Skip to content

feat: Set a non-root user in Dockerfile #37

feat: Set a non-root user in Dockerfile

feat: Set a non-root user in Dockerfile #37

Workflow file for this run

name: Build
on:
push:
branches:
- "*"
pull_request:
branches:
- main
env:
TAG: felipebz/zpa-cli:nightly
jobs:
build:
name: Build and release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: |
17
21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Build with Gradle
run: ./gradlew build --refresh-dependencies
- name: Assemble
run: ./gradlew copyJdksToCache jreleaserAssemble
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: .
load: true
tags: ${{ env.TAG }}
- if: github.ref == 'refs/heads/main'
name: Push docker image to Docker Hub
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64/v8
push: true
tags: ${{ env.TAG }}
- if: github.ref == 'refs/heads/main'
name: Release artifacts
run: ./gradlew jreleaserFullRelease
env:
JRELEASER_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
demo:
name: Analyze demo project on SonarCloud
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
with:
repository: utPLSQL/utPLSQL
- name: Analyze with zpa-cli
run: |
docker run --rm \
-v $PWD:/src \
felipebz/zpa-cli:nightly \
--sources . \
--output-file zpa-issues.json \
--output-format sq-generic-issue-import
- name: Analyze with SonarCloud
uses: sonarsource/sonarcloud-github-action@master
with:
args: >
-Dsonar.projectKey=utPLSQL-zpa-demo
-Dsonar.organization=felipebz-github
-Dsonar.externalIssuesReportPaths=zpa-issues.json
-Dsonar.pullrequest.provider=
-Dsonar.coverageReportPaths=
-Dsonar.testExecutionReportPaths=
-Dsonar.plsql.file.suffixes=sql,pkg,pks,pkb,fun,pcd,tgg,prc,tpb,trg,typ,tab,tps
-Dsonar.scm.disabled=true
-Dsonar.tests=
env:
SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}