Skip to content

Commit

Permalink
ci: Add github build workflows (#2)
Browse files Browse the repository at this point in the history
  • Loading branch information
usmansaleem authored Jul 4, 2024
1 parent 1ff2b50 commit 1daab84
Show file tree
Hide file tree
Showing 5 changed files with 118 additions and 0 deletions.
35 changes: 35 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# SPDX-License-Identifier: (Apache-2.0 OR MIT)

# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow
# execution time. For more information see:
# https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle

name: CI

on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]

jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'

# Configure Gradle for optimal use in GiHub Actions, including caching of downloaded dependencies.
# See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md
- name: Setup Gradle
uses: gradle/actions/setup-gradle@db19848a5fa7950289d3668fb053140cf3028d43 # v3.3.2

- name: Build
run: ./gradlew clean build
22 changes: 22 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# SPDX-License-Identifier: (Apache-2.0 OR MIT)
# This workflow scans pull requests for dependency changes, and will raise an error if any vulnerabilities or
# invalid licenses are being introduced.
# See https://github.com/actions/dependency-review-action

name: dependency-review

on:
pull_request:

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Dependency Review'
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 #4.3.2
with:
retry-on-snapshot-warnings: true
retry-on-snapshot-warnings-timeout: 600
22 changes: 22 additions & 0 deletions .github/workflows/download-dependency-graph.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# SPDX-License-Identifier: (Apache-2.0 OR MIT)
# This workflow downloads the saved dependency graph and submits it to GitHub, enabling Dependabot Alerts for all
# project dependencies.
name: download-submit-dependency-graph

on:
workflow_run:
workflows: ['upload-dependency-graph']
types: [completed]

permissions:
contents: write

jobs:
submit-dependency-graph:
runs-on: ubuntu-latest
steps:
# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
- name: Download and submit dependency graph
uses: gradle/actions/dependency-submission@d211a39090cba0cdce485f2a0b1f28f39ccda0c9 # v3.3.2
with:
dependency-graph: download-and-submit # Download saved dependency-graph and submit
24 changes: 24 additions & 0 deletions .github/workflows/upload-dependency-graph.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# SPDX-License-Identifier: (Apache-2.0 OR MIT)

name: upload-dependency-graph

on:
pull_request:

permissions:
contents: read # 'write' permission is not available

jobs:
dependency-submission:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 21
# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
- name: Generate and save dependency graph
uses: gradle/actions/dependency-submission@d211a39090cba0cdce485f2a0b1f28f39ccda0c9 # v3.3.2
with:
dependency-graph: generate-and-upload
15 changes: 15 additions & 0 deletions .github/workflows/wrapper-validation.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# SPDX-License-Identifier: (Apache-2.0 OR MIT)

name: "Validate Gradle Wrapper"

on: [push, pull_request]

jobs:
validation:
name: "Validation"
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- uses: gradle/actions/wrapper-validation@d211a39090cba0cdce485f2a0b1f28f39ccda0c9

0 comments on commit 1daab84

Please sign in to comment.