build(deps): bump eclipse-temurin from 17-jdk-alpine to 21-jdk-alpine in /examples-ca/example-rest-consumer/rest-consumer-server/deployment #1329
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "gradle-actions" | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - feature/* | |
| - fix/* | |
| pull_request: | |
| branches: | |
| - master | |
| jobs: | |
| build: | |
| if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }} | |
| permissions: | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
| with: | |
| egress-policy: audit | |
| - name: Generate a token of Github APP | |
| id: generate_token | |
| uses: tibdex/github-app-token@v1 | |
| with: | |
| app_id: ${{ secrets.APP_ID_ADMIN_GITHUB }} | |
| private_key: ${{ secrets.APP_PRIVATE_KEY_ADMIN_GITHUB }} | |
| - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: Verify Conventional Commits | |
| uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 | |
| if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up NodeJS | |
| if: github.ref == 'refs/heads/master' | |
| uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
| with: | |
| node-version-file: '.nvmrc' | |
| - name: Set up Semantic Release | |
| if: github.ref == 'refs/heads/master' | |
| run: npm -g install @semantic-release/git semantic-release@23.0.0 | |
| - name: Semantic Release | |
| if: github.ref == 'refs/heads/master' | |
| run: npx semantic-release@23.0.0 | |
| env: | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Validate code formatting | |
| run: ./gradlew verGJF | |
| - name: Execute build test and report | |
| run: ./gradlew jacocoTestReport --refresh-dependencies --no-daemon --continue | |
| - name: copy the reportTest to codeCoverage | |
| run: cp build/reports/jacoco/report.xml jacoco.xml || echo "Code coverage failed" | |
| - name: Push codeCoverage to Codecov | |
| run: bash <(curl -s https://codecov.io/bash) | |
| - name: Run sonar | |
| if: github.event.pull_request.head.repo.fork == false | |
| run: ./gradlew sonar --stacktrace | |
| -Dsonar.token=${{ secrets.SONAR_TOKEN }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Next steps will only run if generation code templates have been changed | |
| - name: Detect changes in generated code | |
| uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 | |
| id: changes | |
| with: | |
| filters: | | |
| templates: | |
| - 'src/main/resources/**' | |
| - 'src/main/java/co/com/bancolombia/Constants.java' | |
| - 'src/main/java/co/com/bancolombia/factory/**' | |
| # Generated code Analysis | |
| - name: Publish local | |
| if: steps.changes.outputs.templates == 'true' | |
| run: ./sh_publish_plugin_local.sh | |
| # Generated code reactive | |
| - name: Generate reactive project to scan | |
| if: steps.changes.outputs.templates == 'true' | |
| run: ./sh_generate_project.sh reactive | |
| - name: Scan generated reactive project dependencies | |
| if: steps.changes.outputs.templates == 'true' | |
| working-directory: ./build/toscan/reactive | |
| run: ./gradlew build it | |
| # run: ./gradlew build dependencyCheckAnalyze && ./gradlew it && cat applications/app-service/build/reports/dependency-check-sonar.json | |
| - name: Sonar analysis for generated reactive project | |
| if: github.event.pull_request.head.repo.fork == false && steps.changes.outputs.templates == 'true' | |
| working-directory: ./build/toscan/reactive | |
| run: ./gradlew sonar --stacktrace | |
| -Dsonar.token=${{ secrets.SONAR_TOKEN_GENERATED }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Generated code imperative | |
| - name: Generate imperative project to scan | |
| if: steps.changes.outputs.templates == 'true' | |
| run: ./sh_generate_project.sh imperative | |
| - name: Scan generated imperative project dependencies | |
| if: steps.changes.outputs.templates == 'true' | |
| working-directory: ./build/toscan/imperative | |
| run: ./gradlew build it | |
| # run: ./gradlew build dependencyCheckAnalyze && ./gradlew it && cat applications/app-service/build/reports/dependency-check-sonar.json | |
| - name: Sonar analysis for generated imperative project | |
| if: github.event.pull_request.head.repo.fork == false && steps.changes.outputs.templates == 'true' | |
| working-directory: ./build/toscan/imperative | |
| run: ./gradlew sonar --stacktrace | |
| -Dsonar.token=${{ secrets.SONAR_TOKEN_GENERATED_I }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |