Skip to content

Maven Scheduled Build #191

Maven Scheduled Build

Maven Scheduled Build #191

name: Maven Scheduled Build
on:
schedule:
- cron: '0 0 * * 4'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
strategy:
matrix:
refs: [refs/tags/v2.3.1, refs/tags/v2.2.3, refs/tags/v2.0.13]
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
ref: ${{ matrix.refs }}
- name: Cache maven repository
uses: actions/cache@v4
with:
path: |
~/.m2/repository
~/.sonar/cache
key: ${{ runner.os }}-maven-scd-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-scd
${{ runner.os }}-maven
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'adopt'
java-version: 17
- name: Restore CVD Database from Cache
uses: actions/cache/restore@v4
with:
path: |
~/.m2/repository/org/owasp/dependency-check-data
key: ${{ runner.os }}-maven-owasp-cvedb
- name: Update CVD Database
continue-on-error: true
env:
OWASP_OSS_INDEX_USERNAME: ${{ secrets.OWASP_OSS_INDEX_USERNAME }}
OWASP_OSS_INDEX_APIKEY: ${{ secrets.OWASP_OSS_INDEX_APIKEY }}
NIST_NVD_API_KEY: ${{ secrets.NIST_NVD_API_KEY }}
run: |
mvn -B -P owasp -DnvdApiDelay=6000 --settings maven-ci-settings.xml org.owasp:dependency-check-maven:update-only
- name: Save CVD Database to Cache
uses: actions/cache/save@v4
with:
path: |
~/.m2/repository/org/owasp/dependency-check-data
key: ${{ runner.os }}-maven-owasp-cvedb
- name: Check OWASP
env:
OWASP_OSS_INDEX_USERNAME: ${{ secrets.OWASP_OSS_INDEX_USERNAME }}
OWASP_OSS_INDEX_APIKEY: ${{ secrets.OWASP_OSS_INDEX_APIKEY }}
NIST_NVD_API_KEY: ${{ secrets.NIST_NVD_API_KEY }}
run: |
mvn -B -DskipTests -Dmaven.javadoc.skip=true -P owasp -DautoUpdate=false --settings maven-ci-settings.xml org.owasp:dependency-check-maven:aggregate
- name: Build with Maven
run: |
mvn -B install -Dmaven.javadoc.skip=true
- name: Create environment variables
run: |
echo "Exporting Variables"
export HTTP_NAME=$(mvn -pl FROST-Server.HTTP -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
export MQTTP_NAME=$(mvn -pl FROST-Server.MQTTP -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
export MQTT_NAME=$(mvn -pl FROST-Server.MQTT -Dexec.executable='echo' -Dexec.args='${project.build.finalName}' exec:exec -q)
echo "HTTP_ARTIFACT=${HTTP_NAME}.war" >> $GITHUB_ENV
echo "MQTTP_ARTIFACT=${MQTTP_NAME}.war" >> $GITHUB_ENV
echo "MQTT_ARTIFACT=${MQTT_NAME}-jar-with-dependencies.jar" >> $GITHUB_ENV
export version=$(mvn -Dexec.executable='echo' -Dexec.args='${project.version}' --non-recursive exec:exec -q)
echo "DOCKER_TAG_FULL=${version}" >> $GITHUB_ENV
echo "DOCKER_TAG_SHORT=${version%.*}" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push - HTTP
uses: docker/build-push-action@v5
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.HTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.HTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-http:${{ env.DOCKER_TAG_FULL }}
fraunhoferiosb/frost-server-http:${{ env.DOCKER_TAG_SHORT }}
- name: Build and push - MQTTP
uses: docker/build-push-action@v5
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTTP"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTTP_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server:${{ env.DOCKER_TAG_FULL }}
fraunhoferiosb/frost-server:${{ env.DOCKER_TAG_SHORT }}
- name: Build and push - MQTT
uses: docker/build-push-action@v5
with:
platforms: linux/amd64,linux/arm64
context: "./FROST-Server.MQTT"
push: true
build-args: |
ARTIFACT_FILE=${{ env.MQTT_ARTIFACT }}
tags: |
fraunhoferiosb/frost-server-mqtt:${{ env.DOCKER_TAG_FULL }}
fraunhoferiosb/frost-server-mqtt:${{ env.DOCKER_TAG_SHORT }}