Simplify GA

blootsvoets · blootsvoets · commit 9952de69654f · 2022-03-21T11:37:14.000+01:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -22,21 +22,13 @@ jobs:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v2
 
-      - uses: actions/setup-java@v1
+      - uses: actions/setup-java@v2
         with:
+          distribution: zulu
           java-version: 17
 
-      - name: Gradle cache
-        uses: actions/cache@v2
-        with:
-          # Cache gradle directories
-          path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          # An explicit key for restoring and saving the cache
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle.kts', 'gradle.properties') }}
-          restore-keys: |
-            ${{ runner.os }}-gradle-
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
 
       # Compile the code
       - name: Compile code
diff --git a/.github/workflows/publish_snapshots.yml b/.github/workflows/publish_snapshots.yml
@@ -21,21 +21,13 @@ jobs:
         id: is-snapshot
         run: grep 'version = ".*-SNAPSHOT"' build.gradle.kts
 
-      - uses: actions/setup-java@v1
+      - uses: actions/setup-java@v2
         with:
+          distribution: zulu
           java-version: 17
 
-      - name: Cache
-        uses: actions/cache@v2
-        with:
-          # Cache gradle directories
-          path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          # Key for restoring and saving the cache
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle.kts', 'gradle.properties') }}
-          restore-keys: |
-            ${{ runner.os }}-gradle
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
 
       - name: Install gpg secret key
         run: |
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,21 +17,14 @@ jobs:
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - uses: actions/checkout@v2
-      - uses: actions/setup-java@v1
+
+      - uses: actions/setup-java@v2
         with:
+          distribution: zulu
           java-version: 17
 
-      - name: Gradle cache
-        uses: actions/cache@v2
-        with:
-          # Cache gradle directories
-          path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          # An explicit key for restoring and saving the cache
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle.kts', 'gradle.properties') }}
-          restore-keys: |
-            ${{ runner.os }}-gradle-
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
 
       # Compile code
       - name: Compile code
diff --git a/.github/workflows/scheduled_snyk.yaml b/.github/workflows/scheduled_snyk.yaml
@@ -9,19 +9,21 @@ jobs:
       REPORT_FILE: test.json
     steps:
       - uses: actions/checkout@master
+      - uses: snyk/actions/setup@master
 
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/gradle-jdk11@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      - uses: actions/setup-java@v2
         with:
-          command: test
-          args: --json-file-output=${{ env.REPORT_FILE }}
+          distribution: zulu
+          java-version: 17
 
-      - name: Report new vulnerabilities
-        uses: thehyve/report-vulnerability@master
-        with:
-          report-file: ${{ env.REPORT_FILE }}
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+
+      - name: Run Snyk
         env:
-          TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        if: ${{ failure() }}
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        run: >
+          snyk test
+          --configuration-matching='^runtimeClasspath$'
+          --json-file-output=${{ env.REPORT_FILE }}
+          --org=radar-base
diff --git a/.github/workflows/snyk.yaml b/.github/workflows/snyk.yaml
@@ -8,9 +8,22 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master
+      - uses: snyk/actions/setup@master
+
+      - uses: actions/setup-java@v2
+        with:
+          distribution: zulu
+          java-version: 17
+
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/gradle-jdk11@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --severity-threshold=high
+        run: >
+          snyk test
+          --severity-threshold=high
+          --configuration-matching='^runtimeClasspath$'
+          --fail-on=upgradable
+          --org=radar-base
