psychic-actions
Maven build and scan GitHub action
This action executes a project build and scan with sonar (if enabled).
parameters
| parameter | required | default | description |
|---|---|---|---|
| github-token | false | Github authorization token | |
| sonar-token | false | Sonar authorization token | |
| snyk-token | false | Snyk authorization token | |
| snyk-dockercontext | false | Docker context folder | |
| snyk-dockertag | false | Docker tag name | |
| snyk-image | false | Snyk image parameter | |
| snyk-args | false | Snyk args parameter | |
| java-version | true | ‘17’ | Java version |
| java-description | true | ‘corretto’ | Java distribution |
| maven-version | true | ‘3.9.6’ | Maven version |
| maven-additional-profiles | false | Additional maven profiles, should start with comma | |
| maven-additional-options | false | Additional maven options | |
| node-version | true | ‘20’ | Node version |
| disable-maven-dependency-submission | true | ‘false’ | Disable maven dependency submission (deprecated, will be ignored) |
| enable-maven-dependency-submission | true | ‘false’ | Enable maven dependency submission (substitutes disable-maven-dependency-submission ) |
| disable-upload-sarif | true | ‘false’ | Disable upload sarif |
| maven-core | true | ‘1’ | Number of core to use for maven build |
steps
| step | note |
|---|---|
| actions/checkout | |
| actions/setup-java | |
| actions/cache | |
| actions/setup-node | |
| Build and analyze | if ${github-token} and ${sonar-token} are both set |
| Build only | if ${github-token} or ${sonar-token} are not set |
| Build a Docker image | if ${snyk-dockercontext} and ${snyk-dockertag} are both set |
| snyk/actions/docker | if ${snyk-token} , ${snyk-image} and ${snyk-args} are all set |
| github/codeql-action/upload-sarif | if ${snyk-token} , ${snyk-image} and ${snyk-args} are all set |
| advanced-security/maven-dependency-submission-action | if ${disable-maven-dependency-submission } is not ‘true’ |
example
Some examples can be found in this project test workflows :
# CI with maven build and scan
#
# version 1.0.0
name: CI maven build and scan test latest
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- main
- develop
- branch-preview
pull_request:
types:
- opened
- synchronize
- reopened
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: fugerit-org/psychic-actions/maven-build-scan@main
with:
github-token: $
sonar-token: $
disable-maven-dependency-submission: $