File tree Expand file tree Collapse file tree 1 file changed +43
-0
lines changed
Expand file tree Collapse file tree 1 file changed +43
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
2+ # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
3+ # This workflow uses actions that are not certified by GitHub.
4+ # They are provided by a third-party and are governed by
5+ # separate terms of service, privacy policy, and support hkhk
6+ # documentation.
7+ name : Java CI with Maven
8+ on :
9+ push :
10+ branches : [ "master" ]
11+ pull_request :
12+ branches : [ "master" ]
13+ jobs :
14+ build :
15+ runs-on : ubuntu-latest
16+ steps :
17+ - uses : actions/checkout@v4
18+ - name : Set up JDK 17
19+ uses : actions/setup-java@v4
20+ with :
21+ java-version : ' 17'
22+ distribution : ' temurin'
23+ cache : maven
24+ - name : Build with Maven
25+ run : mvn -B package --file pom.xml
26+ semgrep :
27+ # User definable name of this GitHub Actions job.
28+ name : semgrep/ci
29+ # If you are self-hosting, change the following `runs-on` value:
30+ runs-on : ubuntu-latest
31+ container :
32+ # A Docker image with Semgrep installed. Do not change this.
33+ image : semgrep/semgrep
34+ steps :
35+ # Fetch project source with GitHub Actions Checkout. Use either v3 or v4.
36+ - uses : actions/checkout@v4
37+ # Run the "semgrep ci" command on the command line of the docker image.
38+ - run : semgrep ci --sarif > semgrep.sarif
39+ env :
40+ # Connect to Semgrep AppSec Platform through your SEMGREP_APP_TOKEN.
41+ # Generate a token from Semgrep AppSec Platform > Settings
42+ # and add it to your GitHub secrets.
43+ SEMGREP_APP_TOKEN : " c994acb77072cd89cf2a9a39967213cf4898061c1d870cb9e17f51a388508738"
You can’t perform that action at this time.
0 commit comments