chore :: oauth2 resource server 의존성 추가 #8

Workflow file for this run

.github/workflows/member-commit.yml at c629c90

	name: Commit Stage
	on:
	pull_request:
	branches: [ develop, release, main ]
	paths:
	- 'careerwry-member/**'
	push:
	branches: [ develop ]
	paths:
	- 'careerwry-member/**'


	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: cgk95/careerwry-member
	VERSION: latest

	jobs:
	build:
	name: Build and Test
	runs-on: ubuntu-22.04
	permissions:
	contents: read
	security-events: write
	steps:
	- name: Checkout source code
	uses: actions/checkout@v4
	- name: Set up JDK
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: gradle
	- name: Build, unit tests and integration tests
	run: \|
	cd careerwry-member
	chmod +x gradlew
	./gradlew build
	- name: Code vulnerability scanning
	uses: anchore/scan-action@v3
	id: scan
	with:
	path: "${{ github.workspace }}"
	fail-build: false
	severity-cutoff: high
	- name: Upload vulnerability report
	uses: github/codeql-action/upload-sarif@v3
	if: success() \|\| failure()
	with:
	sarif_file: ${{ steps.scan.outputs.sarif }}
	# - name: Validate Kubernetes manifests
	# uses: stefanprodan/kube-tools@v1
	# with:
	# kubectl: 1.28.3
	# kubeval: 0.16.1
	# # Different schema required because of https://github.com/instrumenta/kubeval/issues/301
	# command: \|
	# kubeval --strict --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master -d k8s
	package:
	name: Package and Publish
	if: ${{ github.ref == 'refs/heads/develop' }}
	needs: [ build ]
	runs-on: ubuntu-22.04
	permissions:
	contents: read
	packages: write
	security-events: write
	steps:
	- name: Checkout source code
	uses: actions/checkout@v4
	- name: Set up JDK
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17
	cache: gradle
	- name: Build container image
	run: \|
	cd careerwry-member
	chmod +x gradlew
	./gradlew bootBuildImage \
	--imageName ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
	- name: OCI image vulnerability scanning
	uses: anchore/scan-action@v3
	id: scan
	with:
	image: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}"
	fail-build: false
	severity-cutoff: high
	- name: Upload vulnerability report
	uses: github/codeql-action/upload-sarif@v2
	if: success() \|\| failure()
	with:
	sarif_file: ${{ steps.scan.outputs.sarif }}
	- name: Log into container registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Publish container image
	run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore :: oauth2 resource server 의존성 추가 #8

Workflow file

chore :: oauth2 resource server 의존성 추가 #8

Jobs

Run details

Workflow file for this run