From 8bb807471fca82c333c7733de65b45f8def6f4ab Mon Sep 17 00:00:00 2001 From: Ludy Date: Mon, 19 Jan 2026 20:03:50 +0100 Subject: [PATCH] chore(ci): enable Gradle dependency caching across GitHub workflows (#5400) # Description of Changes This pull request updates the CI/CD workflows and Gradle configuration to improve build reproducibility, security, and external dependency management. The main changes include standardizing Gradle setup across workflows, securely injecting Maven credentials, and enabling Gradle build caching. There are also minor improvements to dependency version management and plugin repository configuration. **CI/CD Workflow Improvements:** - Standardized Gradle setup across all GitHub Actions workflows by explicitly adding a `Setup Gradle` step using `gradle/actions/setup-gradle@v5.0.0` and specifying Gradle version 8.14. This replaces previous usages and ensures consistency. [[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81) [[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176) [[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144) [[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216) [[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R260-R264) [[6]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341) [[7]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351) [[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL53-R54) [[9]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL121-R127) [[10]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR206-R217) [[11]](diffhunk://#diff-6a2e9fb077e57351f4a7e10d03b114e256298babdf06e7e7ae666781a5cf36a1R60-R70) [[12]](diffhunk://#diff-62dcbe64a950b4efb54d691e1e87451a8cd535400aa9ea1e40893de5b57cd73bL45-R46) [[13]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fL46-R56) [[14]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65) [[15]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR102-R114) [[16]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51) - Enabled Gradle build cache (`--build-cache`) for all build-related commands in workflows, improving build performance and consistency. Also removed unnecessary `clean` commands before builds to further optimize workflow times. [[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81) [[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176) [[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144) [[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216) [[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341) [[6]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351) [[7]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL134-R144) [[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR206-R217) [[9]](diffhunk://#diff-6a2e9fb077e57351f4a7e10d03b114e256298babdf06e7e7ae666781a5cf36a1R60-R70) [[10]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fL46-R56) [[11]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65) [[12]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR102-R114) [[13]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51) **Security and Dependency Management:** - Injected Maven credentials (`MAVEN_USER`, `MAVEN_PASSWORD`, `MAVEN_PUBLIC_URL`) as environment variables in all relevant workflow steps, supporting secure access to private or custom Maven repositories. [[1]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R71-R81) [[2]](diffhunk://#diff-8d23782ae5caff72d55828bb25814854f5f2523f299d7dbcda4a3537dd84c5c3L157-R176) [[3]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R134-R144) [[4]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R206-R216) [[5]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R290-R293) [[6]](diffhunk://#diff-5c3fa597431eda03ac3339ae6bf7f05e1a50d6fc7333679ec38e21b337cb6721R331-R341) [[7]](diffhunk://#diff-3c0f521958c53ad27c967692b4d5480ead136acb33622ee97d39df814b1b202eR339-R351) [[8]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR66-R69) [[9]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bL134-R144) [[10]](diffhunk://#diff-895b214ee023c8c26048a2a3b946cfb1ebc4f26fbc8a9c2fa54b77c12e763b6bR281-R283) [[11]](diffhunk://#diff-62dcbe64a950b4efb54d691e1e87451a8cd535400aa9ea1e40893de5b57cd73bR57-R60) [[12]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fR73-R76) [[13]](diffhunk://#diff-fd60dc2adec58c1005c4e4164e9c24362fd6082fd3ab0403e54d276d9835fa6eL42-R65) [[14]](diffhunk://#diff-b34ab107dd4bc92075b2e89b6f16e4a2813e267ca7c2afebdb1931a0a3900d5aR178-R180) [[15]](diffhunk://#diff-98b618771a57e1758961359ecacbac2cff7cfef29aa021c3bc294ae926c4ce5bL47-R51) - Added a `pluginManagement` block in `settings.gradle` to allow Gradle plugins to be resolved from a custom Maven repository if specified by environment variables, increasing flexibility for plugin sourcing. **Build and Dependency Versioning:** - Updated `app/proprietary/build.gradle` to use the `bouncycastleVersion` variable for the Bouncy Castle dependency version, improving maintainability and consistency of dependency versioning. **Workflow Trigger Improvements:** - Expanded the file path triggers in `.github/workflows/sync_files_v2.yml` to include additional Gradle build files, ensuring the workflow runs when any core build files are changed. --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### Translations (if applicable) - [ ] I ran [`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --- .../workflows/PR-Demo-Comment-with-react.yml | 12 ++++- .github/workflows/build.yml | 48 +++++++++++++++++-- .../frontend-backend-licenses-update.yml | 10 +++- .github/workflows/multiOSReleases.yml | 25 ++++++++-- .github/workflows/pre_commit.yml | 11 ++++- .github/workflows/push-docker.yml | 13 ++++- .github/workflows/swagger.yml | 12 ++++- .github/workflows/sync_files_v2.yml | 3 ++ .github/workflows/tauri-build.yml | 12 ++++- .github/workflows/testdriver.yml | 5 +- app/core/build.gradle | 5 -- app/proprietary/build.gradle | 4 +- build.gradle | 33 ++++++++++--- settings.gradle | 21 ++++++++ 14 files changed, 184 insertions(+), 30 deletions(-) diff --git a/.github/workflows/PR-Demo-Comment-with-react.yml b/.github/workflows/PR-Demo-Comment-with-react.yml index bf8323e49..2ec5c0025 100644 --- a/.github/workflows/PR-Demo-Comment-with-react.yml +++ b/.github/workflows/PR-Demo-Comment-with-react.yml @@ -153,9 +153,14 @@ jobs: - name: Set up JDK 21 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 with: - java-version: "17" + java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Run Gradle Command run: | if [ "${{ needs.check-comment.outputs.disable_security }}" == "true" ]; then @@ -163,8 +168,11 @@ jobs: else export DISABLE_ADDITIONAL_FEATURES=false fi - ./gradlew clean build + ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} STIRLING_PDF_DESKTOP_UI: false - name: Set up Docker Buildx diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 90391ee4b..d3b64f5a9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -68,9 +68,17 @@ jobs: java-version: ${{ matrix.jdk-version }} distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build with Gradle and spring security ${{ matrix.spring-security }} - run: ./gradlew clean build -PnoSpotless + run: ./gradlew build -PnoSpotless env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: ${{ matrix.spring-security }} - name: Check Test Reports Exist @@ -135,9 +143,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Generate OpenAPI documentation run: ./gradlew :stirling-pdf:generateOpenApiDocs env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Upload OpenAPI Documentation @@ -199,8 +215,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: check the licenses for compatibility - run: ./gradlew clean checkLicense + run: ./gradlew checkLicense + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: FAILED - check the licenses for compatibility if: failure() @@ -244,6 +269,11 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 @@ -269,6 +299,10 @@ jobs: chmod +x ./testing/test.sh chmod +x ./testing/test_disabledEndpoints.sh ./testing/test.sh + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} test-build-docker-images: if: github.event_name == 'pull_request' && needs.files-changed.outputs.project == 'true' @@ -306,9 +340,17 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build application - run: ./gradlew clean build + run: ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true STIRLING_PDF_DESKTOP_UI: false diff --git a/.github/workflows/frontend-backend-licenses-update.yml b/.github/workflows/frontend-backend-licenses-update.yml index ce345bfe5..b0d6f3f3a 100644 --- a/.github/workflows/frontend-backend-licenses-update.yml +++ b/.github/workflows/frontend-backend-licenses-update.yml @@ -336,11 +336,19 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Check licenses and generate report id: license-check run: | - ./gradlew clean checkLicense generateLicenseReport || echo "LICENSE_CHECK_FAILED=true" >> $GITHUB_ENV + ./gradlew checkLicense generateLicenseReport || echo "LICENSE_CHECK_FAILED=true" >> $GITHUB_ENV env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: false STIRLING_PDF_DESKTOP_UI: true diff --git a/.github/workflows/multiOSReleases.yml