From ce6e8f9109da4ef2aa5fb14ad7e5e1ef65680dc5 Mon Sep 17 00:00:00 2001 From: Rob Winch <362503+rwinch@users.noreply.github.com> Date: Fri, 18 Jul 2025 09:19:12 -0500 Subject: [PATCH] Force Snapshot Build is separate workflow Previously builds against the forced snapshots would prevent releases. This didn't work out in practice because breaking changes could be introduced that were not intended to be picked up until after releases. This change splits the snapshot builds into a separate workflow so that we are still informed when there is a breaking change coming, but it does not block the release. Closes gh-17558 --- .github/workflows/check-snapshots.yml | 38 +++++++++++++++++++ .../continuous-integration-workflow.yml | 20 ++-------- 2 files changed, 41 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/check-snapshots.yml diff --git a/.github/workflows/check-snapshots.yml b/.github/workflows/check-snapshots.yml new file mode 100644 index 0000000000..f482c0459f --- /dev/null +++ b/.github/workflows/check-snapshots.yml @@ -0,0 +1,38 @@ +name: CI + +on: + schedule: + - cron: '0 10 * * *' # Once per day at 10am UTC + workflow_dispatch: # Manual trigger + +env: + DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} + +permissions: + contents: read + +jobs: + snapshot-test: + name: Test Against Snapshots + uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1 + strategy: + matrix: + include: + - java-version: 21-ea + toolchain: 21 + - java-version: 17 + toolchain: 17 + with: + java-version: ${{ matrix.java-version }} + test-args: --refresh-dependencies -PforceMavenRepositories=snapshot,https://oss.sonatype.org/content/repositories/snapshots -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=7.+ -PreactorVersion=2025.+ -PspringDataVersion=2025.+ --stacktrace + secrets: inherit + send-notification: + name: Send Notification + needs: [ snapshot-test ] + if: ${{ !success() }} + runs-on: ubuntu-latest + steps: + - name: Send Notification + uses: spring-io/spring-security-release-tools/.github/actions/send-notification@v1 + with: + webhook-url: ${{ secrets.SPRING_SECURITY_CI_GCHAT_WEBHOOK_URL }} diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index db5eac1755..1620a98fbe 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -27,23 +27,9 @@ jobs: java-version: ${{ matrix.jdk }} distribution: temurin secrets: inherit - test: - name: Test Against Snapshots - uses: spring-io/spring-security-release-tools/.github/workflows/test.yml@v1 - strategy: - matrix: - include: - - java-version: 21-ea - toolchain: 21 - - java-version: 17 - toolchain: 17 - with: - java-version: ${{ matrix.java-version }} - test-args: --refresh-dependencies -PforceMavenRepositories=snapshot,https://oss.sonatype.org/content/repositories/snapshots -PisOverrideVersionCatalog -PtestToolchain=${{ matrix.toolchain }} -PspringFrameworkVersion=7.+ -PreactorVersion=2025.+ -PspringDataVersion=2025.+ --stacktrace - secrets: inherit deploy-artifacts: name: Deploy Artifacts - needs: [ build, test] + needs: [ build] uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1 with: should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }} @@ -51,14 +37,14 @@ jobs: secrets: inherit deploy-docs: name: Deploy Docs - needs: [ build, test ] + needs: [ build ] uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1 with: should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }} secrets: inherit deploy-schema: name: Deploy Schema - needs: [ build, test ] + needs: [ build ] uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1 with: should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }}