Merge pull request #101 from aditosoftware/dependabot/github_actions/… #249
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Project | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6.0.2 | |
| # JDK16 is needed for the tests | |
| - name: Set up JDK 16 | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version: '16' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: validate project | |
| run: mvn validate | |
| - name: compile project | |
| run: mvn compile | |
| - name: test project | |
| run: mvn test -Pcoverage | |
| - name: Read Maven project version | |
| if: github.ref_name == 'main' && github.event_name != 'pull_request' | |
| id: mvn_version | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| VERSION="$(mvn -q -DforceStdout help:evaluate -Dexpression=project.version)" | |
| if [[ -z "${VERSION}" ]]; then | |
| echo "Could not determine Maven version" >&2 | |
| exit 1 | |
| fi | |
| echo "version=${VERSION}" >> "$GITHUB_OUTPUT" | |
| - name: Generate SBOM (CycloneDX) | |
| if: github.ref_name == 'main' && github.event_name != 'pull_request' | |
| run: mvn -DskipTests org.cyclonedx:cyclonedx-maven-plugin:2.8.1:makeAggregateBom -Dcyclonedx.outputFormat=json | |
| - name: Upload SBOM to Dependency-Track | |
| if: github.ref_name == 'main' && github.event_name != 'pull_request' | |
| uses: DependencyTrack/gh-upload-sbom@48feab3080ff9e8f51f4d21861d9fc914eb744f5 | |
| with: | |
| serverHostname: ${{ secrets.DEPENDENCYTRACK_HOSTNAME }} | |
| apiKey: ${{ secrets.DEPENDENCYTRACK_APIKEY }} | |
| projectName: ${{ github.event.repository.name }} | |
| projectVersion: ${{ steps.mvn_version.outputs.version }} | |
| projectTags: 'designer-extension-pack,vscode-liquibase,${{ github.event.repository.name }}' | |
| bomFilename: "target/bom.json" | |
| autoCreate: true | |
| # JDK 17 is needed for sonar analysis | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Analyze with SonarCloud | |
| run: mvn sonar:sonar -Pcoverage | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |