Update the way we fetch the Neo version #2047
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ "dev" ] | |
pull_request: | |
branches: [ "dev" ] | |
env: | |
CODEARTIFACT_DOWNLOAD_URL: ${{ secrets.CODEARTIFACT_DOWNLOAD_URL }} | |
CODEARTIFACT_USERNAME: ${{ secrets.CODEARTIFACT_USERNAME }} | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
jobs: | |
compile: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Configure AWS CLI | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-1 | |
- name: Configure CodeArtifact Authentication Token | |
run: | | |
CODEARTIFACT_TOKEN=`aws codeartifact get-authorization-token --domain build-service-live --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --query authorizationToken --output text` | |
echo "::add-mask::$CODEARTIFACT_TOKEN" | |
echo "CODEARTIFACT_TOKEN=$CODEARTIFACT_TOKEN" >> "$GITHUB_ENV" | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-jdk | |
- uses: ./.github/actions/setup-gradle-cache | |
- name: Determine latest neo4j CI version | |
run: | | |
neo4j_version_base=$(grep -e ".*neo4jVersionOverride.* : .*" build.gradle | cut -d ':' -f 2 | tr -d \'\" | tr -d ' ') | |
echo "neo4j_version_base=$neo4j_version_base" | |
NEO4J_VERSION_CI=`aws codeartifact list-package-versions --domain build-service-live --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --repository ci-live --format maven --namespace org.neo4j --package neo4j --sort-by PUBLISHED_TIME --max-items 1 --query "versions[?starts_with(version,'$neo4j_version_base')] | [0].version" --output text | head -n 1` | |
echo "NEO4J_VERSION_CI=$NEO4J_VERSION_CI" >> "$GITHUB_ENV" | |
echo "Found NEO4j_VERSION_CI=$NEO4J_VERSION_CI" | |
- name: Compile | |
run: ./gradlew --info -Pneo4jVersionOverride=$NEO4J_VERSION_CI compileJava | |
snyk-test: | |
runs-on: ubuntu-latest | |
needs: compile | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-jdk | |
- uses: ./.github/actions/setup-snyk | |
- name: Snyk test dependencies | |
run: snyk test --all-projects --severity-threshold=medium --fail-on=all | |
snyk-monitor: | |
runs-on: ubuntu-latest | |
if: github.event_name != 'pull_request' | |
needs: compile | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-jdk | |
- uses: ./.github/actions/setup-snyk | |
- name: Snyk monitor dependencies | |
run: snyk monitor --all-projects --target-reference=${GITHUB_REF} | |
code-ql: | |
runs-on: ubuntu-latest | |
needs: compile | |
# required by CodeQL | |
permissions: | |
security-events: write | |
actions: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-jdk | |
- uses: ./.github/actions/setup-gradle-cache | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: java | |
- name: Configure AWS CLI | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-1 | |
- name: Configure CodeArtifact Authentication Token | |
run: | | |
CODEARTIFACT_TOKEN=`aws codeartifact get-authorization-token --domain build-service-live --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --query authorizationToken --output text` | |
echo "::add-mask::$CODEARTIFACT_TOKEN" | |
echo "CODEARTIFACT_TOKEN=$CODEARTIFACT_TOKEN" >> "$GITHUB_ENV" | |
- name: Determine latest neo4j CI version | |
run: | | |
neo4j_version_base=$(grep -e ".*neo4jVersionOverride.* : .*" build.gradle | cut -d ':' -f 2 | tr -d \'\" | tr -d ' ') | |
echo "neo4j_version_base=$neo4j_version_base" | |
NEO4J_VERSION_CI=`aws --no-cli-pager codeartifact list-package-versions --domain build-service-live --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} --repository ci-live --format maven --namespace org.neo4j --package neo4j --sort-by PUBLISHED_TIME --status Published --query "versions[?starts_with(version, '$neo4j_version_base')].version | [0]" --output json | sed 's/"//g'` | |
echo "NEO4J_VERSION_CI=$NEO4J_VERSION_CI" >> "$GITHUB_ENV" | |
echo "Found NEO4j_VERSION_CI=$NEO4J_VERSION_CI" | |
- name: Compile | |
run: ./gradlew --info -Pneo4jVersionOverride=$NEO4J_VERSION_CI compileJava compileTestJava | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 |