Skip to content
ci

chore(deps): bump org.flywaydb:flyway-core from 10.18.0 to 10.21.0 #589

Sign in to view logs

chore(deps): bump org.flywaydb:flyway-core from 10.18.0 to 10.21.0

chore(deps): bump org.flywaydb:flyway-core from 10.18.0 to 10.21.0 #589

Workflow file for this run

.github/workflows/ci.yml at ab02285
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: ci
on:
push:
branches: [main]
# Publish semver tags as releases.
tags: ["v*.*.*"]
release:
types: [published]
pull_request:
types: [opened, synchronize, reopened]
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
maven-verify:
name: BuildAndTest
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: cache node modules
uses: actions/cache@v4
env:
cache-name: cache-node-modules
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Use Node.js 20.x
uses: actions/setup-node@v4
with:
node-version: 20.x
- name: install dependencies and build admin panel
run: |
cd cookpal-admin-frontend
npm ci
npm run build
cd ..
- name: Set up JDK 19
uses: actions/setup-java@v2
with:
java-version: "19"
distribution: "adopt"
cache: maven
- name: Setup tools
run: sudo apt update && sudo apt install xmlstarlet
- name: update version
run: |
REF_TYPE="${{github.ref_type}}"
if [[ "$REF_TYPE" == "tag" ]]; then
TAG=${{ github.ref_name }}
TAG=${TAG#v}
echo $TAG
xmlstarlet edit -L -N w=http://maven.apache.org/POM/4.0.0 --update "//w:project/w:version" --value "${TAG}" pom.xml
fi
- name: maven-verify
run: mvn verify --file pom.xml
- uses: actions/upload-artifact@master
with:
name: java-build
path: target/
sonarcloud:
name: SonarCloud
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 19
uses: actions/setup-java@v2
with:
java-version: "19"
distribution: "adopt"
cache: maven
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=steve192_opencookbook-apiserver
docker:
name: BuildDocker
needs: maven-verify
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v2
- uses: actions/download-artifact@master
with:
name: java-build
path: target/
# Install the cosign tool except on PR
# https://github.com/sigstore/cosign-installer
#- name: Install cosign
# if: github.event_name != 'pull_request' && github.ref_protected == true
# uses: sigstore/cosign-installer@1e95c1de343b5b0c23352d6417ee3e48d5bcd422
# with:
# cosign-release: "v1.4.0"
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: ${{ github.event_name != 'pull_request' && ( github.ref_protected == true || github.ref_type == 'tag' ) }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
# repository is public to avoid leaking data. If you would like to publish
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
#- name: Sign the published Docker image
# if: ${{ github.event_name != 'pull_request' && github.ref_protected == true }}
# env:
# COSIGN_EXPERIMENTAL: "true"
# # This step uses the identity token to provision an ephemeral certificate
# # against the sigstore community Fulcio instance.
# run: cosign sign ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}