Skip to content

Adds SECURITY.md and scanning workflow #132

Adds SECURITY.md and scanning workflow

Adds SECURITY.md and scanning workflow #132

Workflow file for this run

# yamllint --format github .github/workflows/test.yml
---
name: test
# We don't test documentation-only commits.
on:
# We run tests on non-tagged pushes to master that aren't a commit made by the release plugin
push:
tags: ''
branches: master
paths-ignore: '**/*.md'
# We also run tests on pull requests targeted at the master branch.
pull_request:
branches: master
paths-ignore: '**/*.md'
jobs:
test-javadoc:
name: Test JavaDoc Builds
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # earliest LTS supported by Spring Boot 3
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-jdk-17-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-17-maven-
- name: Build JavaDoc
run: ./mvnw clean javadoc:aggregate -Prelease
test:
name: test (JDK ${{ matrix.java_version }})
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
strategy:
fail-fast: false # don't fail fast as sometimes failures are operating system specific
matrix: # use latest available versions and be consistent on all workflows!
include:
- java_version: 17 # earliest LTS supported by Spring Boot 3
maven_args: -Prelease -Dgpg.skip -Dmaven.javadoc.skip=true
- java_version: 21 # Most recent LTS
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: ${{ matrix.java_version }}
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-jdk-${{ matrix.java_version }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-${{ matrix.java_version }}-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Test
run: build-bin/configure_test && build-bin/test ${{ matrix.maven_args }}