Skip to content

chore(deps): update dependency org.apache.maven.plugins:maven-enforce… #50

chore(deps): update dependency org.apache.maven.plugins:maven-enforce…

chore(deps): update dependency org.apache.maven.plugins:maven-enforce… #50

Workflow file for this run

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Java CI with Maven
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: maven
server-id: github.pospai.snapshots
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Build with Maven
run: mvn -B verify -P container --file pom.xml
env:
MAVEN_USERNAME: rombert
MAVEN_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Run Trivy
uses: aquasecurity/trivy-action@0.12.0
with:
image-ref: 'rombert/pospai:latest'
format: 'table'
# exit-code: '1' TODO - enable once we get get no errors
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
- name: Login to DockerHub
if: ${{ github.ref == 'refs/heads/master' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push container image to DockerHub
if: ${{ github.ref == 'refs/heads/master' }}
run: mvn -f container/pom.xml docker:push