Build Automation

[jonbartels]

I want to get community input (and help!) for build automation.

I think OIE needs build automation that handles:

• code signing - on demand for releases. What about on merges to master? see #11 Add GHA build workflow #12
• building install packages - on demand for releases. What about on merges to master?
• automated unit test execution - on every push
• stubs or a plan for automated integration test execution ( I am deferring this because the setup and management of integration tests is a separate block of work )

These automations must use GitHub secrets appropriately to protect our signing key, install4j licenses, etc.

When should these automations run? On demand? On merge to master?

Can these automations be set to run common tests on each commit, then run a release process on demand?

They should not run on every build. We cannot burn the build minutes and we should not sign builds which are not approved and merged to master.

Should these automations run via ant/gradle so that any user can sign builds using their own signing key and install4j license? the alternative is that OIE does builds in our pipelines only. The process would be public either way but the secrets would not be