Skip to content
Permalink
Browse files
add gh action, dependabot and release-drafter and get rid of travis (#65
)

* add gh action, dependabot and release-drafter and get rid of travis
* move owasp check in a separate profile

Signed-off-by: Olivier Lamy <olamy@apache.org>
  • Loading branch information
olamy committed Apr 11, 2022
1 parent eb489a1 commit 6f4b08e4ad279dcf77faa8034f3e3983e3afde32
Show file tree
Hide file tree
Showing 8 changed files with 109 additions and 66 deletions.
@@ -31,5 +31,13 @@ updates:

- package-ecosystem: "github-actions"
directory: "/"
target-branch: "archiva-2.x"
schedule:
interval: "daily"

- package-ecosystem: "github-actions"
directory: "/"
target-branch: "master"
schedule:
interval: "daily"

@@ -16,3 +16,4 @@
# under the License.

_extends: archiva-parent
tag-template: archiva-$NEXT_MINOR_VERSION
@@ -0,0 +1,48 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

name: GitHub CI

on:
push:
pull_request:


jobs:
build:

strategy:
matrix:
os: [ubuntu-latest]
java: [8, 11]
fail-fast: false

runs-on: ${{ matrix.os }}

steps:
- name: Checkout
uses: actions/checkout@v2

- name: Set up JDK
uses: actions/setup-java@v2.3.1
with:
distribution: temurin
java-version: ${{ matrix.java }}
cache: 'maven'

- name: Build with Maven
run: mvn -e -B -V install -Pci-build -T2
@@ -14,16 +14,16 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.

name: Release Drafter
on:
push:
branches:
- master
- archiva-2.x
jobs:
update_release_draft:
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@v5.18.1
- uses: release-drafter/release-drafter@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

This file was deleted.

@@ -149,7 +149,7 @@ pipeline {
{
sh "chmod 755 ./src/ci/scripts/prepareWorkspace.sh"
sh "./src/ci/scripts/prepareWorkspace.sh"
sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Dmaven.compiler.fork=true -Pci-build -T${THREADS}"
sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Pci-build -T${THREADS}"
}
}
}
@@ -840,30 +840,6 @@
</systemPropertyVariables>
</configuration>
</plugin>




<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>6.0.4</version>
<configuration>
<skipProvidedScope>true</skipProvidedScope>
<failBuildOnCVSS>8</failBuildOnCVSS>
<suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile>
<ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled>
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
<nodeAnalyzerEnabled>false</nodeAnalyzerEnabled>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>

@@ -874,6 +850,33 @@
<archiva.repositorySessionFactory.id>cassandra</archiva.repositorySessionFactory.id>
</properties>
</profile>
<profile>
<id>owasp</id>
<build>
<plugins>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>6.0.4</version>
<configuration>
<skipProvidedScope>true</skipProvidedScope>
<failBuildOnCVSS>8</failBuildOnCVSS>
<suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile>
<ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled>
<assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
<nodeAnalyzerEnabled>false</nodeAnalyzerEnabled>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>

</project>
44 pom.xml
@@ -2179,17 +2179,17 @@
<enabled>true</enabled>
</snapshots>
</repository>
<repository>
<id>jetty.snapshots</id>
<name>Jetty Snapshots</name>
<url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<!-- <repository>-->
<!-- <id>jetty.snapshots</id>-->
<!-- <name>Jetty Snapshots</name>-->
<!-- <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>-->
<!-- <releases>-->
<!-- <enabled>false</enabled>-->
<!-- </releases>-->
<!-- <snapshots>-->
<!-- <enabled>true</enabled>-->
<!-- </snapshots>-->
<!-- </repository>-->
</repositories>
<pluginRepositories>
<pluginRepository>
@@ -2203,16 +2203,16 @@
<enabled>true</enabled>
</snapshots>
</pluginRepository>
<pluginRepository>
<id>jetty.snapshots</id>
<name>Jetty Snapshots</name>
<url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</pluginRepository>
<!-- <pluginRepository>-->
<!-- <id>jetty.snapshots</id>-->
<!-- <name>Jetty Snapshots</name>-->
<!-- <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>-->
<!-- <releases>-->
<!-- <enabled>false</enabled>-->
<!-- </releases>-->
<!-- <snapshots>-->
<!-- <enabled>true</enabled>-->
<!-- </snapshots>-->
<!-- </pluginRepository>-->
</pluginRepositories>
</project>

0 comments on commit 6f4b08e

Please sign in to comment.