growthcraft-build.yml

name: Growthcraft Build

on: [push]

jobs:
  build:
    name: Build Growthcraft
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 11

      - name: Setup Gradle
        run: chmod +x gradlew

      - name: Cache SonarCloud packages
        uses: actions/cache@v1
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar

      - name: Cache Gradle packages
        uses: actions/cache@v1
        with:
          path: ~/.gradle/caches
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
          restore-keys: ${{ runner.os }}-gradle

      - name: Build with Gradle
        run: ./gradlew build

      - name: Setup sonarqube
        uses: warchant/setup-sonar-scanner@v3

      - name: Run sonarqube
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: sonar-scanner
          -Dsonar.login=${{ secrets.SONAR_TOKEN }}
          -Dsonar.organization=growthcraftce
          -Dsonar.host.url=https://sonarcloud.io/
          -Dsonar.projectKey=GrowthcraftCE_Growthcraft-1.16
          -Dsonar.java.binaries=./build/classes

  snyk:
    runs-on: ubuntu-latest
    needs: [ build ]
    steps:
      - uses: actions/checkout@master
      - name: Run Snyk to check configuration files for security issues
        uses: snyk/actions/gradle-jdk11@master
        continue-on-error: true
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          args: --sarif-file-output=snyk.sarif

      - name: Upload result to GitHub Code Scanning
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: snyk.sarif