VulnerableCode URL escape fixes #10878
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Test | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
env: | |
GRADLE_OPTS: -Dorg.gradle.daemon=false | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Build all classes | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: --scan classes -x :plugins:reporters:web-app-template:yarnBuild | |
build-web-app-reporter: | |
needs: build | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Build the web-app-reporter | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: --scan :plugins:reporters:web-app-template:yarnBuild | |
codeql-analysis: | |
needs: build | |
runs-on: ubuntu-22.04 | |
permissions: | |
security-events: write | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: java | |
tools: latest | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Build all classes | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: -Dorg.gradle.jvmargs=-Xmx1g classes -x :plugins:reporters:web-app-template:yarnBuild | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
test: | |
needs: build | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Run unit tests | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: --scan test jacocoTestReport -x :plugins:reporters:web-app-template:yarnBuild | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@v4 | |
with: | |
flags: test | |
funTest-non-docker: | |
needs: build-web-app-reporter | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Set tool version environment variables | |
run: cat .versions >> $GITHUB_ENV | |
- name: Install required tools | |
run: | | |
# Uninstall mono-devel because it contains the "lc" command which conflicts with BoyterLc. | |
sudo apt-get -qq remove mono-devel | |
# Install git-repo. | |
mkdir -p $HOME/.local/bin | |
curl https://storage.googleapis.com/git-repo-downloads/repo -o $HOME/.local/bin/repo | |
chmod a+x $HOME/.local/bin/repo | |
# Install Askalono for functional tests. | |
curl -LOs https://github.com/amzn/askalono/releases/download/$ASKALONO_VERSION/askalono-Linux.zip | |
unzip askalono-Linux.zip -d $HOME/.local/bin | |
# Install Boyter Lc for functional tests. | |
curl -LOs https://github.com/boyter/lc/releases/download/v$BOYTERLC_VERSION/lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip | |
unzip lc-$BOYTERLC_VERSION-x86_64-unknown-linux.zip -d $HOME/.local/bin | |
# Install Licensee for functional tests. | |
echo "gem: --bindir $HOME/.local/bin" > $HOME/.gemrc | |
gem install --user-install licensee -v $LICENSEE_VERSION | |
# Install ScanCode for license texts. | |
curl -Os https://raw.githubusercontent.com/nexB/scancode-toolkit/v$SCANCODE_VERSION/requirements.txt | |
pip install --no-cache-dir --constraint requirements.txt scancode-toolkit==$SCANCODE_VERSION | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Run functional tests that do not require external tools | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: --scan -Ptests.exclude=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@v4 | |
with: | |
flags: funTest-non-docker | |
funTest-docker: | |
runs-on: ubuntu-22.04 | |
container: | |
image: ghcr.io/oss-review-toolkit/ort:snapshot | |
options: --user 1001 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: Run functional tests that do require external tools | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-home-cache-cleanup: true | |
arguments: --scan -Ptests.include=org.ossreviewtoolkit.plugins.packagemanagers.* funTest jacocoFunTestReport | |
- name: Upload code coverage data | |
uses: codecov/codecov-action@v4 | |
with: | |
flags: funTest-docker |