|
1 | | -# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time |
2 | | -# For more information see: https://docs.github.com/en/actions/automating builds-and-tests/building-and-testing-java-with-maven |
3 | | -# This workflow uses actions that are not certified by GitHub. |
4 | | -# They are provided by a third-party and are governed by |
5 | | -# separate terms of service, privacy policy, and support |
6 | | -# documentation. |
| 1 | +# This workflow will build a Java project with Maven, and cache/restore any |
| 2 | +# dependencies to improve the workflow execution time. |
| 3 | +# For more information, see: https://docs.github.com/en/actions/automating |
| 4 | +# This workflow uses actions that are not certified by GitHub. |
| 5 | + |
7 | 6 | name: Java CI with Maven |
| 7 | + |
8 | 8 | on: |
9 | | -push: |
10 | | - branches: [ "master" ] |
11 | | -pull_request: |
12 | | - branches: [ "master" ] |
| 9 | + push: |
| 10 | + branches: [ "master" ] |
| 11 | + pull_request: |
| 12 | + branches: [ "master" ] |
| 13 | + |
13 | 14 | jobs: |
14 | | - build: |
15 | | - runs-on: ubuntu-latest |
16 | | - steps: |
17 | | - - uses: actions/checkout@v4 |
18 | | - - name: Set up JDK 17 |
19 | | - uses: actions/setup-java@v4 |
20 | | - with: |
21 | | - java-version: '17' |
22 | | - distribution: 'temurin' |
23 | | - cache: maven |
24 | | - -name: Build with Maven |
25 | | - run: mvn -B package --file pom.xml |
26 | | - |
| 15 | + build: |
| 16 | + runs-on: ubuntu-latest |
| 17 | + steps: |
| 18 | + - name: Checkout Repository |
| 19 | + uses: actions/checkout@v4 |
| 20 | + |
| 21 | + - name: Set up JDK 17 |
| 22 | + uses: actions/setup-java@v4 |
| 23 | + with: |
| 24 | + java-version: '17' |
| 25 | + distribution: 'temurin' |
| 26 | + cache: maven |
| 27 | + |
| 28 | + - name: Build with Maven |
| 29 | + run: mvn -B package --file pom.xml |
| 30 | + |
27 | 31 | semgrep: |
28 | | - # User definable name of this GitHub Actions job. |
29 | | - name: semgrep/ci |
30 | | - # If you are self-hosting, change the following `runs-on` value: |
| 32 | + name: Semgrep CI |
31 | 33 | runs-on: ubuntu-latest |
32 | 34 | container: |
33 | | - # A Docker image with Semgrep installed. Do not change this. |
34 | 35 | image: semgrep/semgrep |
| 36 | + |
35 | 37 | steps: |
36 | | - # Fetch project source with GitHub Actions Checkout. Use either v3 or v4. |
37 | | - - uses: actions/checkout@v4 |
38 | | - # Run the "semgrep ci" command on the command line of the docker image. |
39 | | - - run: semgrep ci --sarif > semgrep.sarif |
| 38 | + - name: Checkout Repository |
| 39 | + uses: actions/checkout@v4 |
| 40 | + |
| 41 | + - name: Run Semgrep Security Scan |
| 42 | + run: semgrep ci --sarif > semgrep.sarif |
40 | 43 | env: |
41 | | - # Connect to Semgrep AppSec Platform through your |
42 | | -SEMGREP_APP_TOKEN. |
43 | | - # Generate a token from Semgrep AppSec Platform > Settings |
44 | | - # and add it to your GitHub secrets. |
45 | | - SEMGREP_APP_TOKEN: "d632ebf58e309e5e5ccf610dff11b594633be27f6577f39fdfcb99cddc21ff4d" |
| 44 | + SEMGREP_APP_TOKEN: "d632ebf58e309e5e5ccf610dff11b594633be27f6577f39fdfcb99cddc21ff4d" |
0 commit comments