Bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.2 #4423
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Solid Java Client CI | |
on: | |
# Build pull requests for any branch | |
pull_request: { } | |
jobs: | |
build: | |
name: Java environment | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
java: [ 11, 17, 21 ] | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK ${{ matrix.java }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
cache: 'maven' | |
- name: Build the code with Maven | |
run: mvn -B -ntp install -Pci -pl -integration/uma,-integration/openid,-performance/uma | |
- name: Prod Integration tests | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
run: mvn -B -ntp verify -Pci -pl integration/uma,integration/openid | |
env: | |
INRUPT_TEST_WEBID: ${{ secrets.INRUPT_PROD_WEBID }} | |
INRUPT_TEST_ACCESS_GRANT_PROVIDER: ${{ secrets.INRUPT_PROD_ACCESS_GRANT_PROVIDER }} | |
INRUPT_TEST_CLIENT_ID: ${{ secrets.INRUPT_PROD_CLIENT_ID }} | |
INRUPT_TEST_CLIENT_SECRET: ${{ secrets.INRUPT_PROD_CLIENT_SECRET }} | |
INRUPT_TEST_REQUESTER_WEBID: ${{ secrets.INRUPT_PROD_REQUESTER_WEBID }} | |
INRUPT_TEST_REQUESTER_CLIENT_ID: ${{ secrets.INRUPT_PROD_REQUESTER_CLIENT_ID }} | |
INRUPT_TEST_REQUESTER_CLIENT_SECRET: ${{ secrets.INRUPT_PROD_REQUESTER_CLIENT_SECRET }} | |
INRUPT_TEST_REQUEST_METADATA_FEATURE: false | |
INRUPT_TEST_REQUEST_METADATA_HEADERS_THAT_PROPAGATE: ${{ secrets.INRUPT_PROD_HEADERS_THAT_PROPAGATE }} | |
INRUPT_TEST_ERROR_DESCRIPTION_FEATURE: false | |
- name: Dev Integration tests | |
if: ${{ github.actor != 'dependabot[bot]' && matrix.java == 11 }} | |
continue-on-error: true | |
run: mvn -B -ntp verify -Pci -pl integration/uma,integration/openid | |
env: | |
INRUPT_TEST_WEBID: ${{ secrets.INRUPT_DEV_WEBID }} | |
INRUPT_TEST_ACCESS_GRANT_PROVIDER: ${{ secrets.INRUPT_DEV_ACCESS_GRANT_PROVIDER }} | |
INRUPT_TEST_CLIENT_ID: ${{ secrets.INRUPT_DEV_CLIENT_ID }} | |
INRUPT_TEST_CLIENT_SECRET: ${{ secrets.INRUPT_DEV_CLIENT_SECRET }} | |
INRUPT_TEST_REQUESTER_WEBID: ${{ secrets.INRUPT_DEV_REQUESTER_WEBID }} | |
INRUPT_TEST_REQUESTER_CLIENT_ID: ${{ secrets.INRUPT_DEV_REQUESTER_CLIENT_ID }} | |
INRUPT_TEST_REQUESTER_CLIENT_SECRET: ${{ secrets.INRUPT_DEV_REQUESTER_CLIENT_SECRET }} | |
INRUPT_TEST_REQUEST_METADATA_FEATURE: true | |
INRUPT_TEST_REQUEST_METADATA_HEADERS_THAT_PROPAGATE: ${{ secrets.INRUPT_DEV_HEADERS_THAT_PROPAGATE }} | |
INRUPT_TEST_ERROR_DESCRIPTION_FEATURE: true | |
performance: | |
name: Performance Tests | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
java: [ 17 ] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK ${{ matrix.java }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
cache: 'maven' | |
- name: Localhost performance tests | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
run: mvn -B -ntp verify -Pci -pl performance/uma -am | |
documentation: | |
name: Documentation Check | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
java: [ 17 ] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK ${{ matrix.java }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
cache: 'maven' | |
- name: Build the code with Maven | |
run: mvn -B -ntp verify -Pwebsite javadoc:javadoc | |
dependencies: | |
name: Dependency Check | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
java: [ 17 ] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK ${{ matrix.java }} | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
cache: 'maven' | |
- name: Generate Cache Name | |
shell: bash | |
run: echo "CACHE_NAME=$(date '+%y.%j')" >> $GITHUB_ENV | |
- name: Restore NVD data cache | |
uses: actions/cache@v4 | |
with: | |
key: nvd-data-${{ env.CACHE_NAME }} | |
restore-keys: nvd-data- | |
path: ./data/cache | |
- name: Verify dependencies | |
run: mvn -B -ntp verify -Pdependencies -Dnvd.api.datafeed="file:${GITHUB_WORKSPACE}/data/cache/nvdcve-{0}.json.gz" | |
sonar: | |
name: Sonar Scan | |
runs-on: ubuntu-latest | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: 17 | |
cache: 'maven' | |
- name: Build the code with Maven | |
run: mvn -B -ntp install -Pci | |
- name: Sonar Analysis | |
run: mvn sonar:sonar -Dsonar.login=${{ secrets.SONARQUBE_TOKEN }} | |