Skip to content

Bump com.diffplug.spotless from 6.17.0 to 6.25.0 #223

Bump com.diffplug.spotless from 6.17.0 to 6.25.0

Bump com.diffplug.spotless from 6.17.0 to 6.25.0 #223

Workflow file for this run

name: Check Build and Anchore on PR
on:
pull_request:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
DOCKERFILE: Dockerfile.test-only
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_ACTOR: ${{ secrets.GITHUB_ACTOR }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
PROJECT_KEY: 'pagopa_eng-lollipop-consumer-java-sdk'
jobs:
pr_scan:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout project sources
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
with:
fetch-depth: 0
- name: Setup Gradle
uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~/.sonar-project.properties/cache
key: ${{ runner.os }}-sonar-project.properties
restore-keys: ${{ runner.os }}-sonar-project.properties
- name: Make gradlew executable
run: chmod +x ./gradlew
- name: Run build with Gradle Wrapper
run: ./gradlew build testCodeCoverageReport
- name: Add coverage to PR
id: jacoco
uses: madrapps/jacoco-report@7a334255fbce42f385d7567c25d986a9c62e2971
with:
paths: ${{ github.workspace }}/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 40
min-coverage-changed-files: 60
- name: Build the Docker image
run: docker build . --file ${{ env.DOCKERFILE }} --tag localbuild/testimage:latest
- name: Run the Anchore Grype scan action
uses: anchore/scan-action@d5aa5b6cb9414b0c7771438046ff5bcfa2854ed7
id: scan
with:
image: "localbuild/testimage:latest"
fail-build: true
severity-cutoff: "high"
- name: Upload Anchore Scan Report
uses: github/codeql-action/upload-sarif@9885f86fab4879632b7e44514f19148225dfbdcd
if: always()
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Run Sonar Scanner on Pull Request
if: ${{ github.event_name == 'pull_request' }}
run: ./gradlew sonar --info
-Dsonar.organization=pagopa
-Dsonar.projectKey=${{ env.PROJECT_KEY }}
-Dsonar.coverage.jacoco.xmlReportPaths=**/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml
-Dsonar.coverage.exclusions="**/config/*","**/*Mock*","**/model/**","**/entity/*","**/*Stub*","**/*Config*,**/*Exception*"
-Dsonar.cpd.exclusions="**/model/**,**/entity/**,**/simple/internal/**"
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.java.libraries="**/*.jar"
-Dsonar.login=${{ env.SONAR_TOKEN }}
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
-Dsonar.pullrequest.branch=${{ github.head_ref }}
-Dsonar.pullrequest.base=${{ github.base_ref }}
- name: Run Sonar Scanner
if: ${{ github.event_name != 'pull_request' }}
run: ./gradlew sonar --info
-Dsonar.organization=pagopa
-Dsonar.projectKey=${{ env.PROJECT_KEY }}
-Dsonar.coverage.jacoco.xmlReportPaths=**/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml
-Dsonar.coverage.exclusions="**/config/*","**/*Mock*","**/model/**","**/entity/*","**/*Stub*","**/*Config*,**/*Exception*"
-Dsonar.cpd.exclusions="**/model/**,**/entity/**,**/simple/internal/**"
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.java.libraries="**/*.jar"
-Dsonar.login=${{ env.SONAR_TOKEN }}
-Dsonar.branch.name=${{ github.head_ref }}
- name: Publish to Maven Local
run: ./gradlew publishToMavenLocal
- name: Build Spring Sample
working-directory: ./samples/spring
run: chmod +x ./gradlew && ./gradlew bootJar
- name: Run Docker compose with .env.dev
run: docker compose --env-file e2e/.env.dev up -d --build --wait
- name: Sleep for 30 seconds
run: sleep 30s
shell: bash
- name: Install node modules and execute e2e tests
working-directory: ./e2e
run: npm install && npm run execute-test
- name: Shutdown docker compose
run: docker compose down