Migrated Jobs and Security perspectives, fixes #4505 #4506 #4507 #4508 #3637
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- main | |
- master | |
jobs: | |
code-style: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK Corretto 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'corretto' | |
java-version: '21' | |
architecture: x64 | |
- name: Validate Java code formatting | |
run: mvn -T 1C formatter:validate | |
build-deploy: | |
needs: [tests, integration-tests-h2, integration-tests-postgresql] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Cache local Maven repository | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-maven- | |
- name: Set up JDK Corretto 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'corretto' | |
java-version: '21' | |
architecture: x64 | |
- name: Install NodeJS | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install esbuild | |
run: npm i -g esbuild | |
- name: Install TypeScript compiler | |
run: npm i -g typescript | |
- name: Setup Docker Buildx | |
run: | | |
docker buildx create --name dirigible-builder | |
docker buildx use dirigible-builder | |
- name: Maven Build | |
run: mvn clean install -D maven.javadoc.skip=false -D skipTests -D maven.test.skip=true | |
- name: Docker Login | |
run: docker login -u ${{secrets.DOCKER_USER}} -p ${{secrets.DOCKER_PASSWORD}} | |
- name: Push Dirigible (Spring) | |
run: | | |
cd build/application | |
docker buildx build --push --tag dirigiblelabs/dirigible -o type=image --platform=linux/arm64,linux/amd64 . | |
tests: | |
runs-on: ${{ matrix.os }}-latest | |
strategy: | |
matrix: | |
os: [ubuntu, windows] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Cache local Maven repository | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-maven- | |
- name: Set up JDK Corretto 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'corretto' | |
java-version: '21' | |
architecture: x64 | |
- name: Install NodeJS | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install esbuild | |
run: npm i -g esbuild | |
- name: Install TypeScript compiler | |
run: npm i -g typescript | |
- name: Maven Build | |
run: mvn clean install -D maven.javadoc.skip=true | |
integration-tests-h2: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Cache local Maven repository | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-maven- | |
- name: Set up JDK Corretto 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'corretto' | |
java-version: 21 | |
- name: Install NodeJS | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install esbuild | |
run: npm i -g esbuild | |
- name: Install TypeScript compiler | |
run: npm i -g typescript | |
- name: Maven Build | |
run: mvn -T 1C clean install -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U | |
- name: Integration tests | |
run: mvn -f tests/pom.xml verify -P integration-tests -D selenide.headless=true | |
- name: Generate a random artifact name | |
if: always() | |
id: generate_name | |
run: echo "ARTIFACT_NAME=selenide-screenshots-$(date +%s).zip" >> $GITHUB_ENV | |
- name: Upload selenide screenshots | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
retention-days: 1 | |
name: ${{ env.ARTIFACT_NAME }} | |
path: tests/tests-integrations/build/reports/tests | |
integration-tests-postgresql: | |
runs-on: ubuntu-latest | |
env: | |
POSTGRES_DB: testdb | |
POSTGRES_USER: testuser | |
POSTGRES_PASS: testpass | |
services: | |
postgres: | |
image: postgres:latest | |
ports: | |
- 5432:5432 | |
env: | |
POSTGRES_DB: ${{ env.POSTGRES_DB }} | |
POSTGRES_USER: ${{ env.POSTGRES_USER }} | |
POSTGRES_PASSWORD: ${{ env.POSTGRES_PASS }} | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Cache local Maven repository | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-maven- | |
- name: Set up JDK Corretto 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'corretto' | |
java-version: 21 | |
- name: Install NodeJS | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install esbuild | |
run: npm i -g esbuild | |
- name: Install TypeScript compiler | |
run: npm i -g typescript | |
- name: Maven Build | |
run: mvn -T 1C clean install -D skipTests -D maven.javadoc.skip=true -D license.skip=true -U | |
- name: Integration tests | |
run: mvn -f tests/pom.xml verify -P integration-tests -D selenide.headless=true | |
env: | |
DIRIGIBLE_DATASOURCE_DEFAULT_DRIVER: org.postgresql.Driver | |
DIRIGIBLE_DATASOURCE_DEFAULT_URL: jdbc:postgresql://localhost:5432/${{ env.POSTGRES_DB }} | |
DIRIGIBLE_DATASOURCE_DEFAULT_USERNAME: ${{ env.POSTGRES_USER }} | |
DIRIGIBLE_DATASOURCE_DEFAULT_PASSWORD: ${{ env.POSTGRES_PASS }} | |
- name: Generate a random artifact name | |
if: always() | |
id: generate_name | |
run: echo "ARTIFACT_NAME=selenide-screenshots-$(date +%s).zip" >> $GITHUB_ENV | |
- name: Upload selenide screenshots | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
retention-days: 1 | |
name: ${{ env.ARTIFACT_NAME }} | |
path: tests/tests-integrations/build/reports/tests | |
scan-image: | |
needs: [build-deploy] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Log in to Docker Hub | |
uses: docker/login-action@v2.1.0 | |
with: | |
username: ${{ secrets.DOCKER_USER }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Docker Scout Quickview and CVEs | |
uses: docker/scout-action@v1 | |
with: | |
command: quickview,cves | |
image: dirigiblelabs/dirigible:latest | |
sarif-file: sarif.output.json | |
summary: true | |
only-fixed: false | |
- name: Docker Scout SBOM | |
uses: docker/scout-action@v1 | |
with: | |
command: sbom | |
image: dirigiblelabs/dirigible:latest | |
output: sbom.json | |
- name: Docker Scout Recommendations | |
uses: docker/scout-action@v1 | |
with: | |
command: recommendations | |
image: dirigiblelabs/dirigible:latest | |
- name: Upload Docker Scout SARIF Report | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
sarif_file: sarif.output.json |