name: CI - Build & Test (develop) on: pull_request: branches: - develop jobs: build-and-test: runs-on: self-hosted steps: # 1) Vérifier Node.js (aucune installation automatique en CI natif) - name: Verify Node.js shell: sh run: | if command -v node >/dev/null 2>&1; then echo "Node.js version:" node -v else echo "❌ Node.js is not installed on the runner" exit 1 fi # 2) Vérifier Java & Maven (préinstallés sur le VPS) - name: Verify Java & Maven shell: sh run: | if ! command -v java >/dev/null 2>&1; then echo "❌ Java is not installed on the runner" exit 1 fi if ! command -v mvn >/dev/null 2>&1; then echo "❌ Maven is not installed on the runner" exit 1 fi echo "Java version:" java -version echo "Maven version:" mvn -version # 3) Détecter JAVA_HOME dynamiquement - name: Detect JAVA_HOME dynamically shell: sh run: | JAVA_BIN=$(readlink -f "$(command -v java)") JAVA_HOME=$(dirname "$(dirname "$JAVA_BIN")") echo "Detected JAVA_HOME=$JAVA_HOME" echo "JAVA_HOME=$JAVA_HOME" >> "$GITHUB_ENV" # 4) Checkout du dépôt - name: Checkout repository uses: actions/checkout@v4 # 5) Création des secrets runtime (CI uniquement) - name: Create runtime secrets shell: sh run: | mkdir -p secrets echo "${{ secrets.DEFAULT_USER_NAME }}" > secrets/defaultUserName.txt echo "${{ secrets.DEFAULT_USER_PASSWORD }}" > secrets/defaultUserPassword.txt echo "${{ secrets.POSTGRES_PASSWORD_FISCAD }}" > secrets/postgresPassword.txt chmod 600 secrets/* # 6) Build & tests Maven - name: Build & Test with Maven shell: sh run: | mvn -B clean verify # 7) Nettoyage des secrets (sécurité) - name: Cleanup secrets if: always() shell: sh run: | rm -rf secrets