Skip to content

build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 (#695) #2534

build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 (#695)

build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1 (#695) #2534

Workflow file for this run

name: Build
on:
push:
branches: main
pull_request:
branches: main
schedule:
- cron: '0 16 * * *'
workflow_dispatch:
permissions:
contents: read
jobs:
build:
if: ${{ github.repository_owner == 'ihub-pub' }}
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up JDK 11
uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Build with Gradle
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0
with:
arguments: build -x test --scan
project-matrix:
if: ${{ github.repository_owner == 'ihub-pub' }}
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.name.outputs.test }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- id: name
name: Project Name Matrix
run: |
projects=()
for file in ./*
do
if [[ $file =~ "ihub-" ]]
then
projects[${#projects[@]}]=$(basename $file)
fi
done
p=$(IFS=,; echo "${projects[*]}")
p=${p//,/\",\"}
echo "test=[\"$p\"]" >> $GITHUB_OUTPUT
matrix-test:
runs-on: ubuntu-latest
needs: project-matrix
strategy:
matrix:
project_name: ${{ fromJson(needs.project-matrix.outputs.matrix) }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
disable-sudo: true
egress-policy: audit
- name: Checkout
if: ${{ matrix.project_name != 'ihub-plugins' }}
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Checkout ref main
if: ${{ matrix.project_name == 'ihub-plugins' }}
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: main
fetch-depth: 0
- name: Set up JDK 11
uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Testspace Setup CLI
uses: testspace-com/setup-testspace@ee1482f978eb5010ec27b6f6372904f01f2edd68 # v1.0.6
with:
domain: ${{ github.repository_owner }}
- name: Chmod
run: chmod +x ./gradlew
- name: Build with Gradle
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0
with:
arguments: ${{ matrix.project_name }}:test -DiHubTest.failFast=true
- name: Upload Coverage Reports
if: ${{ github.repository_owner == 'ihub-pub' }}
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
- name: Publish Results to Testspace
run: testspace */build/test-results/test/*.xml */build/reports/*/test/*.xml
- name: Upload Test Result
if: ${{ failure() }}
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: ${{ matrix.project_name }}-test
path: |
*/build/reports/tests
retention-days: 1
check:
runs-on: ubuntu-latest
needs: [ build, matrix-test ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
disable-sudo: true
egress-policy: audit
- name: Check Status
run: echo "Check Status"