chore: sync cicd with toon4s #141

Workflow file for this run

	name: CI

	on:
	push:
	branches: [main]
	pull_request:
	workflow_dispatch:
	workflow_call:

	concurrency:
	group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref \|\| github.ref }}
	cancel-in-progress: ${{ github.event_name == 'pull_request' }}

	jobs:
	fixture-sync:
	name: Spec fixture sync
	runs-on: ubuntu-latest
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- name: Verify contract fixtures are coherent
	run: \|
	chmod +x scripts/check-contract-fixtures-sync.sh
	./scripts/check-contract-fixtures-sync.sh

	quick-checks:
	name: Quick checks
	runs-on: ubuntu-latest
	needs: fixture-sync
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- uses: sbt/setup-sbt@v1

	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: Clean workspace
	run: sbt clean

	- name: scalafmt check
	run: sbt clean scalafmtCheckAll

	- name: Guard - ban println in production sources
	run: \|
	if rg -n '\bprintln\(' modules --glob '/src/main/' --glob '!/examples/'; then
	echo "println detected in production sources" >&2
	exit 1
	fi

	- name: compile all
	run: sbt clean compileAll

	- name: binary compatibility check
	run: >
	sbt clean
	core/mimaReportBinaryIssues
	contracts/mimaReportBinaryIssues
	connectors/mimaReportBinaryIssues
	connectors-gcs/mimaReportBinaryIssues
	connectors-jdbc/mimaReportBinaryIssues
	engines-spark/mimaReportBinaryIssues
	quality-deequ/mimaReportBinaryIssues
	infrastructure/mimaReportBinaryIssues
	contracts-sdk/mimaReportBinaryIssues

	docs-lint:
	name: Docs lint
	runs-on: ubuntu-latest
	needs: quick-checks
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5
	- name: Detect docs changes
	id: docs_changes
	uses: dorny/paths-filter@v3
	with:
	list-files: shell
	filters: \|
	docs:
	- 'docs/**'
	- '*/.md'
	- 'scripts/lint-docs.sh'
	api_scala:
	- 'modules/core/src/main/*/.scala'
	- 'modules/contracts/src/main/*/.scala'
	- name: Skip docs lint (no docs changes)
	if: steps.docs_changes.outputs.docs != 'true'
	run: echo "No docs changes detected; skipping docs lint."
	- name: Install ripgrep
	if: steps.docs_changes.outputs.docs == 'true'
	run: sudo apt-get update && sudo apt-get install -y ripgrep
	- name: Docs structure lint
	if: steps.docs_changes.outputs.docs == 'true'
	run: bash scripts/lint-docs.sh
	- name: Scaladoc coverage lint
	if: steps.docs_changes.outputs.api_scala == 'true'
	env:
	DOC_LINT_FILES: ${{ steps.docs_changes.outputs.api_scala_files }}
	run: \|
	chmod +x scripts/doclint.sh
	./scripts/doclint.sh

	security:
	name: Security scans
	runs-on: ubuntu-latest
	needs: quick-checks
	permissions:
	contents: read
	security-events: write
	if: github.event_name == 'pull_request'
	steps:
	- uses: actions/checkout@v5
	with:
	fetch-depth: 0
	- name: CodeQL init
	uses: github/codeql-action/init@v4
	with:
	languages: actions
	- name: CodeQL analyze
	uses: github/codeql-action/analyze@v4
	- name: TruffleHog secret scan
	uses: trufflesecurity/trufflehog@main
	with:
	path: ./
	base: ${{ github.event.pull_request.base.sha }}
	head: HEAD
	extra_args: --only-verified
	- name: Semgrep SAST
	uses: returntocorp/semgrep-action@v1
	with:
	config: auto

	test:
	name: Test
	needs: quick-checks
	runs-on: ${{ matrix.os }}
	permissions:
	contents: read
	strategy:
	fail-fast: false
	matrix:
	include:
	- os: ubuntu-latest
	scala: 2.13.16
	java: 17
	- os: macos-latest
	scala: 2.13.16
	java: 17
	- os: windows-latest
	scala: 2.13.16
	java: 17
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- uses: sbt/setup-sbt@v1

	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: ${{ matrix.java }}
	cache: sbt

	- name: Run tests
	run: sbt "-Dsbt.log.noformat=true" ++${{ matrix.scala }} testQuick

	- name: Upload test reports
	if: failure()
	uses: actions/upload-artifact@v4
	with:
	name: test-reports-${{ matrix.os }}-${{ matrix.scala }}
	path: \|
	**/target/test-reports/
	**/target/scala-${{ matrix.scala }}/test-reports/
	retention-days: 5

	spark-compat:
	name: Spark compatibility (${{ matrix.spark }})
	needs: quick-checks
	runs-on: ubuntu-latest
	permissions:
	contents: read
	strategy:
	fail-fast: false
	max-parallel: 2
	matrix:
	spark: ["3.5.6"]
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- uses: sbt/setup-sbt@v1

	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: Run engines-spark tests
	run: sbt "-Dsbt.log.noformat=true" engines-spark/test

	spark-it:
	name: Spark integration tests
	needs: [test]
	runs-on: ubuntu-latest
	permissions:
	contents: read
	if: \|
	github.event_name == 'workflow_dispatch' \|\|
	(github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'run-integration-tests')) \|\|
	(github.event_name == 'push' && github.ref == 'refs/heads/main')
	steps:
	- uses: actions/checkout@v5
	- uses: sbt/setup-sbt@v1
	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt
	- name: Run Spark integration tests
	run: sbt -batch -DwithSparkIT=true "engines-spark/testOnly *SparkDeltaSCD2IT"

	scaladoc:
	name: Scaladoc
	runs-on: ubuntu-latest
	needs: quick-checks
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- uses: sbt/setup-sbt@v1

	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: Generate Scaladoc (core)
	run: sbt clean -Dsbt.log.noformat=true core/doc

	- name: Generate Scaladoc (engines-spark)
	run: sbt -Dsbt.log.noformat=true engines-spark/doc
	continue-on-error: true

	smoke:
	name: Smoke Tests
	runs-on: ubuntu-latest
	needs: test
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v5

	- uses: sbt/setup-sbt@v1

	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt

	- name: Examples smoke test
	run: sbt -Dsbt.log.noformat=true "examples/testOnly *EffectSystemExamplesSpec"

	budget:
	name: Budget Gate
	runs-on: ubuntu-latest
	needs: [test]
	permissions:
	contents: read
	if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[skip release]')"
	steps:
	- uses: actions/checkout@v4
	- uses: sbt/setup-sbt@v1
	- uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: sbt
	- name: Compile-fail + quality gate
	run: sbt -Dsbt.log.noformat=true ffCheck

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: sync cicd with toon4s #141

Workflow file

chore: sync cicd with toon4s #141

Uh oh!

Workflow file for this run