Skip to content

Submit sbt dependencies to GitHub for vulnerability monitoring #3505

Submit sbt dependencies to GitHub for vulnerability monitoring

Submit sbt dependencies to GitHub for vulnerability monitoring #3505

Workflow file for this run

name: "Build"
on:
pull_request:
push: # Do not rely on `push` for PR CI - see https://github.com/guardian/mobile-apps-api/pull/2760
branches:
- main # Optimal for GHA workflow caching - see https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache
permissions:
id-token: write
contents: read
pull-requests: write # Required for riff-raff action
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: corepack enable
- uses: actions/setup-node@v4
with:
cache: yarn
node-version-file: .nvmrc
- uses: actions/setup-java@v4
with:
distribution: corretto
cache: sbt
java-version: 11
- run: make reinstall
- run: make validate
- run: make test
- run: make compile
- name: Test, compile
# Australia/Sydney -because it is too easy for devs to forget about timezones
run: |
java \
-Xmx6144M \
-XX:ReservedCodeCacheSize=128m \
-Dsbt.log.noformat=true \
-XX:+UseParallelGC \
-DAPP_SECRET="fake_secret" \
-Duser.timezone=Australia/Sydney \
-jar ./bin/sbt-launch.jar clean compile assets scalafmtCheckAll test Universal/packageBin
- name: Test Summary
uses: test-summary/action@v2
with:
paths: "test-results/**/TEST-*.xml"
if: always()
- uses: guardian/actions-riff-raff@v4
env:
GU_RIFF_RAFF_ROLE_ARN: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }}
if: ${{ env.GU_RIFF_RAFF_ROLE_ARN }}
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
roleArn: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }}
projectName: dotcom:frontend-all
configPath: riff-raff.yaml
contentDirectories: |
frontend-static:
- static/hash
admin:
- admin/target/universal/admin.zip
applications:
- applications/target/universal/applications.zip
archive:
- archive/target/universal/archive.zip
article:
- article/target/universal/article.zip
commercial:
- commercial/target/universal/commercial.zip
discussion:
- discussion/target/universal/discussion.zip
facia:
- facia/target/universal/facia.zip
facia-press:
- facia-press/target/universal/facia-press.zip
identity:
- identity/target/universal/identity.zip
onward:
- onward/target/universal/onward.zip
preview:
- preview/target/universal/preview.zip
rss:
- rss/target/universal/rss.zip
sport:
- sport/target/universal/sport.zip