b/.github/workflows/multiOSReleases.yml index b06f86de2..a1da75d0b 100644 --- a/.github/workflows/multiOSReleases.yml +++ b/.github/workflows/multiOSReleases.yml @@ -50,7 +50,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -62,6 +63,10 @@ jobs: VERSION=$(./gradlew printVersion --quiet | tail -1) echo "Extracted version: $VERSION" echo "versionNumber=$VERSION" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: Determine build matrix id: set-matrix @@ -118,7 +123,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -131,8 +137,11 @@ jobs: cache-dependency-path: frontend/package-lock.json - name: Build JAR - run: ./gradlew clean build ${{ matrix.variant.build_frontend && '-PbuildWithFrontend=true' || '' }} -x spotlessApply -x spotlessCheck -x test -x sonarqube + run: ./gradlew build ${{ matrix.variant.build_frontend && '-PbuildWithFrontend=true' || '' }} -x spotlessApply -x spotlessCheck -x test -x sonarqube env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: ${{ matrix.variant.disable_security }} STIRLING_PDF_DESKTOP_UI: false @@ -194,13 +203,18 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build Java backend with JLink working-directory: ./ shell: bash run: | chmod +x ./gradlew echo "🔧 Building Stirling-PDF JAR..." - ./gradlew clean build -x spotlessApply -x spotlessCheck -x test -x sonarqube + ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube # Find the built JAR STIRLING_JAR=$(ls app/core/build/libs/stirling-pdf-*.jar | head -n 1) @@ -264,6 +278,9 @@ jobs: RUNTIME_SIZE=$(du -sh ./frontend/src-tauri/runtime/jre | cut -f1) echo "📊 Custom JRE size: $RUNTIME_SIZE" env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Install frontend dependencies diff --git a/.github/workflows/pre_commit.yml b/.github/workflows/pre_commit.yml index 4e4665a56..d8389e9df 100644 --- a/.github/workflows/pre_commit.yml +++ b/.github/workflows/pre_commit.yml @@ -57,8 +57,17 @@ jobs: java-version: 21 distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build with Gradle - run: ./gradlew clean build + run: ./gradlew build + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: git add run: | diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml index af3d3afe5..1896af8ce 100644 --- a/.github/workflows/push-docker.yml +++ b/.github/workflows/push-docker.yml @@ -45,7 +45,8 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 with: gradle-version: 8.14 @@ -56,6 +57,16 @@ jobs: - name: Get version number id: versionNumber run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} + + - name: Install cosign + if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + with: + cosign-release: "v2.4.1" - name: Install cosign if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/V2-master' diff --git a/.github/workflows/swagger.yml b/.github/workflows/swagger.yml index 2b0c946cd..3fa7fb14d 100644 --- a/.github/workflows/swagger.yml +++ b/.github/workflows/swagger.yml @@ -39,7 +39,10 @@ jobs: java-version: "21" distribution: "temurin" - - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 - name: Generate Swagger documentation run: ./gradlew :stirling-pdf:generateOpenApiDocs @@ -47,12 +50,19 @@ jobs: - name: Upload Swagger Documentation to SwaggerHub run: ./gradlew swaggerhubUpload env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} SWAGGERHUB_API_KEY: ${{ secrets.SWAGGERHUB_API_KEY }} SWAGGERHUB_USER: "Frooodle" - name: Get version number id: versionNumber run: echo "versionNumber=$(./gradlew printVersion --quiet | tail -1)" >> $GITHUB_OUTPUT + env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} - name: Set API version as published and default on SwaggerHub run: | diff --git a/.github/workflows/sync_files_v2.yml b/.github/workflows/sync_files_v2.yml index 25bbb2326..2e94080df 100644 --- a/.github/workflows/sync_files_v2.yml +++ b/.github/workflows/sync_files_v2.yml @@ -7,6 +7,9 @@ on: - main paths: - "build.gradle" + - "app/common/build.gradle" + - "app/core/build.gradle" + - "app/proprietary/build.gradle" - "README.md" - "frontend/public/locales/*/translation.toml" - "app/core/src/main/resources/static/3rdPartyLicenses.json" diff --git a/.github/workflows/tauri-build.yml b/.github/workflows/tauri-build.yml index 8894d61c8..d2aae298a 100644 --- a/.github/workflows/tauri-build.yml +++ b/.github/workflows/tauri-build.yml @@ -99,14 +99,19 @@ jobs: java-version: "21" distribution: "temurin" + - name: Setup Gradle + uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + with: + gradle-version: 8.14 + - name: Build Java backend with JLink working-directory: ./ shell: bash run: | chmod +x ./gradlew