Create dependabot.yml #8

Workflow file for this run

.github/workflows/CDCI-master.yml at 3909dba

	name: CI/CD Pipeline for Java Project

	on:
	push:
	branches:
	- master
	pull_request:
	branches:
	- master

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	#JDK
	- name: Set up JDK 21
	uses: actions/setup-java@v3
	with:
	java-version: '21'
	distribution: 'corretto'
	#cache: 'gradle'
	#Gradle
	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v4
	- name: Validate Gradle wrapper
	uses: gradle/actions/wrapper-validation@v4

	#Build
	- name: Build with Gradle
	run: make mkBuild
	- name: Test with Gradle
	run: make mkTest

	#UploadArtifact

	- name: Upload artifacts
	uses: actions/upload-artifact@v3
	with:
	name: build-output
	path: build/libs/*.war

	#Snyk
	snyk:
	runs-on: ubuntu-latest
	permissions: write-all
	steps:
	- uses: actions/checkout@v4
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/gradle@master
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args:
	--all-sub-projects
	--severity-threshold=medium
	--sarif-file-output=snyk.sarif
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: snyk.sarif

	# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
	# See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md
	dependency-submission:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: "17"
	distribution: temurin
	- name: Generate and submit dependency graph
	uses: gradle/actions/dependency-submission@417ae3ccd767c252f5661f1ace9f835f9654f2b5

	deploy:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v3
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: build-output
	- name: Setup SSH key
	env:
	SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
	SSH_KNOWN_HOSTS: ${{ secrets.SSH_KNOWN_HOSTS }}
	run: \|
	mkdir -p ~/.ssh/
	echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
	chmod 600 ~/.ssh/id_rsa
	echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
	chmod 644 ~/.ssh/known_hosts
	- name: Deploy to Server
	run: \|
	scp -o StrictHostKeyChecking=no build/libs/*.jar user@server:/path/to/project/
	ssh user@server "cd /path/to/project && java -jar your-app.jar &"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Create dependabot.yml #8

Workflow file

Create dependabot.yml #8

Uh oh!

Jobs

Run details

Workflow file for this run