Shared github workflows libraries adapted to eID applications and libraries.
All secrets used in the workflows are available in organization level for felleslosninger, so no need to add any secrets to your repository if located in https://github.com/felleslosninger.
For building branch on pull request created: maven-build.yml
Building and publish image and update *-cd repository. Starts when branch is merged to main: spring-boot-build-publish-image.yml and spring-boot-container-scan.yml. The second workflow depends on the first, both must be refert to as jobs in your application.
If you only need to publish to idporten-cd the script below contains both the workflows above spring-boot-build-publish-image-config.yml.
See how to configure for more details and examples for Spring boot applications.
Build java library on branch when pull request is created: maven-build-lib.yml.
Starts when a release is created (manually), then builds the maven artifacts and publish this to Github packages: maven-release-lib.yml.
See how to configure for more details and examples for Java libraries.
See check-syntax.yml for details. Only for internal use in current repository.
Uses Trivy https://github.com/aquasecurity/trivy through action Azure/container-scan. Will soon be replaced by Trivy action directly.
You can test container scan locally by download trivy and run trivy image <my-image:latest>.