feature/EPMRPP-109184

[EricesNicolas]

Added new reusable S3 artifact plugin workflow into build.yml

Summary by CodeRabbit

• Chores
  • Updated CI tooling and workflows to latest versions for more reliable builds.
  • Added manual workflow trigger and improved artifact upload so build outputs are retained and accessible.
  • Non-release builds now use snapshot dependency coordinates to streamline development iteration.

[coderabbitai]

Walkthrough

GitHub Actions Build workflow: adds manual trigger, updates action versions and permissions, adds Gradle --stacktrace, uploads built JAR artifacts, and introduces a conditional post-build upload job. build.gradle switches certain non-release dependency coordinates to develop-SNAPSHOT.

Changes

Cohort / File(s)	Summary
CI workflow — triggers & permissions .github/workflows/build.yml	Adds workflow_dispatch manual trigger; retains push/pull_request triggers (master, develop); adds top-level permissions (id-token: write, contents: read, actions: read) and AWS_REGION: eu-central-1.
CI workflow — actions & build step .github/workflows/build.yml	Bumps actions/checkout v2 → v5 and actions/setup-java v2 → v4 (Java distribution changed to temurin); Gradle build step now includes --stacktrace.
CI workflow — artifacts & upload job .github/workflows/build.yml	Adds step to upload built JARs as artifact build-libs (path: build/libs/*.jar, retention-days: 1). Adds upload job (runs after build on develop or feature/*) that calls a shared artifact workflow with plugin_name, branch_name, run_number and inherits secrets.
Gradle dependency selection build.gradle	In non-release builds (releaseMode == false), replaces specific commit coordinates with develop-SNAPSHOT coordinates for commons-dao, plugin-api, and the plugin-api annotationProcessor; release branch behavior unchanged.

Sequence Diagram(s)

sequenceDiagram
    participant User as Trigger
    participant CI as Build Job
    participant Art as Artifact Store
    participant Upload as Upload Job
    participant Shared as Shared Workflow

    Note over User,CI: Triggers: push/PR/manual (workflow_dispatch)
    User->>CI: start workflow
    CI->>CI: checkout v5 / setup-java v4 (temurin)
    CI->>CI: gradle build --stacktrace
    CI->>Art: upload artifact `build-libs` (build/libs/*.jar, 1d)
    CI-->>Upload: conditional run (develop or feature/*)
    Upload->>Shared: call shared artifact workflow (plugin_name, branch_name, run_number) with inherited secrets
    Shared-->>Upload: complete

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Verify branch pattern matching for the upload job
• Confirm id-token: write usage is correct and minimal
• Check artifact upload paths/retention and shared-workflow input names
• Validate actions/checkout@v5 and actions/setup-java@v4 compatibility with existing steps

Poem

🐰 I hopped into CI with a cheerful squeak,
Manual triggers now open to peek,
JARs packed and sent, kept just a day,
Snapshots for develop bounce and play,
Shared calls hop along the pipeline's streak.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title 'feature/EPMRPP-109184' is a branch name, not a descriptive summary. It lacks meaningful information about the actual changes (workflow updates, dependency modifications).	Replace the title with a descriptive summary of the main changes, such as 'Add S3 artifact upload workflow and update build dependencies' or 'Integrate reusable S3 artifact workflow and update Gradle dependencies'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/EPMRPP-109184

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d3fb271 and b6f6cf1.

📒 Files selected for processing (2)

• .github/workflows/build.yml (3 hunks)
• build.gradle (1 hunks)

🔇 Additional comments (6)

build.gradle (1)

51-53: Verify the groupId change for non-release dependencies.

The non-release dependencies have been updated to use com.github.reportportal instead of com.epam.reportportal with explicit develop-SNAPSHOT versions. While this aligns with the JitPack repository configured on line 32, verify that:

1. This groupId change is intentional and the develop-SNAPSHOT versions are published on JitPack.
2. Using development snapshots in non-release builds will not introduce unexpected instability.

.github/workflows/build.yml (5)

4-4: Manual workflow trigger looks good.

Adding workflow_dispatch allows developers to manually trigger the build workflow from the GitHub UI, which is a useful debugging and testing capability.

---

15-18: Permissions configuration is appropriate.

The permissions follow least-privilege principles: id-token: write enables OIDC token generation (needed for the S3 upload step), contents: read is required for checkout and credentials, and actions: read is needed for workflow operations.

---

26-26: Action version updates and Java distribution change are sound.

Upgrading from checkout@v2 to v5 and setup-java@v2 to v4, along with switching to the temurin distribution (the modern successor to AdoptOpenJDK), align with current best practices and ensure access to the latest security fixes.

Also applies to: 29-29, 31-31

---

45-45: Build step and artifact upload are well-configured.

The --stacktrace flag provides better debugging output for build failures. The artifact upload step correctly captures built JARs with a 1-day retention window, which is appropriate for temporary workflow artifacts that feed into the downstream upload job.

Also applies to: 47-52

---

54-56: Upload job configuration is sound.

The conditional execution (develop or feature/* branches) appropriately gates artifact uploads. The inputs correctly reference repository and ref information, and inheriting secrets enables the downstream reusable workflow to authenticate with S3.

Also applies to: 59-62

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 41cc06e and d3fb271.

📒 Files selected for processing (1)

• .github/workflows/build.yml (3 hunks)

🔇 Additional comments (4)

.github/workflows/build.yml (4)

15-22: Permissions and environment configuration look good.

The workflow_dispatch trigger, permissions setup, and AWS_REGION environment variable are appropriate for the intended S3 artifact upload workflow. The permissions properly delegate OIDC token access and scope read/write actions conservatively.

---

33-33: Verify whether older action versions are intentional.

The actions/checkout was updated to v5, but actions/setup-java and oleksiyrudenko/gha-git-credentials remain on v2. Verify whether this is intentional or if these actions should also be updated for compatibility and security.

Also applies to: 42-42

---

48-56: Build and artifact upload steps are well configured.

The --stacktrace flag improves debugging visibility, and the artifact upload with 1-day retention is appropriate for temporary build outputs. The path pattern and version pinning look correct.

---

59-61: Upload job structure and parameters are correct.

The branch condition (develop or feature/*), job dependency, and parameter passing are all appropriate. Once the workflow path is corrected, this should work as intended.

Also applies to: 63-67

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Fix the reusable workflow path—it contains a duplicate .github directory.

The workflow path has reportportal/.github/.github/workflows/... which appears to be a typo. Standard GitHub repository structure has workflows at .github/workflows/, not .github/.github/workflows/. This path error will cause the job to fail at runtime.

Apply this diff to correct the path:

-    uses: reportportal/.github/.github/workflows/upload-plugin-artifact.yaml@main
+    uses: reportportal/.github/workflows/upload-plugin-artifact.yaml@main

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	uses: reportportal/.github/.github/workflows/upload-plugin-artifact.yaml@main
	uses: reportportal/.github/workflows/upload-plugin-artifact.yaml@main

🤖 Prompt for AI Agents

.github/workflows/build.yml around line 62: the reusable workflow path contains
a duplicated “.github” segment; update the uses line to point to
reportportal/.github/workflows/upload-plugin-artifact.yaml@main (remove the
extra “.github”) and verify the target repository and path exist (and update any
other occurrences of the duplicated path in this file).