Skip to content

chore: Bump org.owasp.dependencycheck from 8.4.3 to 9.0.0 in /backend #638

chore: Bump org.owasp.dependencycheck from 8.4.3 to 9.0.0 in /backend

chore: Bump org.owasp.dependencycheck from 8.4.3 to 9.0.0 in /backend #638

Workflow file for this run

name: On Pull Request
on:
pull_request:
types: [ opened, reopened, review_requested, edited, ready_for_review, synchronize ]
paths:
- 'backend/**'
- 'frontend/**'
env:
SERVICE_NAME: gitactionboard
jobs:
determine-changes:
runs-on: ubuntu-22.04
outputs:
HAS_BACKEND_CHANGES: ${{ steps.changes.outputs.backend }}
HAS_FRONTEND_CHANGES: ${{ steps.changes.outputs.frontend }}
steps:
- name: Checkout local repository
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/${{ env.SERVICE_NAME }}
fetch-depth: 5
- name: Determine new changes
uses: dorny/paths-filter@v2
id: changes
with:
filters: |
backend:
- 'backend/**'
frontend:
- 'frontend/**'
working-directory: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/
backend-verification:
needs: [ determine-changes ]
if: ${{ needs.determine-changes.outputs.HAS_BACKEND_CHANGES == 'true' }}
runs-on: ubuntu-22.04
steps:
- name: Checkout local repository
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/${{ env.SERVICE_NAME }}
- name: Install prettier using npm
run: sudo npm install --global prettier
- name: Install jenv
run: |
git clone https://github.com/gcuisinier/jenv.git ~/.jenv
echo "$HOME/.jenv/bin" >> $GITHUB_PATH
- name: Configure jenv
run: |
jenv init -
jenv add ${JAVA_HOME_21_X64}
- name: Install Hadolint and add to PATH
run: |
sh bin/install-hadolint.sh
echo "$GITHUB_WORKSPACE/$SERVICE_NAME" >> $GITHUB_PATH
working-directory: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/
- name: Cache gradle wrapper and jars
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
- name: Run tests
run: ./run.sh backend-test
working-directory: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/
- name: Upload build report to artifacts
uses: actions/upload-artifact@v3
if: always()
with:
name: ${{ env.SERVICE_NAME }}-build-reports
path: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/backend/build/reports/
frontend-verification:
needs: [ determine-changes ]
if: ${{ needs.determine-changes.outputs.HAS_FRONTEND_CHANGES == 'true' }}
runs-on: ubuntu-22.04
steps:
- name: Checkout local repository
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/${{ env.SERVICE_NAME }}
- name: Install prettier using npm
run: sudo npm install --global prettier
- name: Install Hadolint and add to PATH
run: |
sh bin/install-hadolint.sh
echo "$GITHUB_WORKSPACE/$SERVICE_NAME" >> $GITHUB_PATH
working-directory: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/
- name: Cache node modules
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
${{ runner.os }}-
- name: Run tests
run: ./run.sh frontend-test
working-directory: ${{ github.workspace }}/${{ env.SERVICE_NAME }}/
dependabot:
runs-on: ubuntu-22.04
needs: [ backend-verification, frontend-verification ]
if: ${{ always() && github.actor == 'dependabot[bot]' && contains(needs.*.result, 'success') && !(contains(needs.*.result, 'failure')) }}
permissions:
contents: write
pull-requests: write
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/[email protected]
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor'}}
run: gh pr merge --auto --rebase "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Add reviewers and label for Major update
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-major'}}
run: |
gh pr edit "$PR_URL" --add-label "major-update"
gh pr edit "$PR_URL" --add-reviewer "sumanmaity1234"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}