diff --git a/.github/workflows/build-on-pull-request.yml b/.github/workflows/build-on-pull-request.yml index 07e011e..e85afa8 100644 --- a/.github/workflows/build-on-pull-request.yml +++ b/.github/workflows/build-on-pull-request.yml @@ -30,4 +30,5 @@ jobs: run: mvn clean install - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 \ No newline at end of file + uses: github/codeql-action/analyze@v2 + diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 3c90971..97b4a17 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -17,11 +17,17 @@ env: jobs: Package-test: runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false steps: - name: Checkout code uses: actions/checkout@v2 - - name: Setup JDK 8 uses: actions/setup-java@v2 with: diff --git a/.github/workflows/sast-and-package.yml b/.github/workflows/sast-and-package.yml new file mode 100644 index 0000000..97b4a17 --- /dev/null +++ b/.github/workflows/sast-and-package.yml @@ -0,0 +1,47 @@ +name: Package + +on: + push: + branches: [ "develop"] + paths-ignore: + - target/** + + pull_request: + branches: [ "develop" ] + paths-ignore: + - target/** + +env: + ENV_VAR: test + +jobs: + Package-test: + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + steps: + + - name: Checkout code + uses: actions/checkout@v2 + - name: Setup JDK 8 + uses: actions/setup-java@v2 + with: + java-version: 8 + distribution: 'adopt' + + - name: Build with Maven + run: mvn clean install -DENV_VAR=${{ env.ENV_VAR }} + + - name: Build WAR file + run: mvn -B package --file pom.xml + + - name: Upload WAR file as artifact + uses: actions/upload-artifact@v2 + with: + name: Identity-API + path: target/identity-0.0.1.war