name: CI - Build & Test (develop) on: pull_request: branches: - develop jobs: build-and-test: runs-on: self-hosted steps: # 1) Node.js - name: Ensure Node.js is installed shell: sh run: | if command -v node >/dev/null 2>&1; then echo "Node.js already installed: $(node -v)" else apk update && apk add --no-cache nodejs echo "Node.js installed: $(node -v)" fi # 2) Java & Maven - name: Ensure Java & Maven are installed shell: sh run: | if ! command -v java >/dev/null 2>&1; then apk update && apk add --no-cache openjdk17-jdk fi java -version if ! command -v mvn >/dev/null 2>&1; then apk update && apk add --no-cache maven fi mvn -version # 3) JAVA_HOME - name: Detect JAVA_HOME dynamically shell: sh run: | JAVA_BIN=$(readlink -f "$(command -v java)") JAVA_HOME=$(dirname "$(dirname "$JAVA_BIN")") echo "JAVA_HOME=$JAVA_HOME" >> "$GITHUB_ENV" # 4) Checkout - name: Checkout repository uses: actions/checkout@v4 # 5) Secrets runtime (CI) - name: Create runtime secrets shell: sh run: | mkdir -p secrets echo "${{ secrets.DEFAULT_USER_NAME }}" > secrets/defaultUserName.txt echo "${{ secrets.DEFAULT_USER_PASSWORD }}" > secrets/defaultUserPassword.txt echo "${{ secrets.POSTGRES_PASSWORD_FISCAD }}" > secrets/postgresPassword.txt chmod 600 secrets/* # 6) Vérification outils - name: Show Java & Maven versions shell: sh run: | echo "JAVA_HOME=$JAVA_HOME" java -version mvn -version # 7) Build & tests - name: Build with Maven shell: sh run: mvn -B clean verify # 8) Nettoyage - name: Cleanup secrets if: always() shell: sh run: rm -rf secrets