-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added Github action build and dependencies submission for dependabot
- Loading branch information
Showing
2 changed files
with
79 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file | ||
|
|
||
| version: 2 | ||
| updates: | ||
| - package-ecosystem: "gradle" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "weekly" | ||
| ignore: | ||
| - dependency-name: "com.diffplug.spotless:spotless-plugin-gradle" | ||
| - dependency-name: "pl.allegro.tech.build:axion-release-plugin" | ||
| - dependency-name: "org.apache.sshd:sshd-common" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | ||
|
|
||
| name: Java CI with Gradle | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "main", "SRU2024_v10" ] | ||
| pull_request: | ||
| branches: [ "main" ] | ||
|
|
||
| jobs: | ||
|
|
||
| build: | ||
|
|
||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| # Set the JDK 11 for the latest code branch (Prowide Core v10) | ||
| - name: Set up JDK 11 | ||
| if: github.ref == 'refs/heads/SRU2024_v10' || github.head_ref == 'SRU2024_v10' | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| java-version: '11' | ||
| distribution: 'temurin' | ||
|
|
||
| # Set the JDK 8 for the legacy code branch | ||
| - name: Set up JDK 8 | ||
| if: github.ref != 'refs/heads/SRU2024_v10' && github.head_ref != 'SRU2024_v10' | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| java-version: '8' | ||
| distribution: 'temurin' | ||
|
|
||
| # Configure Gradle for optimal use in GitHub Actions, including caching of downloaded dependencies. | ||
| # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md | ||
| - name: Setup Gradle | ||
| uses: gradle/actions/setup-gradle@v4 | ||
|
|
||
| - name: Build with Gradle Wrapper | ||
| run: ./gradlew build | ||
|
|
||
| # This job generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies. | ||
| # We only do it for the SRU2024_v10 branch to avoid spamming the Dependabot alerts for the legacy Java 8 code. | ||
| dependency-submission: | ||
| if: github.ref == 'refs/heads/SRU2024_v10' || github.head_ref == 'SRU2024_v10' | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Set up JDK 11 | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| java-version: '11' | ||
| distribution: 'temurin' | ||
|
|
||
| # Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies. | ||
| # See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md | ||
| - name: Generate and submit dependency graph | ||
| uses: gradle/actions/dependency-submission@v4 | ||
| with: | ||
| dependency-graph-exclude-projects: ':buildSrc' |