forked from SORMAS-Foundation/SORMAS-Project
-
Notifications
You must be signed in to change notification settings - Fork 0
50 lines (42 loc) · 1.75 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
---
# This workflow will build a Java project with Maven
# For more information see:
# https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven
env:
JAVA: 11
PRIVILEGED_RUN: ${{ (github.event_name == 'push' && github.ref == 'refs/heads/development') || github.event.pull_request.head.repo.full_name == github.repository }}
CODEQL_LANGUAGES: 'java' # FIXME(@JonasCir) add 'javascript'
on: push
jobs:
ci:
name: SORMAS CI
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout repository
#(with token)
# Check if PR results from the repository: if yes, we have access to the secrets.
# The token is only needed for privileged actions from within the repo, so no need
# to make it available on 3rd party PRs
if: ${{ fromJSON(env.PRIVILEGED_RUN) }}
uses: actions/checkout@v2
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ env.CODEQL_LANGUAGES }}
- name: Set up JDK ${{ env.JAVA }}
uses: actions/setup-java@v1
with:
java-version: ${{ env.JAVA }}
- name: Cache Maven packages
# Check if PR results from the repository: if yes, it is safe to cache dependencies.
# This is to keep us safe from cache poisoning through 3rd party PRs.
#if: ${{ fromJSON(env.PRIVILEGED_RUN) }}
# FIXME(@JonasCir) #3733 remove '**/*.pom' once serverlib pom is renamed
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-java-${{ env.JAVA }}-m2-${{ hashFiles('**/pom.xml', '**/*.pom') }}
restore-keys: ${{ runner.os }}-java-${{ env.JAVA }}-m2