Skip to content

Status checks

Status checks #70

Workflow file for this run

# Workflow to check whether changes to master fulfill all requirements.
name: Status checks
on:
push:
branches: [ master ]
pull_request:
schedule:
# Run every monday on 9:00 in the morning (UTC).
- cron: "0 9 * * 1"
# Make it possible to trigger the checks manually.
workflow_dispatch:
jobs:
build-webapp:
strategy:
matrix:
lang: [ en, nl ]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '18'
cache: yarn
cache-dependency-path: webapp/yarn.lock
- name: Install dependencies
working-directory: webapp
run: yarn --frozen-lockfile
- name: Build
working-directory: webapp
run: ./build.sh ${{ matrix.lang }}
- uses: actions/upload-artifact@v3
with:
name: webapp-${{ matrix.lang }}
path: webapp/build/
build-war:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v2
with:
java-version: '11'
distribution: temurin
cache: gradle
- name: Clean
run: ./gradlew clean
- name: Build
run: ./gradlew build
- uses: actions/upload-artifact@v4
with:
name: war
path: build/libs/irma_sms_issuer.war
analyze:
needs: build-war
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v2
with:
java-version: '11'
distribution: temurin
cache: gradle
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: java
queries: security-and-quality
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:java"
dependency-submission:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Generate and submit dependency graph
uses: gradle/actions/dependency-submission@v3