Skip to content

Commit

Permalink
GitHub Actions: Modernize pipelines
Browse files Browse the repository at this point in the history
  • Loading branch information
saschpe committed Sep 7, 2023
1 parent c2ecba1 commit b2e242a
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 104 deletions.
14 changes: 0 additions & 14 deletions .github/workflows/gradle-wrapper-validation.yml

This file was deleted.

79 changes: 30 additions & 49 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -1,81 +1,62 @@
name: "Main CI"
on:
push:
pull_request:
branches: [ main ]
name: Main CI
on: [push]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
spotless:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v1
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Run Spotless
run: ./gradlew spotlessCheck

build:
runs-on: macos-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
runs-on: macos-12
steps:
- uses: actions/checkout@v1
- name: set up JDK 17
uses: actions/setup-java@v1
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Build with Gradle
run: ./gradlew build -x spotlessCheck
- name: Archive .gradle folder
uses: actions/upload-artifact@v1
with:
name: .gradle
path: .gradle
- name: Archive build folder
uses: actions/upload-artifact@v1
with:
name: build
path: build
- name: Archive log4k/build folder
uses: actions/upload-artifact@v1
run: ./gradlew build
- name: Archive build artifacts
uses: actions/upload-artifact@v3
with:
name: log4k_build
path: log4k/build
path: |
.gradle
build
log4k/build
log4k-slf4j/build
publish:
needs: build
runs-on: macos-latest
if: github.ref == 'refs/heads/master'
runs-on: macos-12
if: github.ref == 'refs/heads/main'
environment: Sonatype
env:
SONATYPE_GPG_KEY: ${{ secrets.SONATYPE_GPG_KEY }}
SONATYPE_GPG_KEY_PASSWORD: ${{ secrets.SONATYPE_GPG_KEY_PASSWORD }}
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v1
- name: set up JDK 17
uses: actions/setup-java@v1
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Download .gradle folder
uses: actions/download-artifact@v1
with:
name: .gradle
- name: Download build folder
uses: actions/download-artifact@v1
with:
name: build
- name: Download log4k/build folder
uses: actions/download-artifact@v1
- name: Download build artifacts
uses: actions/download-artifact@v3
with:
name: log4k_build
- name: Publish to Sonatype (Maven Central)
Expand Down
41 changes: 0 additions & 41 deletions .github/workflows/mobsf.yml

This file was deleted.

33 changes: 33 additions & 0 deletions .github/workflows/security.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Security
on: [push]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
mobfs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Python 3.10
uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Run mobsfscan
uses: MobSF/[email protected]
with:
args: . --sarif --output results.sarif || true
- name: Upload mobsfscan report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif

gradle-validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: gradle/wrapper-validation-action@v1

0 comments on commit b2e242a

Please sign in to comment.