Improve test coverage #307

Workflow file for this run

	name: Build Java Core Library

	on:
	pull_request:
	pull_request_target: # Use pull_request_target so Dependabot PRs can run with repo context (secrets available)
	branches: [ "master" ]
	push:
	branches: [ "master" ]
	workflow_dispatch:

	jobs:
	generate-matrix:
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.set-matrix.outputs.matrix }}
	name: Generate version matrix
	steps:
	- uses: actions/checkout@v6
	- name: Read matrix from JSON
	id: set-matrix
	run: \|
	MATRIX=$(jq -c '.matrix' .github/spring-versions.json)
	echo "matrix={\"include\":$MATRIX}" >> $GITHUB_OUTPUT

	regression-tests:
	needs: generate-matrix
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
	name: Test Spring Boot ${{ matrix.boot }} / Java ${{ matrix.java }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v6
	with:
	fetch-depth: 0

	- name: Setup Java
	uses: actions/setup-java@v5
	with:
	distribution: temurin
	java-version: ${{ matrix.java }}

	- name: Run tests and generate reports
	run: ./gradlew testAndReport -PspringBootVersion=${{ matrix.boot }} -PspringFrameworkVersion=${{ matrix.framework }}

	- name: Upload Artifact
	uses: actions/upload-artifact@v6
	if: always()
	with:
	name: report-java-${{ matrix.java }}-spring-boot-${{ matrix.boot }}
	path: build/reports/**
	retention-days: 5

	test:
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	java: [ '17', '21' ]
	name: Test Spring Boot latest / Java ${{ matrix.java }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v6
	with:
	fetch-depth: 0

	- name: Setup Java
	uses: actions/setup-java@v5
	with:
	distribution: temurin
	java-version: ${{ matrix.java }}

	- name: Run tests and generate reports
	run: ./gradlew testAndReport

	- name: Upload Artifact
	uses: actions/upload-artifact@v6
	if: always()
	with:
	name: report-java-${{ matrix.java }}-spring-boot-latest
	path: build/reports/**
	retention-days: 5

	- name: Run Sonar analysis
	# Skip Sonar on Dependabot in pull_request runs (no secrets there); handled by a separate job below
	if: matrix.java == '17' && github.actor != 'dependabot[bot]'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: ./gradlew sonar -x test --no-watch-fs

	# Separate job to safely run Sonar on Dependabot PRs using pull_request_target context
	sonar-dependabot:
	name: Sonar (Dependabot PRs)
	# Only run when the event is pull_request_target and the actor is Dependabot
	if: github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
	runs-on: ubuntu-latest
	permissions:
	contents: read
	pull-requests: write
	checks: write
	steps:
	# IMPORTANT: pull_request_target defaults to checking out the base branch; explicitly use the PR HEAD SHA
	- name: Checkout PR HEAD
	uses: actions/checkout@v6
	with:
	ref: ${{ github.event.pull_request.head.sha }}

	- name: Setup Java
	uses: actions/setup-java@v5
	with:
	distribution: temurin
	java-version: '17'

	- name: Build (no tests)
	run: ./gradlew assemble -x test

	- name: Sonar analysis (Dependabot)
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Secrets are available in PR_TARGET context
	run: ./gradlew sonar -x test --no-watch-fs

	build:
	runs-on: ubuntu-latest
	needs: [ test ]
	steps:
	- name: Checkout code
	uses: actions/checkout@v6

	- name: Setup Java
	uses: actions/setup-java@v5
	with:
	distribution: temurin
	java-version: 17

	- name: Run build with Gradle Wrapper
	run: ./gradlew build -x test

	- name: Upload Artifact
	uses: actions/upload-artifact@v6
	with:
	name: jar
	path: build/libs/**
	retention-days: 5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Improve test coverage #307

Workflow file

Improve test coverage #307

Uh oh!

Workflow file for this run