Bump com.github.ekryd.sortpom:sortpom-maven-plugin from 3.2.1 to 3.3.0 #252
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is the workflow pipeline that runs the default build and checks that are | |
| # needed for this repository. It is triggered by commits on the base branches | |
| # and in pull requests to execute the differential checks that are required the | |
| # pull request. Furthermore, it is triggered regularly to notify about recent | |
| # security issues or other external changes that may break the project checks. | |
| name: Default Pipeline | |
| on: | |
| push: | |
| branches: [ main, 'maintenance-[0-9]+.[0-9]+' ] | |
| pull_request: | |
| # For the CodeQL workflow, the branches below must be a subset of the branches above. | |
| branches: [ main, 'maintenance-[0-9]+.[0-9]+' ] | |
| paths-ignore: [ '**/*.md' ] | |
| schedule: | |
| - cron: '27 11 * * 4' | |
| permissions: | |
| actions: read | |
| contents: write | |
| security-events: write | |
| jobs: | |
| build: | |
| name: Build | |
| uses: CoreMedia/github-actions/.github/workflows/[email protected] | |
| with: | |
| maven_command: | | |
| mvn --batch-mode --fail-at-end \ | |
| clean install javadoc:javadoc \ | |
| -Pintegration-test,default-image,docs-third-party \ | |
| -Dsort.verifyFail=stop | |
| maven_settings: .github/workflows/assets/settings.xml | |
| secrets: | |
| maven_repo_user: ${{ secrets.PLUGINS_NEXUS_USER }} | |
| maven_repo_password: ${{ secrets.PLUGINS_NEXUS_PASSWORD }} | |
| codeql: | |
| name: CodeQL | |
| needs: [ build ] | |
| uses: CoreMedia/github-actions/.github/workflows/[email protected] | |
| with: | |
| languages: "['java']" | |
| queries: security-and-quality | |
| trivy: | |
| name: Trivy | |
| needs: [ build ] | |
| uses: CoreMedia/github-actions/.github/workflows/[email protected] | |
| with: | |
| build_image_command: | | |
| mvn --batch-mode \ | |
| --file headless-server-commerce-app \ | |
| install \ | |
| -Pdefault-image \ | |
| -Dapplication.image-prefix=coremedia \ | |
| -Dapplication.image-suffix=headless-server-commerce \ | |
| -Dapplication.image-tag=${{ github.sha }} \ | |
| -Denforcer.skip=true \ | |
| -Dmdep.analyze.skip=true \ | |
| -DskipTests=true \ | |
| -Dsort.skip=true | |
| scan_image_ref: "coremedia/headless-server-commerce:${{ github.sha }}" | |
| scan_config: .github/workflows/assets/trivy.yml | |
| teams: | |
| name: MS Teams | |
| needs: [ build, codeql, trivy ] | |
| if: ${{ !success() && github.event_name == 'schedule' }} | |
| uses: CoreMedia/github-actions/.github/workflows/[email protected] | |
| with: | |
| workflow: ${{ github.workflow }} | |
| run_id: ${{ github.run_id }} | |
| run_result: ${{ contains(join(needs.*.result, ','), 'cancelled') && 'cancelled' || 'failure' }} | |
| facts_json: | | |
| [ | |
| ${{ join(needs.*.outputs.teams_fact_json, ',') }} | |
| ] | |
| secrets: | |
| webhook: ${{ secrets.TEAMS_WEBHOOK_TOKO_CI_NOTIFICATIONS }} |