Skip to content

build: Remove the animal-sniffer, propagate java version to plugin-ar… #1417

build: Remove the animal-sniffer, propagate java version to plugin-ar…

build: Remove the animal-sniffer, propagate java version to plugin-ar… #1417

Workflow file for this run

name: Build and Deploy Snapshot
on:
push:
branches:
- main
paths-ignore:
- '**/*.md'
- '**/*.txt'
permissions: {}
jobs:
build:
permissions:
contents: read # to fetch code (actions/checkout)
name: Build dependency-check
runs-on: ubuntu-latest
steps:
- name: Install gpg secret key
id: install-gpg-key
run: |
cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
gpg --list-secret-keys --keyid-format LONG
- uses: actions/checkout@v4
- name: Check Maven Cache
id: maven-cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Check Local Maven Cache
id: maven-it-cache
uses: actions/cache@v4
with:
path: maven/target/local-repo
key: mvn-it-repo
- name: Check ODC Data Cache
id: odc-data-cache
uses: actions/cache@v4
with:
path: core/target/data
key: odc-data
- uses: actions/[email protected]
with:
dotnet-version: '8.0.x'
- name: Set up JDK 11
id: jdk-11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'zulu'
server-id: ossrh
server-username: ${{ secrets.OSSRH_USERNAME }}
server-password: ${{ secrets.OSSRH_TOKEN }}
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: 6.0.2
- name: Build Snapshot with Maven
id: build-snapshot
env:
MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: mvn -V -s settings.xml -Prelease clean package verify source:jar javadoc:jar gpg:sign deploy -DreleaseTesting --no-transfer-progress --batch-mode -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
- name: SARIF Multitool
uses: microsoft/[email protected]
with:
# Command to be sent to SARIF Multitool
command: 'validate core/target/test-reports/Report.sarif'
- name: Archive IT test logs
id: archive-logs
if: always()
uses: actions/upload-artifact@v4
with:
name: it-test-logs
retention-days: 7
path: maven/target/it/**/build.log
- name: Archive code coverage results
id: archive-coverage
uses: actions/upload-artifact@v4
with:
name: code-coverage-report
retention-days: 7
path: |
**/target/jacoco-results/jacoco.xml
**/target/jacoco-results/**/*.html
- name: Archive Snapshot
id: archive-snapshot
uses: actions/upload-artifact@v4
with:
name: archive-snapshot
retention-days: 7
path: |
**/target/*.asc
**/target/*.jar
**/target/*.pom
ant/target/*.zip
cli/target/*.zip
publish_coverage:
name: publish code coverage reports
runs-on: ubuntu-latest
needs: build
steps:
- name: Download coverage reports
uses: actions/download-artifact@v4
with:
name: code-coverage-report
- name: Run codacy-coverage-reporter
uses: codacy/codacy-coverage-reporter-action@master
with:
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
coverage-reports: utils/target/jacoco-results/jacoco.xml,core/target/jacoco-results/jacoco.xml,maven/target/jacoco-results/jacoco.xml,ant/target/jacoco-results/jacoco.xml,cli/target/jacoco-results/jacoco.xml
docker:
permissions:
contents: read # to fetch code (actions/checkout)
name: Build and Test Docker
runs-on: ubuntu-latest
needs: build
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Check Maven Cache
id: maven-cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Download release build
uses: actions/download-artifact@v4
with:
name: archive-snapshot
- name: Build Docker Image
run: ./build-docker.sh
- name: build scan target
run: mvn -V -s settings.xml package -DskipTests=true --no-transfer-progress --batch-mode
- name: Test Docker Image
run: ./test-docker.sh