-
Notifications
You must be signed in to change notification settings - Fork 9
79 lines (72 loc) · 2.33 KB
/
boot-strategy-plugin.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: boot-strategy-plugin-native
on:
push:
paths:
- "boot-strategy-plugin/**"
branches: [main]
pull_request:
paths:
- "boot-strategy-plugin/**"
types:
- opened
- synchronize
- reopened
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
VERSION: latest
jobs:
build:
name: Run Unit & Integration Tests
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
defaults:
run:
working-directory: boot-strategy-plugin
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- uses: graalvm/setup-graalvm@v1
with:
distribution: 'graalvm'
java-version: '21'
github-token: ${{ secrets.GITHUB_TOKEN }}
cache: 'gradle'
native-image-job-reports: 'true'
- name: Printing versions
run: |
echo "GRAALVM_HOME: $GRAALVM_HOME"
echo "JAVA_HOME: $JAVA_HOME"
java --version
native-image --version
- name: Start up infra via Docker Compose
run: |
docker compose up -d
sleep 5
docker ps -a
- name: Build and analyze
run: ./gradlew clean build --info
- if: ${{ github.ref == 'refs/heads/main' }}
name: Build container image
run: ./gradlew bootBuildImage --imageName ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/boot-strategy-plugin:${{ env.VERSION }}
- if: ${{ github.ref == 'refs/heads/main' }}
name: OCI image vulnerability scanning
uses: anchore/scan-action@v3
id: scan
with:
image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/boot-strategy-plugin:${{ env.VERSION }}
fail-build: false
severity-cutoff: high
- if: ${{ github.ref == 'refs/heads/main' }}
name: Log in to the Container registry
uses: docker/login-action@b4bedf8053341df3b5a9f9e0f2cf4e79e27360c6
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- if: ${{ github.ref == 'refs/heads/main' }}
name: Publish container image
run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/boot-strategy-plugin:${{ env.VERSION }}