name: CI/CD Pipeline on: push: branches: [ main, develop ] pull_request: branches: [ main ] workflow_dispatch: env: GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.caching=true jobs: test: name: Test on ${{ matrix.os }} runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: os: [ubuntu-latest, windows-latest, macos-latest] steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Setup Gradle uses: gradle/gradle-build-action@v3 with: gradle-home-cache-cleanup: true - name: Cache Kotlin/JS dependencies uses: actions/cache@v3 with: path: | ~/.gradle/caches ~/.gradle/wrapper kotlin-js-store key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} restore-keys: | ${{ runner.os }}-gradle- - name: Run tests run: ./gradlew test --stacktrace - name: Upload test results uses: actions/upload-artifact@v3 if: always() with: name: test-results-${{ matrix.os }} path: | build/reports/tests/ build/test-results/ build: name: Build Multiplatform runs-on: ubuntu-latest needs: test steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Setup Gradle uses: gradle/gradle-build-action@v3 - name: Build JVM target run: ./gradlew jvmJar --stacktrace - name: Build WASM target run: ./gradlew wasmJsBrowserDistribution --stacktrace - name: Upload JVM artifacts uses: actions/upload-artifact@v3 with: name: jvm-artifacts path: build/libs/ - name: Upload WASM artifacts uses: actions/upload-artifact@v3 with: name: wasm-artifacts path: | build/dist/wasmJs/productionExecutable/ wasm_demo.html code-quality: name: Code Quality Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Setup Gradle uses: gradle/gradle-build-action@v3 - name: Run detekt run: ./gradlew detekt --stacktrace || true - name: Upload detekt results uses: actions/upload-artifact@v3 if: always() with: name: detekt-results path: build/reports/detekt/ security-scan: name: Security Scan runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: scan-type: 'fs' scan-ref: '.' format: 'sarif' output: 'trivy-results.sarif' - name: Upload Trivy scan results uses: github/codeql-action/upload-sarif@v2 if: always() with: sarif_file: 'trivy-results.sarif' dependency-check: name: Dependency Vulnerability Check runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Setup Gradle uses: gradle/gradle-build-action@v3 - name: Run dependency check run: ./gradlew dependencyCheckAnalyze --stacktrace || true - name: Upload dependency check results uses: actions/upload-artifact@v3 if: always() with: name: dependency-check-results path: build/reports/