main.yml

name: Java CI with Maven

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3

    - name: Run Codacy Analysis CLI
      uses: codacy/codacy-analysis-cli-action@master
      with:
        output: results.sarif
        format: sarif
        # Adjust severity of non-security issues
        gh-code-scanning-compat: true
        # Force 0 exit code to allow SARIF file generation
        # This will hand over control about PR rejection to the GitHub side
        max-allowed-issues: 2147483647 
        upload: true
        api-token: ${{ secrets.CODACY_TOKEN }}
        skip-uncommitted-files-check: true

    - name: Set up JDK 17
      uses: actions/setup-java@v3
      with:
        java-version: '17'
        distribution: 'temurin'
        cache: maven
    - name: Build with Maven
      run: mvn -B package --file pom.xml -DskipTests

    # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
    - name: Update dependency graph
      uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
      with:
        token: ${{ secrets.DB_TOKEN }}

    - name: Login to Docker Hub
      uses: docker/login-action@v1
      with:
        username: ${{ secrets.DOCKER_USERNAME }}
        password: ${{ secrets.DOCKER_ACCESS_TOKEN }}

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v1

    - name: Build and push
      uses: docker/build-push-action@v2
      with:
        context: .
        file: ./Dockerfile
        push: true
        tags: smonko/servisimo-catalog:${{github.ref_name }}
        build-args: |
            JAR_FILE=target/*.jar