gha #35
gha #35
Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces a GitHub Actions CI/CD workflow for a Clojure project. The workflow automates building, testing, and publishing the project to Clojars.
Key Changes
- Adds a comprehensive CI pipeline that runs on all branches and pull requests
- Implements conditional testing and deployment jobs based on branch/tag context
- Configures Java 17 and Leiningen for Clojure project builds
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
.github/workflows/ci.yml
Outdated
| - name: Install dependencies | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y gzip |
There was a problem hiding this comment.
The step name 'Install dependencies' is duplicated multiple times in the workflow with different purposes. This step installs system packages (gzip), while later steps with the same name install Leiningen dependencies. Consider renaming this to 'Install system dependencies' to clarify its purpose and distinguish it from other dependency installation steps.
.github/workflows/ci.yml
Outdated
| - name: Install Leiningen | ||
| run: | | ||
| wget https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein | ||
| chmod +x lein | ||
| sudo mv lein /usr/local/bin/ | ||
| lein version |
There was a problem hiding this comment.
The Leiningen installation steps are duplicated across all three jobs (build, test, and publish). Consider extracting this into a reusable composite action or using a pre-built action from the marketplace to reduce duplication and improve maintainability.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
colinphill-mdsol
left a comment
colinphill-mdsol
left a comment
There was a problem hiding this comment.
Thanks @janitmodi for getting this started. Leaving some more comments for whoever carries this over the finish line.
There was a problem hiding this comment.
All actions should be pinned to a specific commit using ratchet. This is something infosec has requested for all GHA.
| - name: Install system dependencies | ||
| shell: bash | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y gzip |
| install-deps: | ||
| description: 'Whether to install Leiningen dependencies (lein deps and lein pom)' | ||
| required: false | ||
| default: 'false' |
| - name: Install Leiningen | ||
| uses: DeLaGuardo/setup-clojure@13.0 | ||
| with: | ||
| lein: 'latest' |
There was a problem hiding this comment.
Again, action versions should be pinned with ratchet.
No description provided.