Adds SECURITY.md and scanning workflow (#86) #125
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yamllint --format github .github/workflows/test.yml | |
--- | |
name: test | |
# We don't test documentation-only commits. | |
on: | |
# We run tests on non-tagged pushes to master that aren't a commit made by the release plugin | |
push: | |
tags: '' | |
branches: master | |
paths-ignore: '**/*.md' | |
# We also run tests on pull requests targeted at the master branch. | |
pull_request: | |
branches: master | |
paths-ignore: '**/*.md' | |
jobs: | |
test: | |
name: test (${{ matrix.name }}) | |
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish | |
strategy: | |
fail-fast: false # don't fail fast as some failures are LTS specific | |
matrix: # match with maven-enforcer-plugin rules in pom.xml | |
include: | |
- name: build-arg | |
version: 21.0.2_p13 | |
- name: implicit | |
version: master | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 # only needed to get the sha label | |
# We can't cache Docker without using buildx because GH actions restricts /var/lib/docker | |
# That's ok because DOCKER_PARENT_IMAGE is always ghcr.io and local anyway. | |
- name: Test | |
run: build-bin/configure_test && build-bin/test ${{ matrix.version }} |