Skip to content

Simplify CI-PR in update scs-starter #261

Simplify CI-PR in update scs-starter

Simplify CI-PR in update scs-starter #261

Workflow file for this run

name: 'CI - PR'
on:
pull_request:
env:
MAIN_PATH: 'build-dir'
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MAVEN_THREADS: 'true'
jobs:
build:
if: github.repository == 'spring-cloud/stream-applications'
runs-on: ubuntu-latest
steps:
- name: 'Configure: checkout stream-applications@${{ github.ref_name }}'
uses: actions/checkout@v3
- name: 'Configure: checkout stream-applications@main'
id: checkout-main
uses: actions/checkout@v3
with:
ref: 'main'
path: ${{ env.MAIN_PATH }}
- name: 'Configure: Install gh cli'
uses: ./.github/actions/install-gh
- name: 'Configure: Ensure scripts are executable'
shell: bash
run: find . -type f -name "*.sh" -exec chmod a+x '{}' \;
- name: 'Configure: Install Java'
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'graalvm'
- name: 'Configure: cache for maven dependencies'
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: maven-repo-${{ hashFiles('**/pom.xml') }}-pr-${{ github.base_ref }}
restore-keys: |
maven-repo-${{ hashFiles('**/pom.xml') }}-pr-${{ github.base_ref }}
maven-repo-${{ hashFiles('**/pom.xml') }}
maven-repo-
- name: 'Configure: Install xsltproc'
uses: ./.github/actions/install-xsltproc
- name: 'Action: verify changed modules'
shell: bash
env:
VERBOSE: ${{ github.debug && 'true' || '' }}
run: |
export SKIP_DEPLOY=true
./build-core.sh "-T 1C install -Psnapshot"
./build-apps.sh "-T 1C install -Psnapshot"
./integration-tests.sh
- name: 'Upload: Error logs'
if: ${{ failure() }}
uses: actions/upload-artifact@v3
with:
name: 'modified-surefire-reports'
path: '**/target/surefire-reports'
retention-days: 7
if-no-files-found: ignore
- name: 'Built'
shell: bash
run: echo "::info ::Built"
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'table'
severity: 'CRITICAL,HIGH'
- name: 'Scanned'
shell: bash
run: echo "::info ::Scanned"
done:
runs-on: ubuntu-latest
needs: [ scan, build ]
steps:
- name: 'Done'
shell: bash
run: echo "::info ::Done"