Merge pull request #62 from ADORSYS-GIS/55-setup-owasp-zap-for-online… #86

Workflow file for this run

.github/workflows/develop.yaml at f90a804

	name: Java CI with Maven

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	jobs:
	build:

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: 17
	architecture: x64
	distribution: 'temurin'

	- name: Cache Maven packages
	uses: actions/cache@v2
	with:
	path: ~/.m2
	key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-m2

	- name: Set up Maven settings.xml
	run: \|
	mkdir -p ~/.m2
	echo "<settings>
	<servers>
	<server>
	<id>github-webank</id>
	<username>${{ github.actor }}</username>
	<password>${{ secrets.WEBANK_ACCESS_TOKEN }}</password>
	</server>
	</servers>
	</settings>" > ~/.m2/settings.xml


	- name: Build with webank Online banking
	run: mvn clean install -s ~/.m2/settings.xml -DskipTests -DskipITs -Dmaven.javadoc.skip=true

	# 2. Test Stage
	test:
	runs-on: ubuntu-latest
	needs: build
	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'temurin'
	- name: Cache Maven packages
	uses: actions/cache@v2
	with:
	path: ~/.m2
	key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-m2

	- name: Set up Maven settings.xml
	run: \|
	mkdir -p ~/.m2
	echo "<settings>
	<servers>
	<server>
	<id>github-webank</id>
	<username>${{ github.actor }}</username>
	<password>${{ secrets.WEBANK_ACCESS_TOKEN }}</password>
	</server>
	</servers>
	</settings>" > ~/.m2/settings.xml

	- name: Run Unit and Integration Tests
	run: mvn verify -s ~/.m2/settings.xml -Dmaven.javadoc.skip=true

	security-scan:
	runs-on: ubuntu-latest
	needs: build # Ensures that the security scan runs only if the build job succeeds

	steps:
	# Step 1: Checkout code
	- name: Checkout code
	uses: actions/checkout@v4

	# Step 2: Set up Java
	- name: Set up Java 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'temurin'

	# Step 3: Run OWASP Dependency-Check
	- name: Run OWASP Dependency-Check
	uses: dependency-check/Dependency-Check_Action@main
	env:
	# actions/setup-java@v1 changes JAVA_HOME so it needs to be reset to match the depcheck image
	JAVA_HOME: /opt/jdk
	with:
	project: 'webank-onlinebanking'
	path: '.'
	format: 'HTML'
	out: 'reports'
	args: >
	--failOnCVSS 5
	# Step 4: Upload the Dependency-Check report as an artifact
	- name: Upload Dependency Check report
	uses: actions/upload-artifact@v3
	with:
	name: Dependency-Check Report
	path: ${{ github.workspace }}/reports

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #62 from ADORSYS-GIS/55-setup-owasp-zap-for-online… #86

Workflow file

Merge pull request #62 from ADORSYS-GIS/55-setup-owasp-zap-for-online… #86

Jobs

Run details

Workflow file for this run