mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2025-02-07 00:17:07 +01:00
9d2c23f612
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v5.4.0</h2> <h2>What's Changed</h2> <h3>Enhancements:</h3> <ul> <li>Update cache error message by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/968">actions/setup-python#968</a></li> <li>Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/985">actions/setup-python#985</a></li> <li>Configure Dependabot settings by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li> </ul> <h3>Documentation changes:</h3> <ul> <li>Readme update - recommended permissions by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li> <li>Improve Advanced Usage examples by <a href="https://github.com/lrq3000"><code>@lrq3000</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>undici</code> from 5.28.4 to 5.28.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1012">actions/setup-python#1012</a></li> <li>Upgrade <code>urllib3</code> from 1.25.9 to 1.26.19 in /<strong>tests</strong>/data by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/895">actions/setup-python#895</a></li> <li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1014">actions/setup-python#1014</a></li> <li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1020">actions/setup-python#1020</a></li> <li>Upgrade <code>requests</code> from 2.24.0 to 2.32.2 in /<strong>tests</strong>/data by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1019">actions/setup-python#1019</a></li> <li>Upgrade <code>@actions/cache</code> to <code>^4.0.0</code> by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1007">actions/setup-python#1007</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li> <li><a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li> <li><a href="https://github.com/lrq3000"><code>@lrq3000</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v5.4.0">https://github.com/actions/setup-python/compare/v5...v5.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="42375524e2"><code>4237552</code></a> Improve Advanced Usage examples (<a href="https://redirect.github.com/actions/setup-python/issues/645">#645</a>)</li> <li><a href="709bfa58ba"><code>709bfa5</code></a> Bump requests from 2.24.0 to 2.32.2 in /<strong>tests</strong>/data (<a href="https://redirect.github.com/actions/setup-python/issues/1019">#1019</a>)</li> <li><a href="ceb20b242d"><code>ceb20b2</code></a> Bump <code>@actions/http-client</code> from 2.2.1 to 2.2.3 (<a href="https://redirect.github.com/actions/setup-python/issues/1020">#1020</a>)</li> <li><a href="0dc2d2cf0c"><code>0dc2d2c</code></a> Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a href="https://redirect.github.com/actions/setup-python/issues/1014">#1014</a>)</li> <li><a href="feb9c6e7c6"><code>feb9c6e</code></a> Bump urllib3 from 1.25.9 to 1.26.19 in /<strong>tests</strong>/data (<a href="https://redirect.github.com/actions/setup-python/issues/895">#895</a>)</li> <li><a href="d0b4fc497a"><code>d0b4fc4</code></a> Bump undici from 5.28.4 to 5.28.5 (<a href="https://redirect.github.com/actions/setup-python/issues/1012">#1012</a>)</li> <li><a href="e3dfaac0fd"><code>e3dfaac</code></a> Configure Dependabot settings (<a href="https://redirect.github.com/actions/setup-python/issues/1008">#1008</a>)</li> <li><a href="b8cf3eb1eb"><code>b8cf3eb</code></a> Use the new cache service: upgrade <code>@actions/cache</code> to <code>^4.0.0</code> (<a href="https://redirect.github.com/actions/setup-python/issues/1007">#1007</a>)</li> <li><a href="1928ae624d"><code>1928ae6</code></a> Update README.md (<a href="https://redirect.github.com/actions/setup-python/issues/1009">#1009</a>)</li> <li><a href="3fddbee787"><code>3fddbee</code></a> Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 (<a href="https://redirect.github.com/actions/setup-python/issues/985">#985</a>)</li> <li>Additional commits viewable in <a href="0b93645e9f...42375524e2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
122 lines
4.1 KiB
YAML
122 lines
4.1 KiB
YAML
name: Build repo
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
pull_request:
|
|
branches: ["main"]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
permissions:
|
|
actions: read
|
|
security-events: write
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
jdk-version: [17, 21]
|
|
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
|
|
- name: Set up JDK ${{ matrix.jdk-version }}
|
|
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
|
|
with:
|
|
java-version: ${{ matrix.jdk-version }}
|
|
distribution: "temurin"
|
|
|
|
- name: PR | Generate verification metadata with signatures and checksums for dependabot[bot]
|
|
if: github.event.pull_request.user.login == 'dependabot[bot]'
|
|
run: |
|
|
./gradlew clean dependencies buildEnvironment spotlessApply --write-verification-metadata sha256 --refresh-dependencies help
|
|
./gradlew clean dependencies buildEnvironment spotlessApply --write-verification-metadata sha256,pgp --refresh-keys --export-keys --refresh-dependencies help
|
|
|
|
- name: Build with Gradle and no spring security
|
|
run: ./gradlew clean build
|
|
env:
|
|
DOCKER_ENABLE_SECURITY: false
|
|
|
|
- name: Build with Gradle and with spring security
|
|
run: ./gradlew clean build
|
|
env:
|
|
DOCKER_ENABLE_SECURITY: true
|
|
|
|
- name: Upload Test Reports
|
|
if: always()
|
|
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
|
|
with:
|
|
name: test-reports-jdk-${{ matrix.jdk-version }}
|
|
path: |
|
|
build/reports/tests/
|
|
build/test-results/
|
|
build/reports/problems/
|
|
retention-days: 3
|
|
|
|
docker-compose-tests:
|
|
# if: github.event_name == 'push' && github.ref == 'refs/heads/main' ||
|
|
# (github.event_name == 'pull_request' &&
|
|
# contains(github.event.pull_request.labels.*.name, 'licenses') == false &&
|
|
# (
|
|
# contains(github.event.pull_request.labels.*.name, 'Front End') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'Java') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'Back End') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'Security') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'API') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'Docker') ||
|
|
# contains(github.event.pull_request.labels.*.name, 'Test')
|
|
# )
|
|
# )
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
|
|
- name: Set up Java 17
|
|
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
|
|
with:
|
|
java-version: "17"
|
|
distribution: "adopt"
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
|
|
|
|
- name: Install Docker Compose
|
|
run: |
|
|
sudo curl -SL "https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
|
|
sudo chmod +x /usr/local/bin/docker-compose
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
|
|
with:
|
|
python-version: "3.12"
|
|
cache: 'pip' # caching pip dependencies
|
|
|
|
- name: Pip requirements
|
|
run: |
|
|
pip install --require-hashes -r ./testing/cucumber/requirements.txt
|
|
|
|
- name: Run Docker Compose Tests
|
|
run: |
|
|
chmod +x ./testing/test_webpages.sh
|
|
chmod +x ./testing/test.sh
|
|
./testing/test.sh "${{ github.event.pull_request.user.login == 'dependabot[bot]' }}"
|