Skip to content

Security fixes, dependency updates, gradle upgrade #28

Security fixes, dependency updates, gradle upgrade

Security fixes, dependency updates, gradle upgrade #28

Workflow file for this run

# Workflow to check whether changes to master fulfill all requirements.
name: Status checks
on:
push:
branches: [ master ]
pull_request:
schedule:
# Run every monday on 9:00 in the morning (UTC).
- cron: "0 9 * * 1"
# Make it possible to trigger the checks manually.
workflow_dispatch:
jobs:
build-webapp:
strategy:
matrix:
lang: [ en, nl ]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '18'
cache: yarn
cache-dependency-path: webapp/yarn.lock
- name: Install dependencies
working-directory: webapp
run: yarn --frozen-lockfile
- name: Build
working-directory: webapp
run: ./build.sh ${{ matrix.lang }}
- uses: actions/upload-artifact@v3
with:
name: webapp-${{ matrix.lang }}
path: webapp/build/
build-war:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v2
with:
java-version: '11'
distribution: temurin
cache: gradle
- name: Clean
run: ./gradlew clean
- name: Build
run: ./gradlew build
- name: Remove version number from WAR
run: mv build/libs/irma_sms_issuer-*.war build/libs/irma_sms_issuer.war
- uses: actions/upload-artifact@v3
with:
name: war
path: build/libs/irma_sms_issuer.war
analyze:
needs: build-war
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v2
with:
java-version: '11'
distribution: temurin
cache: gradle
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: java
queries: security-and-quality
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:java"