build(deps): bump org.owasp:dependency-check-maven from 11.1.0 to 11.… #202
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI build and publish | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 0 * * 1' # every Monday at midnight | |
push: | |
branches: | |
- main | |
- v[0-9]+ | |
- v[0-9]+.[0-9]+ | |
- cryostat-v[0-9]+.[0-9]+ | |
env: | |
CI_USER: cryostat+bot | |
CI_REGISTRY: quay.io/cryostat | |
CI_IMG: quay.io/cryostat/jfr-datasource | |
jobs: | |
get-pom-properties: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- id: query-pom | |
name: Get properties from POM | |
# Query POM for image version and save as output parameter | |
run: | | |
IMAGE_NAME="$(mvn validate help:evaluate -Dexpression=project.artifactId -q -DforceStdout)" | |
echo "::set-output name=image-name::$IMAGE_NAME" | |
IMAGE_VERSION="$(mvn validate help:evaluate -Dexpression=imageVersionLower -q -DforceStdout)" | |
echo "::set-output name=image-version::$IMAGE_VERSION" | |
outputs: | |
image-name: ${{ steps.query-pom.outputs.image-name }} | |
image-version: ${{ steps.query-pom.outputs.image-version }} | |
build: | |
runs-on: ubuntu-latest | |
needs: [get-pom-properties] | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-java@v3 | |
with: | |
java-version: '21' | |
distribution: 'temurin' | |
cache: 'maven' | |
- name: Build application | |
run: mvn -B -U clean verify | |
- name: Build container images and manifest | |
id: buildah-build | |
uses: redhat-actions/buildah-build@v2 | |
env: | |
IMAGE_VERSION: ${{ needs.get-pom-properties.outputs.image-version }} | |
with: | |
image: ${{ env.CI_IMG }} | |
archs: amd64, arm64 | |
tags: ${{ env.IMAGE_VERSION }} ${{ github.ref == 'refs/heads/main' && 'latest' || '' }} | |
containerfiles: | | |
./src/main/docker/Dockerfile.jvm | |
if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} | |
- name: Push to quay.io | |
id: push-to-quay | |
uses: redhat-actions/push-to-registry@v2 | |
with: | |
image: ${{ needs.get-pom-properties.outputs.image-name }} | |
tags: ${{ steps.buildah-build.outputs.tags }} | |
registry: ${{ env.CI_REGISTRY }} | |
username: ${{ env.CI_USER }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} | |
- name: Print image URL | |
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" | |
if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} |