Bump com.diffplug.spotless from 6.17.0 to 6.25.0 #223
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Build and Anchore on PR | |
on: | |
pull_request: | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
env: | |
DOCKERFILE: Dockerfile.test-only | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_ACTOR: ${{ secrets.GITHUB_ACTOR }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
PROJECT_KEY: 'pagopa_eng-lollipop-consumer-java-sdk' | |
jobs: | |
pr_scan: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
pull-requests: write | |
steps: | |
- name: Checkout project sources | |
uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1 | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.sonar-project.properties/cache | |
key: ${{ runner.os }}-sonar-project.properties | |
restore-keys: ${{ runner.os }}-sonar-project.properties | |
- name: Make gradlew executable | |
run: chmod +x ./gradlew | |
- name: Run build with Gradle Wrapper | |
run: ./gradlew build testCodeCoverageReport | |
- name: Add coverage to PR | |
id: jacoco | |
uses: madrapps/jacoco-report@7a334255fbce42f385d7567c25d986a9c62e2971 | |
with: | |
paths: ${{ github.workspace }}/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
token: ${{ secrets.GITHUB_TOKEN }} | |
min-coverage-overall: 40 | |
min-coverage-changed-files: 60 | |
- name: Build the Docker image | |
run: docker build . --file ${{ env.DOCKERFILE }} --tag localbuild/testimage:latest | |
- name: Run the Anchore Grype scan action | |
uses: anchore/scan-action@d5aa5b6cb9414b0c7771438046ff5bcfa2854ed7 | |
id: scan | |
with: | |
image: "localbuild/testimage:latest" | |
fail-build: true | |
severity-cutoff: "high" | |
- name: Upload Anchore Scan Report | |
uses: github/codeql-action/upload-sarif@9885f86fab4879632b7e44514f19148225dfbdcd | |
if: always() | |
with: | |
sarif_file: ${{ steps.scan.outputs.sarif }} | |
- name: Run Sonar Scanner on Pull Request | |
if: ${{ github.event_name == 'pull_request' }} | |
run: ./gradlew sonar --info | |
-Dsonar.organization=pagopa | |
-Dsonar.projectKey=${{ env.PROJECT_KEY }} | |
-Dsonar.coverage.jacoco.xmlReportPaths=**/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
-Dsonar.coverage.exclusions="**/config/*","**/*Mock*","**/model/**","**/entity/*","**/*Stub*","**/*Config*,**/*Exception*" | |
-Dsonar.cpd.exclusions="**/model/**,**/entity/**,**/simple/internal/**" | |
-Dsonar.host.url=https://sonarcloud.io | |
-Dsonar.java.libraries="**/*.jar" | |
-Dsonar.login=${{ env.SONAR_TOKEN }} | |
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }} | |
-Dsonar.pullrequest.branch=${{ github.head_ref }} | |
-Dsonar.pullrequest.base=${{ github.base_ref }} | |
- name: Run Sonar Scanner | |
if: ${{ github.event_name != 'pull_request' }} | |
run: ./gradlew sonar --info | |
-Dsonar.organization=pagopa | |
-Dsonar.projectKey=${{ env.PROJECT_KEY }} | |
-Dsonar.coverage.jacoco.xmlReportPaths=**/test-coverage/build/reports/jacoco/testCodeCoverageReport/testCodeCoverageReport.xml | |
-Dsonar.coverage.exclusions="**/config/*","**/*Mock*","**/model/**","**/entity/*","**/*Stub*","**/*Config*,**/*Exception*" | |
-Dsonar.cpd.exclusions="**/model/**,**/entity/**,**/simple/internal/**" | |
-Dsonar.host.url=https://sonarcloud.io | |
-Dsonar.java.libraries="**/*.jar" | |
-Dsonar.login=${{ env.SONAR_TOKEN }} | |
-Dsonar.branch.name=${{ github.head_ref }} | |
- name: Publish to Maven Local | |
run: ./gradlew publishToMavenLocal | |
- name: Build Spring Sample | |
working-directory: ./samples/spring | |
run: chmod +x ./gradlew && ./gradlew bootJar | |
- name: Run Docker compose with .env.dev | |
run: docker compose --env-file e2e/.env.dev up -d --build --wait | |
- name: Sleep for 30 seconds | |
run: sleep 30s | |
shell: bash | |
- name: Install node modules and execute e2e tests | |
working-directory: ./e2e | |
run: npm install && npm run execute-test | |
- name: Shutdown docker compose | |
run: docker compose down |