Skip to content

TECH-1662: Upgrade cyclonedx plugins for SBOM creation #14

TECH-1662: Upgrade cyclonedx plugins for SBOM creation

TECH-1662: Upgrade cyclonedx plugins for SBOM creation #14

Workflow file for this run

# This workflow is triggered every time a change is pushed to any branches
# Github actions command reference: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
name: On Code Change (PR)
# The workflow could also be triggered on PRs
on:
pull_request:
types: [opened, reopened, synchronize]
jobs:
update-signature:
name: Update module signature
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/update-signature@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
nexus_enterprise_releases_url: ${{ secrets.NEXUS_ENTERPRISE_RELEASES_URL }}
static-analysis:
name: Static Analysis (linting, vulns)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: Jahia/jahia-modules-action/static-analysis@v2
with:
node_version: 12
auditci_level: critical
build:
name: Build Module
needs: update-signature
runs-on: ubuntu-latest
container:
image: jahia/cimg-mvn-cache:ga_cimg_openjdk_8.0.312-node
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/build@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
module_id: search
sonar-analysis:
name: Sonar Analysis
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/sonar-analysis@v2
with:
primary_release_branch: master
github_pr_id: ${{github.event.number}}
sonar_url: ${{ secrets.SONAR_URL }}
sonar_token: ${{ secrets.SONAR_TOKEN }}