-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
191 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,168 @@ | ||
| name: Order service CI | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "main" ] | ||
| paths: | ||
| - "order/**" | ||
| - ".github/workflows/actions/action.yaml" | ||
| - ".github/workflows/order-ci.yaml" | ||
| - "pom.xml" | ||
| pull_request: | ||
| branches: [ "main" ] | ||
| paths: | ||
| - "order/**" | ||
| - ".github/workflows/actions/action.yaml" | ||
| - ".github/workflows/order-ci.yaml" | ||
| - "pom.xml" | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| style: | ||
| runs-on: ubuntu-latest | ||
| name: Check style | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Run maven checkstyle | ||
| run: mvn checkstyle:checkstyle -f order | ||
| compile: | ||
| runs-on: ubuntu-latest | ||
| name: Compile project | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set up JDK 21 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '21' | ||
| distribution: 'adopt' | ||
| cache: maven | ||
|
|
||
| - name: Compile project | ||
| run: mvn clean compile -f order | ||
|
|
||
| unit-tests: | ||
| runs-on: ubuntu-latest | ||
| name: Unit tests | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set up JDK 21 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '21' | ||
| distribution: 'adopt' | ||
| cache: maven | ||
|
|
||
| - name: Running unit tests | ||
| run: mvn test -f order jacoco:report | ||
|
|
||
| build: | ||
| runs-on: ubuntu-latest | ||
| name: Build project | ||
| needs: [compile, unit-tests] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set up JDK 21 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '21' | ||
| distribution: 'adopt' | ||
| cache: maven | ||
|
|
||
| - name: Building project | ||
| run: mvn package -f order | ||
|
|
||
| coverage: | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} | ||
| permissions: | ||
| pull-requests: write | ||
| packages: write | ||
| name: Coverage and Package | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Set up JDK 21 | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| java-version: '21' | ||
| distribution: 'adopt' | ||
| cache: maven | ||
| - name: Building project | ||
| run: mvn package -f inventory | ||
| - name: Add coverage report to PR | ||
| uses: madrapps/[email protected] | ||
| if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} | ||
| with: | ||
| paths: ${{github.workspace}}/order/target/site/jacoco/jacoco.xml | ||
| token: ${{secrets.GITHUB_TOKEN}} | ||
| min-coverage-overall: 30 | ||
| min-coverage-changed-files: 20 | ||
| title: 'Order Coverage Report' | ||
| update-comment: true | ||
|
|
||
| - name: Upload coverage to Codecov | ||
| uses: codecov/codecov-action@v4 | ||
| env: | ||
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | ||
| continue-on-error: false | ||
|
|
||
| - name: OWASP Dependency Check | ||
| if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} | ||
| uses: dependency-check/Dependency-Check_Action@main | ||
| env: | ||
| JAVA_HOME: /opt/jdk | ||
| with: | ||
| project: 'matcha' | ||
| path: '.' | ||
| format: 'HTML' | ||
| - name: Upload OWASP Dependency Check results | ||
| if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} | ||
| uses: actions/upload-artifact@master | ||
| with: | ||
| name: OWASP Dependency Check Report | ||
| path: ${{github.workspace}}/reports | ||
|
|
||
| - name: Log in to the Container registry | ||
| if: ${{ github.ref == 'refs/heads/main' }} | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Build and push Docker images | ||
| if: ${{ github.ref == 'refs/heads/main' }} | ||
| uses: docker/build-push-action@v6 | ||
| with: | ||
| context: ./order | ||
| push: true | ||
| file: ./order/Dockerfile | ||
| platforms: linux/amd64 | ||
| tags: ghcr.io/${{ github.repository_owner }}/matcha-order:latest | ||
|
|
||
| check: | ||
| runs-on: ubuntu-latest | ||
| name: Git-leaks check | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Gitleaks check | ||
| run: | | ||
| docker pull zricethezav/gitleaks:v8.18.4 | ||
| docker run --rm -v ${{ github.workspace }}:/work -w /work zricethezav/gitleaks:v8.18.4 detect --source="." --config="/work/gitleaks.toml" --verbose --no-git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| FROM eclipse-temurin:21-jre-alpine | ||
| COPY target/order*.jar app.jar | ||
| ENTRYPOINT ["java", "-jar", "/app.jar"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters