Skip to content

Bump org.sonarsource.java:java-frontend from 8.1.0.36477 to 8.3.0.367… #38

Bump org.sonarsource.java:java-frontend from 8.1.0.36477 to 8.3.0.367…

Bump org.sonarsource.java:java-frontend from 8.1.0.36477 to 8.3.0.367… #38

Workflow file for this run

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Build Backend
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
release:
types: [ "published" ]
workflow_dispatch:
env:
REGISTRY: "ghcr.io"
ORG: "IBM"
IMAGE_NAME: "cbomkit"
jobs:
build:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:16-alpine
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: cbomkit
POSTGRES_USER: cbomkit
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: maven
- name: Create Maven settings.xml
run: |
echo "<settings>
<servers>
<server>
<id>github</id>
<username>${{ github.actor }}</username>
<password>${{ secrets.GITHUB_TOKEN }}</password>
</server>
</servers>
</settings>" > ~/.m2/settings.xml
- name: Build with Maven
run: mvn clean package
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.ORG }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,format=long
- name: Log in to the Container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
file: "./src/main/docker/Dockerfile.jvm"
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
- name: Update dependency graph
uses: advanced-security/maven-dependency-submission-action@v4
if: github.event_name != 'pull_request'