Skip to content

build(deps): bump github/codeql-action from 3.28.3 to 3.28.4 (#1027) #3717

build(deps): bump github/codeql-action from 3.28.3 to 3.28.4 (#1027)

build(deps): bump github/codeql-action from 3.28.3 to 3.28.4 (#1027) #3717

Workflow file for this run

name: Build
on:
push:
branches: main
pull_request:
branches: main
schedule:
- cron: '0 16 * * *'
workflow_dispatch:
permissions:
contents: read
jobs:
build:
if: ${{ github.repository_owner == 'ihub-pub' }}
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up JDK 17
uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: Build with Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
arguments: build -x test --scan
project-matrix:
if: ${{ github.repository_owner == 'ihub-pub' }}
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.name.outputs.test }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- id: name
name: Project Name Matrix
run: |
projects=()
for file in ./*
do
if [[ $file =~ "ihub-" ]]
then
projects[${#projects[@]}]=$(basename $file)
fi
done
p=$(IFS=,; echo "${projects[*]}")
p=${p//,/\",\"}
echo "test=[\"$p\"]" >> $GITHUB_OUTPUT
matrix-test:
runs-on: ubuntu-latest
needs: project-matrix
strategy:
matrix:
project_name: ${{ fromJson(needs.project-matrix.outputs.matrix) }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
if: ${{ matrix.project_name != 'ihub-plugins' }}
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Checkout ref main
if: ${{ matrix.project_name == 'ihub-plugins' }}
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: main
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: Testspace Setup CLI
uses: testspace-com/setup-testspace@8472399a8030486c043937b8451b5e743f961ae0 # v1.0.7
with:
domain: ${{ github.repository_owner }}
- name: Chmod
run: chmod +x ./gradlew
- name: Build with Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
arguments: ${{ matrix.project_name }}:test -DiHubTest.failFast=true
- name: Upload Coverage Reports
if: ${{ github.repository_owner == 'ihub-pub' }}
uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5.2.0
- name: Publish Results to Testspace
run: testspace */build/test-results/test/*.xml */build/reports/*/test/*.xml
- name: Upload Test Result
if: ${{ failure() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: ${{ matrix.project_name }}-test
path: |
*/build/reports/tests
retention-days: 1
check:
runs-on: ubuntu-latest
needs: [ build, matrix-test ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
with:
disable-sudo: true
egress-policy: audit
- name: Check Status
run: echo "Check Status"