echo "🔧 Building Stirling-PDF JAR..." - # STIRLING_PDF_DESKTOP_UI=false ./gradlew clean bootJar --no-daemon - ./gradlew clean build -x spotlessApply -x spotlessCheck -x test -x sonarqube + # STIRLING_PDF_DESKTOP_UI=false ./gradlew bootJar --no-daemon + ./gradlew build -x spotlessApply -x spotlessCheck -x test -x sonarqube # Find the built JAR STIRLING_JAR=$(ls app/core/build/libs/stirling-pdf-*.jar | head -n 1) @@ -170,6 +175,9 @@ jobs: RUNTIME_SIZE=$(du -sh ./frontend/src-tauri/runtime/jre | cut -f1) echo "📊 Custom JRE size: $RUNTIME_SIZE" env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Install frontend dependencies diff --git a/.github/workflows/testdriver.yml b/.github/workflows/testdriver.yml index b16484b0b..6168f8bf6 100644 --- a/.github/workflows/testdriver.yml +++ b/.github/workflows/testdriver.yml @@ -44,8 +44,11 @@ jobs: gradle-version: 8.14 - name: Build with Gradle - run: ./gradlew clean build + run: ./gradlew build env: + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_PUBLIC_URL: ${{ secrets.MAVEN_PUBLIC_URL }} DISABLE_ADDITIONAL_FEATURES: true - name: Set up Docker Buildx diff --git a/app/core/build.gradle b/app/core/build.gradle index 34a2f1304..b4153a665 100644 --- a/app/core/build.gradle +++ b/app/core/build.gradle @@ -2,11 +2,6 @@ apply plugin: 'org.springframework.boot' import org.apache.tools.ant.taskdefs.condition.Os -repositories { - maven { url = 'https://build.shibboleth.net/maven/releases' } - maven { url = 'https://maven.pkg.github.com/jcefmaven/jcefmaven' } -} - configurations { developmentOnly runtimeClasspath { diff --git a/app/proprietary/build.gradle b/app/proprietary/build.gradle index a8d3a5859..e9aea411f 100644 --- a/app/proprietary/build.gradle +++ b/app/proprietary/build.gradle @@ -1,5 +1,5 @@ repositories { - maven { url = "https://build.shibboleth.net/maven/releases" } + maven { url "https://build.shibboleth.net/maven/releases" } } ext { @@ -53,7 +53,7 @@ dependencies { implementation 'com.bucket4j:bucket4j_jdk17-core:8.15.0' // https://mvnrepository.com/artifact/com.bucket4j/bucket4j_jdk17 - implementation 'org.bouncycastle:bcprov-jdk18on:1.83' + implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion" implementation 'org.thymeleaf.extras:thymeleaf-extras-springsecurity5:3.1.3.RELEASE' api 'io.micrometer:micrometer-registry-prometheus' diff --git a/build.gradle b/build.gradle index af191a0e5..47ce2ba21 100644 --- a/build.gradle +++ b/build.gradle @@ -38,6 +38,16 @@ ext.isSecurityDisabled = { -> System.getProperty('DISABLE_ADDITIONAL_FEATURES') == 'true') } +ext.mavenUrl = System.getenv("MAVEN_PUBLIC_URL") ?: "" +ext.username = System.getenv('MAVEN_USER') ?: "" +ext.password = System.getenv('MAVEN_PASSWORD') ?: "" + +if (rootProject.ext.mavenUrl.isEmpty()) { + println "No custom MAVEN_PUBLIC_URL set, defaulting to Maven Central" +} else { + println "MAVEN_PUBLIC_URL set" +} + jar { enabled = false manifest { @@ -55,11 +65,6 @@ springBoot { mainClass = 'stirling.software.SPDF.SPDFApplication' } -repositories { - mavenCentral() - maven { url = 'https://build.shibboleth.net/maven/releases' } -} - allprojects { group = 'stirling.software' version = '2.3.0' @@ -135,13 +140,27 @@ subprojects { sourceCompatibility = JavaVersion.VERSION_17 } - if (project.name != "stirling-pdf") { + if (project.name != "stirling-pdf") { bootJar { enabled = false } - } + } repositories { + if (!rootProject.ext.mavenUrl.isEmpty()) { + maven { + url rootProject.ext.mavenUrl + '/releases' + credentials(PasswordCredentials) { + username rootProject.ext.username + password rootProject.ext.password + } + authentication { + basic(BasicAuthentication) + } + allowInsecureProtocol true + } + } + maven { url "https://build.shibboleth.net/maven/releases" } mavenCentral() } diff --git a/settings.gradle b/settings.gradle index 3c6363f77..14de3e0aa 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,7 +1,28 @@ +pluginManagement { + repositories { + var gradlePluginPortalUrl = System.getenv("MAVEN_PUBLIC_URL") ?: "" + if (!gradlePluginPortalUrl.isEmpty()){ + maven { + url gradlePluginPortalUrl + "/gradle" + credentials(PasswordCredentials) { + username System.getenv('MAVEN_USER') ?: "" + password System.getenv('MAVEN_PASSWORD') ?: "" + } + authentication { + basic(BasicAuthentication) + } + allowInsecureProtocol true + } + } + gradlePluginPortal() + } +} + plugins { // Apply the foojay-resolver plugin to allow automatic download of JDKs id 'org.gradle.toolchains.foojay-resolver-convention' version '1.0.0' } + rootProject.name = 'Stirling PDF' include 'stirling-pdf', 'common', 'proprietary'