Turn dependency-check-maven back on for accesscontroltool-bundle #483
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Java CI | |
on: [push, pull_request] | |
jobs: | |
build: | |
name: ${{ matrix.isMainBuildEnv && 'Primary Build' || 'Secondary Build' }} | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest, macOS-latest] | |
jdk: [11, 17, 21] | |
include: | |
# lengthy build steps should only be performed on linux with Java 17 (Sonarcloud analysis, deployment) | |
- os: ubuntu-latest | |
jdk: 17 | |
isMainBuildEnv: true | |
fail-fast: false | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.jdk }} | |
# generate settings.xml with the correct values | |
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml | |
server-username: MAVEN_USERNAME # env variable for username in deploy | |
server-password: MAVEN_PASSWORD # env variable for token in deploy | |
cache: 'maven' | |
- name: Build with Maven | |
if: '!matrix.isMainBuildEnv' | |
run: mvn -e -B -V -Pintegration-tests clean verify | |
- name: Build and Analyse with Maven | |
if: github.ref != 'refs/heads/develop' && matrix.isMainBuildEnv | |
env: | |
# NVD API key used by dependency-check | |
NVD_API_KEY: ${{ secrets.NVD_API_KEY }} | |
# SonarCloud access token should be generated from https://sonarcloud.io/account/security/ | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
# Needed to get some information about the pull request, if any | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Necessary for IMS IT | |
ACTOOL_IMS_IT_ORGANIZATIONID: ${{ vars.ACTOOL_IMS_IT_ORGANIZATIONID }} | |
ACTOOL_IMS_IT_CLIENTID: ${{ vars.ACTOOL_IMS_IT_CLIENTID }} | |
ACTOOL_IMS_IT_CLIENTSECRET: ${{ secrets.ACTOOL_IMS_IT_CLIENTSECRET }} | |
ACTOOL_IMS_IT_PRODUCTPROFILE: ${{ vars.ACTOOL_IMS_IT_PRODUCTPROFILE }} | |
run: mvn -e -B -V clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=Netcentric_accesscontroltool -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -DnvdApiKeyEnvironmentVariable=NVD_API_KEY -Pdependency-check,coverage-report,integration-tests | |
- name: Build, Analyse and Deploy with Maven | |
if: github.ref == 'refs/heads/develop' && matrix.isMainBuildEnv | |
env: | |
# NVD API key used by dependency-check | |
NVD_API_KEY: ${{ secrets.NVD_API_KEY }} | |
MAVEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USER }} | |
MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }} | |
# SonarCloud access token should be generated from https://sonarcloud.io/account/security/ | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
# Needed to get some information about the pull request, if any | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Necessary for IMS IT | |
ACTOOL_IMS_IT_ORGANIZATIONID: ${{ vars.ACTOOL_IMS_IT_ORGANIZATIONID }} | |
ACTOOL_IMS_IT_CLIENTID: ${{ vars.ACTOOL_IMS_IT_CLIENTID }} | |
ACTOOL_IMS_IT_CLIENTSECRET: ${{ secrets.ACTOOL_IMS_IT_CLIENTSECRET }} | |
ACTOOL_IMS_IT_PRODUCTPROFILE: ${{ vars.ACTOOL_IMS_IT_PRODUCTPROFILE }} | |
run: mvn -e -B -V clean deploy org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=Netcentric_accesscontroltool -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -DnvdApiKeyEnvironmentVariable=NVD_API_KEY -Pdependency-check,coverage-report,integration-tests |