-
Notifications
You must be signed in to change notification settings - Fork 0
59 lines (50 loc) · 1.51 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
name: Continuous Integration
on:
workflow_dispatch:
pull_request:
branches:
- main
types:
- opened
- edited
- synchronize
paths:
- 'src/**'
- '**gradle**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
scan-sonar:
runs-on: ubuntu-22.04
environment: ci
steps:
- name: "Checkout the source code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
with:
fetch-depth: 0
- name: "Set up JDK 21"
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: 21
distribution: temurin
- name: "Cache Gradle packages"
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
- name: "Cache SonarCloud packages"
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: "Build and analyze"
run: ./gradlew build jacocoTestReport sonar --info
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
scan-cve:
uses: ./.github/workflows/scan-cve.yml
secrets: inherit