[github](deps): Bump org.junit.jupiter:junit-jupiter-api from 5.11.1 to 5.11.2 #456
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "🏗️ CI" | |
on: | |
push: | |
branches: | |
- main | |
- development | |
- '!feature/**' | |
paths: | |
- '**' | |
- '!.github/**/*.yml' | |
tags: | |
- '*' | |
pull_request: | |
branches: | |
- main | |
- development | |
- 'feature/**' | |
permissions: | |
contents: read | |
packages: write | |
pull-requests: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
name: "🛠️ build" | |
steps: | |
- uses: actions/checkout@v3 | |
name: Checkout project | |
with: | |
fetch-depth: 0 #spotless fix | |
- name: debug | |
shell: bash | |
env: | |
JSON: ${{ toJSON(github) }} | |
run: echo $JSON | |
- name: install_shared_actions | |
uses: ./.github/actions/install_shared_actions | |
with: | |
token: ${{secrets.EFA_CICD_REPO_ACCESS_TOKEN}} | |
tag: v2.5.3 | |
- name: ensure branch strategy compliance | |
id: check_branch_strategy | |
uses: ./.github/actions/shared/check_branch_name | |
- name: project setup | |
uses: ./.github/actions/shared/setup_jdk_17 | |
- name: build without tests | |
uses: gradle/[email protected] | |
with: | |
arguments: build -x test | |
- name: scan dependencies for vulnerabilities | |
if: ${{ vars.TRIVY_ROOTFS_SCAN_ENABLED == 'true' }} | |
uses: docker://docker.io/aquasec/trivy | |
with: | |
args: rootfs --skip-dirs=.sonar --ignore-unfixed --severity "HIGH,CRITICAL" --scanners "vuln" --exit-code 1 --debug . | |
test: | |
needs: [build] | |
runs-on: ubuntu-latest | |
name: "📝 run tests" | |
steps: | |
- uses: actions/checkout@v3 | |
name: Checkout project | |
- name: install_shared_actions | |
uses: ./.github/actions/install_shared_actions | |
with: | |
token: ${{secrets.EFA_CICD_REPO_ACCESS_TOKEN}} | |
tag: v2.5.3 | |
- name: project setup | |
uses: ./.github/actions/shared/setup_jdk_17 | |
- name: run unit tests | |
id: run_tests | |
uses: gradle/[email protected] | |
with: | |
arguments: test --info -Pgpr.key=${{ inputs.xray-ghp-token }} | |
- name: publish test report | |
uses: mikepenz/[email protected] | |
if: always() # always run even if the previous step fails | |
with: | |
report_paths: '**/build/test-results/test/TEST-*.xml' | |
annotate_only: true | |
- name: check sonarcloud.io | |
id: sonarcloud_probe | |
shell: bash +e {0} | |
run: | | |
curl -kv https://sonarcloud.io | |
echo "exit=$?" >> $GITHUB_OUTPUT | |
exit 0 | |
- name: run sonar scan | |
if: ${{ github.actor != 'dependabot[bot]' && vars.SONAR_SCAN_ENABLED == 'true' && steps.sonarcloud_probe.outputs.exit == '0' }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: https://sonarcloud.io | |
uses: gradle/[email protected] | |
with: | |
arguments: sonarqube --info | |
publish: | |
if: ${{ github.actor != 'dependabot[bot]' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/development') }} | |
needs: [test] | |
runs-on: ubuntu-latest | |
name: "🚀 publish" | |
steps: | |
- uses: actions/checkout@v3 | |
name: checkout project | |
- name: install_shared_actions | |
uses: ./.github/actions/install_shared_actions | |
with: | |
token: ${{secrets.EFA_CICD_REPO_ACCESS_TOKEN}} | |
tag: v2.5.3 | |
- name: project setup | |
uses: ./.github/actions/shared/setup_jdk_17 | |
- name: publish package | |
uses: gradle/[email protected] | |
with: | |
arguments: publish | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |