From 7ee431fe1882e01f64e101c916cf96ea239fcee8 Mon Sep 17 00:00:00 2001
From: "nikita.smirnov" <nikita.smirnov@exactprosystems.com>
Date: Mon, 9 Dec 2024 13:05:42 +0400
Subject: [PATCH] Added scan and dependabot workflows

---
 .github/dependabot.yml                   | 20 ++++++++++++++++++++
 .github/workflows/ci-unwelcome-words.yml |  1 +
 .github/workflows/scan.yml               | 12 ++++++++++++
 Dockerfile                               |  2 +-
 gradle/wrapper/gradle-wrapper.properties |  2 +-
 5 files changed, 35 insertions(+), 2 deletions(-)
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/scan.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..bf685f0
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,20 @@
+version: 2
+updates:
+  - package-ecosystem: gradle
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily
+  - package-ecosystem: github-actions
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily
\ No newline at end of file
diff --git a/.github/workflows/ci-unwelcome-words.yml b/.github/workflows/ci-unwelcome-words.yml
index 319d819..07cd844 100644
--- a/.github/workflows/ci-unwelcome-words.yml
+++ b/.github/workflows/ci-unwelcome-words.yml
@@ -5,6 +5,7 @@ on:
 
 jobs:
   test:
+    if: github.actor != 'dependabot[bot]'
     runs-on: ubuntu-20.04
     steps:
       - uses: actions/checkout@v4
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
new file mode 100644
index 0000000..613d18d
--- /dev/null
+++ b/.github/workflows/scan.yml
@@ -0,0 +1,12 @@
+name: Scan licenses and vulnerabilities in java project
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * 1'
+
+jobs:
+  build:
+    uses: th2-net/.github/.github/workflows/compound-java-scan.yml@main
+    secrets:
+      nvd-api-key: ${{ secrets.NVD_APIKEY }}
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index e33c367..57a2b21 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM gradle:8.7-jdk11 AS build
+FROM gradle:8.11.1-jdk11 AS build
 ARG Prelease_version=0.0.0
 COPY ./ .
 RUN gradle clean build dockerPrepare -p cradle-admin-tool-http -Prelease_version=${Prelease_version}
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index b82aa23..e2847c8 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME