Skip to content

fix: pom.xml to reduce vulnerabilities #526

fix: pom.xml to reduce vulnerabilities

fix: pom.xml to reduce vulnerabilities #526

Workflow file for this run

name: Viestinvalityspalvelu build workflow
on:
workflow_dispatch:
release:
types: [ created ]
push:
paths-ignore:
- '**.md'
jobs:
build-and-test:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'corretto'
cache: 'maven'
- name: Build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn clean package
deploy-client-library:
needs: [ build-and-test ]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'corretto'
cache: 'maven'
- name: Deploy Client Library
if: ${{ success() }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn deploy --batch-mode -DskipTests -pl kirjasto -am
# deploy vain default branchista: ${{ success() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}
deploy-zips:
needs: [ build-and-test ]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-next-env
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'corretto'
cache: 'maven'
- name: Build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn clean package -DskipTests
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
with:
role-to-assume: ${{ secrets.AWS_OPH_UTILITY_ROLE_ARN }}
role-session-name: viestinvalityspalvelu-deploy-zip
aws-region: eu-west-1
- name: Build raportointi
run: |
cd viestinvalitys-raportointi
npm install
npm run build
- name: Deploy Lambda Packages to S3
if: ${{ success() }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BUCKET: ${{ secrets.BUCKET }}
run: |
aws s3 cp --no-progress ./lambdat/vastaanotto/target/vastaanotto.zip s3://"$BUCKET"/ga-${{github.run_number}}-vastaanotto.zip
aws s3 cp --no-progress ./lambdat/raportointi/target/raportointi.zip s3://"$BUCKET"/ga-${{github.run_number}}-raportointi.zip
aws s3 cp --no-progress ./lambdat/ajastus/target/ajastus.zip s3://"$BUCKET"/ga-${{github.run_number}}-ajastus.zip
aws s3 cp --no-progress ./lambdat/lahetys/target/lahetys.zip s3://"$BUCKET"/ga-${{github.run_number}}-lahetys.zip
aws s3 cp --no-progress ./lambdat/skannaus/target/skannaus.zip s3://"$BUCKET"/ga-${{github.run_number}}-skannaus.zip
aws s3 cp --no-progress ./lambdat/tilapaivitys/target/tilapaivitys.zip s3://"$BUCKET"/ga-${{github.run_number}}-tilapaivitys.zip
aws s3 cp --no-progress ./lambdat/siivous/target/siivous.zip s3://"$BUCKET"/ga-${{github.run_number}}-siivous.zip
aws s3 cp --no-progress ./lambdat/migraatio/target/migraatio.zip s3://"$BUCKET"/ga-${{github.run_number}}-migraatio.zip
- name: Deploy Static Site to S3
if: ${{ success() }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BUCKET: ${{ secrets.BUCKET }}
run: |
zip -r static.zip ./static
aws s3 cp --no-progress static.zip s3://"$BUCKET"/ga-${{github.run_number}}-static.zip
- name: Deploy Raportointi to S3
if: ${{ success() }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BUCKET: ${{ secrets.BUCKET }}
run: |
cd viestinvalitys-raportointi
zip -r raportointi-kayttoliittyma.zip .next/*.* .next/BUILD_ID .next/static .next/standalone public
aws s3 cp --no-progress raportointi-kayttoliittyma.zip s3://"$BUCKET"/ga-${{github.run_number}}-raportointi-kayttoliittyma.zip