ℹ️ DO NOT MERGE ℹ️ - running commit + polish through the CI prior to merge #716
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI PRs | |
| on: | |
| pull_request: | |
| env: | |
| MAVEN_THREADS: '-T 2' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| # cache maven repo | |
| - uses: actions/cache@v2 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-m2- | |
| # jdk8 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| java-version: '8' | |
| distribution: 'liberica' | |
| - uses: jvalkeal/setup-maven@v1 | |
| with: | |
| maven-version: 3.8.8 | |
| maven-mirror: 'https://dlcdn.apache.org/maven/maven-3/' | |
| # build | |
| - name: Build | |
| run: | | |
| mvn -B -s .github/settings.xml clean install | |
| - name: Test Report | |
| uses: dorny/test-reporter@v1 | |
| if: ${{ success() || failure() }} | |
| with: | |
| name: Unit Tests | |
| path: '**/surefire-reports/*.xml' | |
| reporter: java-junit | |
| list-tests: failed | |
| # clean m2 cache | |
| - name: Clean cache | |
| run: | | |
| find ~/.m2/repository -type d -name '*SNAPSHOT' | xargs rm -fr | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Run Trivy vulnerability scanner in repo mode | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| scan-type: 'fs' | |
| ignore-unfixed: true | |
| format: 'table' | |
| severity: 'CRITICAL,HIGH' | |
| - name: 'Scanned' | |
| shell: bash | |
| run: echo "::info ::Scanned" | |
| done: | |
| runs-on: ubuntu-latest | |
| needs: [ scan, build ] | |
| steps: | |
| - name: 'Done' | |
| shell: bash | |
| run: echo "::info ::Done" |