SDCSRM-582 Dependabot Fix Security Labels (#247) #123
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Checks and Tests | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
jobs: | |
java-checks-and-tests: | |
name: Java Checks and Tests | |
runs-on: ubuntu-latest | |
# Add "id-token" with the required permissions. | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# Google auth allows maven to pull artifacts from our registry | |
# And acquire a token for authenticating with the docker registry | |
- id: auth | |
name: Authenticate to Google Cloud | |
uses: google-github-actions/auth@v2 | |
with: | |
token_format: 'access_token' | |
workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
service_account: ${{ secrets.SERVICE_ACCOUNT }} | |
# Authenticating with Dockerhub ensures image pulls are authenticated, so not as severely rate limited | |
- name: Log in to Dockerhub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# Also log docker in to GCP, to allow image pulls from our private registries | |
- name: Log in to Google Docker Artifact Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: europe-west2-docker.pkg.dev | |
username: oauth2accesstoken | |
password: ${{ steps.auth.outputs.access_token }} | |
- name: Set Up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
distribution: temurin | |
cache: maven | |
- name: Set Up Docker Network | |
run: docker network create ssdcrmdockerdev_default | |
- name: Maven Checks | |
run: make check | |
- name: Run Tests | |
run: make test |