File tree Expand file tree Collapse file tree 1 file changed +56
-0
lines changed
Expand file tree Collapse file tree 1 file changed +56
-0
lines changed Original file line number Diff line number Diff line change 1+ name : " Dependency Check"
2+
3+ on :
4+ push :
5+ branches : [ 'develop', 'master', 'release_**' ]
6+ pull_request :
7+ branches : [ 'develop', "release_**" ]
8+ schedule :
9+ - cron : ' 25 6 * * *'
10+
11+ jobs :
12+ dependency-check :
13+ name : Dependency Check
14+ runs-on : ubuntu-latest
15+
16+ steps :
17+ - name : Checkout repository
18+ uses : actions/checkout@v4
19+
20+ - name : Cache ODC data
21+ uses : actions/cache@v3
22+ with :
23+ path : ~/.dependency-check/data
24+ key : ${{ runner.os }}-odc-data-${{ hashFiles('**/build.gradle') }}
25+ restore-keys : |
26+ ${{ runner.os }}-odc-data-
27+
28+ name : Set up JDK 8
29+ uses : actions/setup-java@v3
30+ with :
31+ java-version : ' 8'
32+ distribution : ' temurin'
33+
34+ - name : Gradlew build
35+ run : ./gradlew clean --refresh-dependencies --no-daemon -S -Dorg.gradle.warning.mode=none build -x test
36+
37+ - name : Dependency Check
38+ uses :
dependency-check/[email protected] 39+ env :
40+ # actions/setup-java@v1 changes JAVA_HOME, so it needs to be reset to match the depcheck image
41+ JAVA_HOME : /opt/jdk
42+ with :
43+ project : ' java-tron'
44+ path : ' .'
45+ format : ' HTML'
46+ out : ' reports'
47+ - name : Generate timestamp
48+ run : echo "BUILD_TIMESTAMP=$(date -u +"%Y%m%d-%H%M%S")" >> $GITHUB_ENV
49+ - name : Get Repository Name
50+ run : echo "REPO_NAME=$(echo '${{ github.repository }}' | cut -d'/' -f2)" >> $GITHUB_ENV
51+ - name : Upload report
52+ if : always()
53+ uses : actions/upload-artifact@v4
54+ with :
55+ name : dependency-check-${{ env.REPO_NAME }}-${{ env.BUILD_TIMESTAMP }}
56+ path : ${{github.workspace}}/reports
You can’t perform that action at this time.
0 commit comments