Skip to content

Update github/codeql-action action to v3.28.5 {patch} (#587) #917

Update github/codeql-action action to v3.28.5 {patch} (#587)

Update github/codeql-action action to v3.28.5 {patch} (#587) #917

Workflow file for this run

# This workflow will build a Java project with Gradle
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
name: JavaCI-PR
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
paths-ignore:
- 'README.md'
- '**/README.md'
- 'CODE_OF_CONDUCT.md'
- 'CONTRIBUTING.md'
- 'pull_request_template.md'
- 'SECURITY.md'
- 'LICENSE'
- '.github/ISSUE_TEMPLATE/**'
- '.github/assets/**'
- '.github/workflows/**'
- '!.github/workflows/gradle-ci.yml'
- '.github/pr-labeler.yml'
- 'renovate.json'
- '.whitesource'
- 'config/ossindex/exclusions.txt'
permissions: read-all
jobs:
build:
runs-on: ubuntu-latest
steps:
# Set up build environment
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
with:
distribution: temurin
java-version: 17
- name: Decode key
run: |
mkdir -p ${{ runner.temp }}/.gnupg/
echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}" | base64 --decode > ${{ runner.temp }}/.gnupg/secring.gpg
- name: Set up Gradle
uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
- name: Build with Gradle
run: >
./gradlew printVersion build sign
-Psigning.keyId=${{ secrets.SIGNING_KEY_ID }}
-Psigning.password=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
-Psigning.secretKeyRingFile=${{ runner.temp }}/.gnupg/secring.gpg
- name: Clean-up GPG key
if: always()
run: |
rm -rf ${{ runner.temp }}/.gnupg/
- name: Upload Test reports
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: test-report-cache-only
path: build/reports/tests/test
retention-days: 5
- name: Upload coverage to Codecov
uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5.3.1
with:
token: ${{ secrets.CODECOV_TOKEN }}
file: ./build/reports/jacoco/report.xml
fail_ci_if_error: false