fix(deps): update all dependencies #72

Workflow file for this run

.github/workflows/dev-commit-stage.yml at d9e45f6

	name: Commit Stage 🤖
	on:
	push:
	branches: [ feature/*, develop ]
	pull_request:
	branches: [ main, develop ]

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}
	VERSION: ${{ github.sha }}
	CI: CI
	NATIVE_IMAGE_ENABLED: enabled
	CI_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}

	permissions:
	packages: write
	contents: write
	issues: write

	jobs:
	validation:
	name: Validation 👀
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Validate Gradle wrapper
	uses: gradle/[email protected]

	- name: Install Tools & Dependencies
	uses: ./.github/actions/install/node

	- name: Run Check
	run: pnpm run check
	build:
	name: Build and Test 🧪
	needs: [ validation ]
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: 🔍 CI_GITHUB_TOKEN
	if: env.CI_GITHUB_TOKEN == ''
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: echo "CI_GITHUB_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV

	- name: Checkout source code
	uses: actions/checkout@v4

	- name: Install Java Tools & Dependencies
	uses: ./.github/actions/install/java
	with:
	java-version: 21
	gradle-arguments: build --scan

	- name: Source code vulnerability scanning
	uses: aquasecurity/trivy-action@master
	with:
	scan-type: 'fs'
	format: 'sarif'
	output: 'trivy-results-source-code.sarif'

	- name: Upload vulnerability report
	uses: github/codeql-action/upload-sarif@v3
	if: success() \|\| failure()
	with:
	sarif_file: 'trivy-results-source-code.sarif'
	category: source-code

	code-coverage:
	name: Code Coverage 📊
	needs: [ build ]
	runs-on: ubuntu-latest
	steps:
	- name: Checkout source code
	uses: actions/checkout@v4
	with:
	token: ${{ env.CI_GITHUB_TOKEN }}

	- name: Install Java Tools & Dependencies
	uses: ./.github/actions/install/java

	- name: Install Tools & Dependencies
	uses: ./.github/actions/install/node

	- name: Run Code Coverage
	run: \|
	./gradlew koverXmlReport --no-daemon --stacktrace

	- name: Upload coverage reports
	uses: codecov/codecov-action@v3
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: build/reports/kover/report.xml
	fail_ci_if_error: true # optional (default = false)
	verbose: true # optional (default = false)

	static-analysis-security:
	name: 🔮 Static analysis and 🔒Security Checks
	needs: [ validation ]
	runs-on: ubuntu-latest

	steps:
	- name: 🔄 Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Install Java Tools & Dependencies
	uses: ./.github/actions/install/java

	- name: Install Tools & Dependencies
	uses: ./.github/actions/install/node

	- name: Check OWASP 🛡️
	run: ./gradlew dependencyCheckAnalyze --no-daemon --stacktrace

	- name: Upload owasp-report results 🛡️⬆️
	uses: actions/upload-artifact@v4
	with:
	name: owasp-reports
	path: build/reports/owasp

	- name: Run detekt
	run: ./gradlew detektAll --no-daemon --stacktrace

	- name: Upload static reports artifact
	uses: actions/[email protected]
	with:
	name: static-report
	path: \|
	build/reports/detekt/detekt.xml
	**/build/reports/lint-results-debug.xml
	retention-days: 1

	- name: Analyze detekt report
	uses: github/codeql-action/[email protected]
	with:
	sarif_file: build/reports/detekt/detekt.sarif
	checkout_path: ${{ github.workspace }}

	package:
	name: Package and Publish 📦
	needs: [ build ]
	runs-on: ubuntu-latest
	permissions: write-all
	steps:
	- name: Checkout source code
	uses: actions/checkout@v4

	- name: Install Java Tools & Dependencies
	uses: ./.github/actions/install/java

	- name: Execute Gradle build
	run: \|
	chmod +x gradlew
	./gradlew assemble
	./gradlew bootBuildImage --imageName ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}

	- name: OCI image vulnerability scanning
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
	format: 'sarif'
	output: 'trivy-results-oci-image.sarif'
	- name: Upload vulnerability report
	uses: github/codeql-action/upload-sarif@v3
	if: success() \|\| failure()
	with:
	sarif_file: 'trivy-results-oci-image.sarif'
	- name: Log into container registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ env.CI_GITHUB_TOKEN }}
	- name: Publish container image
	run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
	- name: Publish container image (latest)
	run: \|
	docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} \
	${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
	docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update all dependencies #72

Workflow file

fix(deps): update all dependencies #72

Jobs

Run details

Workflow file for this run