions["$version"]}" | ||
| if [[ "$output" != *"$expected_version"* ]]; then | ||
| echo "Mismatch for VERSION $version; Expected: $expected_version, Actual: $output; EXITING" | ||
| exit 1 | ||
| fi | ||
| else | ||
| echo "VERSION '$version' is marked outside the current development version; EXITING" | ||
| exit 1 | ||
| fi | ||
| fi | ||
| fi | ||
| } | ||
| for pomfile in $pomfiles; do | ||
| echo "===================================== $pomfile ==========================================" | ||
| # Use xmlstarlet to extract dependency versions | ||
| dv=$(xmlstarlet sel -N s="http://maven.apache.org/POM/4.0.0" -t -v "//s:project/s:dependencies/s:dependency/s:version" $pomfile | grep '[${}]' | sed 's/[${}]//g') | ||
| echo "Dependency versions in $pomfile = $dv" | sed -z 's/\n//' | ||
| for v in $dv; do | ||
| echo -e "\nv=$v" | ||
| resolve_version "$v" "$pomfile" | ||
| done | ||
| done | ||
| - uses: 8398a7/action-slack@v3 | ||
| with: | ||
| status: ${{ job.status }} | ||
| fields: repo,message,author,commit,workflow,job # selectable (default: repo,message) | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | ||
| if: failure() # Pick up events even if the job fails or is canceled. | ||
