Skip to content

NH-86008: add codeql.yml and SECURITY.md #15

NH-86008: add codeql.yml and SECURITY.md

NH-86008: add codeql.yml and SECURITY.md #15

Workflow file for this run

name: Push
on:
push:
permissions:
packages: write
contents: write
id-token: write
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8.0.302
distribution: 'temurin'
- name: Run maven verify
run: |
mvn -s .github/m2/settings.xml clean verify
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/upload-artifact@v4
if: always()
with:
path: core/target/coverage-report
name: coverage report
- uses: actions/upload-artifact@v4
if: always()
with:
path: core/target/surefire-reports
name: unit test report
- name: Check shading(core)
run: |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
code=0
for path in $(jar tf "core/target/core-$VERSION.jar" | grep -E -v '^((com/solarwinds|META))')
do
PACKAGE=$(echo "$path" | awk -F/ '{print $2}')
if [ -n "$PACKAGE" ]; then
echo "Package ($path) is not shaded"
code=1
fi
done
exit $code
- name: Check shading(metric)
run: |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
code=0
for path in $(jar tf "metrics/target/metrics-$VERSION.jar" | grep -E -v '^((com/solarwinds|META))')
do
PACKAGE=$(echo "$path" | awk -F/ '{print $2}')
if [ -n "$PACKAGE" ]; then
echo "Package ($path) is not shaded"
code=1
fi
done
exit $code
deploy_snapshot:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 8
uses: actions/setup-java@v4
with:
java-version: 8.0.302
distribution: 'temurin'
- name: Deploy snapshot
run: |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
BRANCH=$(echo -n "${GITHUB_REF_NAME}" | sed -e 's/[^0-9a-zA-Z\._\-]/./g' | tr '[:upper:]' '[:lower:]')
GIT_HASH=$(git rev-parse --short "$GITHUB_SHA")
NEW_VERSION=${VERSION%%-SNAPSHOT}-$BRANCH-$GIT_HASH-SNAPSHOT
mvn versions:set -DnewVersion=$NEW_VERSION
mvn -s .github/m2/settings.xml -T 8 deploy -DskipTests
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}