config category #318
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Budgeting service | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - ci-cd | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| style: | |
| runs-on: ubuntu-latest | |
| name: Check style | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Run maven checkstyle | |
| run: mvn checkstyle:checkstyle | |
| compile: | |
| runs-on: ubuntu-latest | |
| name: Compile project | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Compile project | |
| run: mvn clean compile | |
| unit-tests: | |
| runs-on: ubuntu-latest | |
| name: Unit tests | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Running unit tests | |
| run: mvn test jacoco:report | |
| build: | |
| runs-on: ubuntu-latest | |
| name: Build project | |
| needs: [compile, unit-tests] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Building project | |
| run: mvn package | |
| coverage: | |
| runs-on: ubuntu-latest | |
| env: | |
| FROM_ORIGINAL_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.ref == 'refs/heads/main' }} | |
| permissions: | |
| pull-requests: write | |
| packages: write | |
| name: Coverage and Package | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Building project | |
| run: mvn package | |
| - name: Add coverage report to PR | |
| uses: madrapps/jacoco-report@v1.6.1 | |
| if: ${{ env.FROM_ORIGINAL_REPOSITORY == 'true' }} | |
| with: | |
| paths: ${{github.workspace}}/target/site/jacoco/jacoco.xml | |
| token: ${{secrets.GITHUB_TOKEN}} | |
| min-coverage-overall: 30 | |
| min-coverage-changed-files: 20 | |
| title: 'Sunrise Coverage Report' | |
| update-comment: true | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| continue-on-error: false | |
| - name: Log in to the Container registry | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push Docker images | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| file: Dockerfile | |
| platforms: linux/amd64 | |
| tags: ghcr.io/${{ github.repository_owner }}/sun-rise:latest | |
| check: | |
| runs-on: ubuntu-latest | |
| name: Git-leaks check | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Gitleaks check | |
| run: | | |
| docker pull zricethezav/gitleaks:v8.18.4 | |
| docker run --rm -v ${{ github.workspace }}:/work -w /work zricethezav/gitleaks:v8.18.4 detect --source="." --config="/work/gitleaks.toml" --verbose --no-git |