Skip to content

Migrated Jobs and Security perspectives, fixes #4505 #4506 #4507 #4508 #3637

Migrated Jobs and Security perspectives, fixes #4505 #4506 #4507 #4508

Migrated Jobs and Security perspectives, fixes #4505 #4506 #4507 #4508 #3637

Workflow file for this run

name: Build
on:
push:
branches:
- main
- master
jobs:
code-style:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK Corretto 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'
architecture: x64
- name: Validate Java code formatting
run: mvn -T 1C formatter:validate
build-deploy:
needs: [tests, integration-tests-h2, integration-tests-postgresql]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
- name: Set up JDK Corretto 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'
architecture: x64
- name: Install NodeJS
uses: actions/setup-node@v4
with:
node-version: 18
- name: Install esbuild
run: npm i -g esbuild
- name: Install TypeScript compiler
run: npm i -g typescript
- name: Setup Docker Buildx
run: |
docker buildx create --name dirigible-builder
docker buildx use dirigible-builder
- name: Maven Build
run: mvn clean install -D maven.javadoc.skip=false -D skipTests -D maven.test.skip=true
- name: Docker Login
run: docker login -u ${{secrets.DOCKER_USER}} -p ${{secrets.DOCKER_PASSWORD}}
- name: Push Dirigible (Spring)
run: |
cd build/application
docker buildx build --push --tag dirigiblelabs/dirigible -o type=image --platform=linux/arm64,linux/amd64 .
tests:
runs-on: ${{ matrix.os }}-latest
strategy:
matrix:
os: [ubuntu, windows]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
- name: Set up JDK Corretto 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'
architecture: x64
- name: Install NodeJS
uses: actions/setup-node@v4
with:
node-version: 18
- name: Install esbuild
run: npm i -g esbuild
- name: Install TypeScript compiler
run: npm i -g typescript
- name: Maven Build
run: mvn clean install -D maven.javadoc.skip=true
integration-tests-h2:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
- name: Set up JDK Corretto 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: 21
- name: Install NodeJS
uses: actions/setup-node@v4
with:
node-version: 18
- name: Install esbuild
run: npm i -g esbuild
- name: Install TypeScript compiler
run: npm i -g typescript
- name: Maven Build
run: mvn -T 1C clean install -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U
- name: Integration tests
run: mvn -f tests/pom.xml verify -P integration-tests -D selenide.headless=true
- name: Generate a random artifact name
if: always()
id: generate_name
run: echo "ARTIFACT_NAME=selenide-screenshots-$(date +%s).zip" >> $GITHUB_ENV
- name: Upload selenide screenshots
uses: actions/upload-artifact@v4
if: always()
with:
retention-days: 1
name: ${{ env.ARTIFACT_NAME }}
path: tests/tests-integrations/build/reports/tests
integration-tests-postgresql:
runs-on: ubuntu-latest
env:
POSTGRES_DB: testdb
POSTGRES_USER: testuser
POSTGRES_PASS: testpass
services:
postgres:
image: postgres:latest
ports:
- 5432:5432
env:
POSTGRES_DB: ${{ env.POSTGRES_DB }}
POSTGRES_USER: ${{ env.POSTGRES_USER }}
POSTGRES_PASSWORD: ${{ env.POSTGRES_PASS }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
- name: Set up JDK Corretto 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: 21
- name: Install NodeJS
uses: actions/setup-node@v4
with:
node-version: 18
- name: Install esbuild
run: npm i -g esbuild
- name: Install TypeScript compiler
run: npm i -g typescript
- name: Maven Build
run: mvn -T 1C clean install -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U
- name: Integration tests
run: mvn -f tests/pom.xml verify -P integration-tests -D selenide.headless=true
env:
DIRIGIBLE_DATASOURCE_DEFAULT_DRIVER: org.postgresql.Driver
DIRIGIBLE_DATASOURCE_DEFAULT_URL: jdbc:postgresql://localhost:5432/${{ env.POSTGRES_DB }}
DIRIGIBLE_DATASOURCE_DEFAULT_USERNAME: ${{ env.POSTGRES_USER }}
DIRIGIBLE_DATASOURCE_DEFAULT_PASSWORD: ${{ env.POSTGRES_PASS }}
- name: Generate a random artifact name
if: always()
id: generate_name
run: echo "ARTIFACT_NAME=selenide-screenshots-$(date +%s).zip" >> $GITHUB_ENV
- name: Upload selenide screenshots
uses: actions/upload-artifact@v4
if: always()
with:
retention-days: 1
name: ${{ env.ARTIFACT_NAME }}
path: tests/tests-integrations/build/reports/tests
scan-image:
needs: [build-deploy]
runs-on: ubuntu-latest
steps:
- name: Log in to Docker Hub
uses: docker/login-action@v2.1.0
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Docker Scout Quickview and CVEs
uses: docker/scout-action@v1
with:
command: quickview,cves
image: dirigiblelabs/dirigible:latest
sarif-file: sarif.output.json
summary: true
only-fixed: false
- name: Docker Scout SBOM
uses: docker/scout-action@v1
with:
command: sbom
image: dirigiblelabs/dirigible:latest
output: sbom.json
- name: Docker Scout Recommendations
uses: docker/scout-action@v1
with:
command: recommendations
image: dirigiblelabs/dirigible:latest
- name: Upload Docker Scout SARIF Report
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: sarif.output.json