Skip to content

[*] licenses

[*] licenses #111

Workflow file for this run

name: Build CI
on:
workflow_dispatch:
push:
branches: [main*]
pull_request:
types: [opened, synchronize]
branches: [main*]
env:
GRADLE_OPTS: "-Dorg.gradle.daemon=false"
jobs:
build:
name: Build Java ${{ matrix.java }} (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
java: [ '11' ]
os: [ 'ubuntu-20.04']
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
lfs: true
- name: Cache gradle dependencies
uses: actions/cache@v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-caches-${{ hashFiles('**/*.gradle') }}
restore-keys: |
${{ runner.os }}-gradle-caches-
- name: Cache gradle wrapper
uses: actions/cache@v2
with:
path: ~/.gradle/wrapper
key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles('**/gradle/wrapper/gradle-wrapper.properties') }}
- name: Setup java
uses: actions/setup-java@v1
with:
java-version: ${{ matrix.java }}
- name: Build with gradle
run: ./gradlew build checkLicense
- name: Build docker
run: ./gradlew :java:timebase-ws-server:dockerBuildImageAll
env:
DOCKER_REGISTRY_URL: ${{ secrets.DOCKER_REGISTRY_URL }}
DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_HUB_USER }}
DOCKER_REGISTRY_PASSWORD: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Reading docker image version
run: |
versionSnapshot=`grep 'version=' gradle.properties | sed 's/version=\([^-]*\)/\1/'`
echo "version_snapshot=$versionSnapshot" >> $GITHUB_ENV
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'epam/timebase-ws-server:${{ env.version_snapshot }}'
format: 'table'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH,MEDIUM'
- name: Upload test results
if: ${{ failure() }}
uses: actions/upload-artifact@v4
with:
path: build/reports/junit
name: Test Report