File tree Expand file tree Collapse file tree 1 file changed +52
-0
lines changed
Expand file tree Collapse file tree 1 file changed +52
-0
lines changed Original file line number Diff line number Diff line change 1+ name : EUM Server Tests
2+
3+ on :
4+ # schedule:
5+ # - cron: "* * * * *"
6+ # "0 8 1,15 * *" At 08:00 on day-of-month 1 and 15.
7+ push :
8+
9+ jobs :
10+ security-check :
11+ name : Security Check
12+ runs-on : ubuntu-latest
13+ container : openjdk:17-jdk-slim
14+ steps :
15+ - uses : actions/checkout@v3
16+ - name : Grant execute permission for gradlew
17+ run : chmod +x gradlew
18+ - name : build
19+ run : ./gradlew assemble
20+ # the action has not been updated a while, but it always uses the latest plugin version
21+ - name : Run DependencyCheck plugin
22+ uses : dependency-check/Dependency-Check_Action@main
23+ id : depcheck
24+ continue-on-error : true # we still want to upload the report
25+ with :
26+ project : ${{ github.repository }}
27+ path : ' .'
28+ format : ' HTML'
29+ out : ' reports'
30+ args : >
31+ --failOnCVSS 6
32+ --suppression dependencyCheckSuppression.xml
33+ --disableAssembly
34+ --nvdApiKey ${{ secrets.NVD_API_KEY }}
35+ --nvdApiDelay 10000
36+ name : Upload test results
37+ uses : actions/upload-artifact@v3
38+ with :
39+ name : dependency-check-report-eum-server
40+ path : ${{ github.workspace }}/reports
41+ - name : Send Notification
42+ 43+ with :
44+ webhook : " https://hooks.slack.com/services/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" # just for testing ;)
45+ webhook-type : incoming-webhook
46+ payload : |
47+ text: "*GitHub Action build result*: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
48+ blocks:
49+ - type: "section"
50+ text:
51+ type: "mrkdwn"
52+ text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
You can’t perform that action at this time.
0 commit comments