Skip to content

Daily scan for dependencies #38

Daily scan for dependencies

Daily scan for dependencies #38

Workflow file for this run

name: Daily scan for dependencies
on:
schedule:
- cron: "22 3 * * *"
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
check-dependencies-adot-java:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
- name: Build snapshot with Gradle
uses: gradle/gradle-build-action@v3
with:
arguments: ":otelagent:dependencyCheckAnalyze"
- name: Upload report
if: ${{ always() }}
uses: actions/upload-artifact@v3
with:
name: adot-dependencies
path: otelagent/build/reports
check-dependencies-otel-java:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
repository: "open-telemetry/opentelemetry-java-instrumentation"
fetch-depth: 0
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
- name: Build snapshot with Gradle
uses: gradle/gradle-build-action@v3
with:
arguments: ":javaagent:dependencyCheckAnalyze"
- name: Upload report
if: ${{ always() }}
uses: actions/upload-artifact@v3
with:
name: otel-dependencies
path: javaagent/build/reports
publish-status:
needs: ["check-dependencies-adot-java", "check-dependencies-otel-java"]
if: ${{ always() }}
uses: ./.github/workflows/publish-status.yml
with:
namespace: 'ADOT/GitHubActions'
repository: ${{ github.repository }}
branch: ${{ github.ref_name }}
workflow: owasp
success: ${{ needs.check-dependencies-adot-java.result == 'success' &&
needs.check-dependencies-otel-java.result == 'success'}}
region: us-east-1
secrets:
roleArn: ${{ secrets.METRICS_ROLE_ARN }}