Browse Source
add gh action, dependabot and release-drafter and get rid of travis (#65)
* add gh action, dependabot and release-drafter and get rid of travis * move owasp check in a separate profile Signed-off-by: Olivier Lamy <olamy@apache.org>pull/73/head
Olivier Lamy
2 years ago
8 changed files with 109 additions and 66 deletions
+ 8
- 0
.github/dependabot.yml
View File
| @@ -31,5 +31,13 @@ updates: | |||
| - package-ecosystem: "github-actions" | |||
| directory: "/" | |||
| target-branch: "archiva-2.x" | |||
| schedule: | |||
| interval: "daily" | |||
| - package-ecosystem: "github-actions" | |||
| directory: "/" | |||
| target-branch: "master" | |||
| schedule: | |||
| interval: "daily" | |||
+ 1
- 0
.github/release-drafter.yml
View File
| @@ -16,3 +16,4 @@ | |||
| # under the License. | |||
| _extends: archiva-parent | |||
| tag-template: archiva-$NEXT_MINOR_VERSION | |||
+ 48
- 0
.github/workflows/maven.yml
View File
| @@ -0,0 +1,48 @@ | |||
| # Licensed to the Apache Software Foundation (ASF) under one | |||
| # or more contributor license agreements. See the NOTICE file | |||
| # distributed with this work for additional information | |||
| # regarding copyright ownership. The ASF licenses this file | |||
| # to you under the Apache License, Version 2.0 (the | |||
| # "License"); you may not use this file except in compliance | |||
| # with the License. You may obtain a copy of the License at | |||
| # | |||
| # http://www.apache.org/licenses/LICENSE-2.0 | |||
| # | |||
| # Unless required by applicable law or agreed to in writing, | |||
| # software distributed under the License is distributed on an | |||
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |||
| # KIND, either express or implied. See the License for the | |||
| # specific language governing permissions and limitations | |||
| # under the License. | |||
| name: GitHub CI | |||
| on: | |||
| push: | |||
| pull_request: | |||
| jobs: | |||
| build: | |||
| strategy: | |||
| matrix: | |||
| os: [ubuntu-latest] | |||
| java: [8, 11] | |||
| fail-fast: false | |||
| runs-on: ${{ matrix.os }} | |||
| steps: | |||
| - name: Checkout | |||
| uses: actions/checkout@v2 | |||
| - name: Set up JDK | |||
| uses: actions/setup-java@v2.3.1 | |||
| with: | |||
| distribution: temurin | |||
| java-version: ${{ matrix.java }} | |||
| cache: 'maven' | |||
| - name: Build with Maven | |||
| run: mvn -e -B -V install -Pci-build -T2 | |||
+ 2
- 2
.github/workflows/release-drafter.yml
View File
| @@ -14,16 +14,16 @@ | |||
| # KIND, either express or implied. See the License for the | |||
| # specific language governing permissions and limitations | |||
| # under the License. | |||
| name: Release Drafter | |||
| on: | |||
| push: | |||
| branches: | |||
| - master | |||
| - archiva-2.x | |||
| jobs: | |||
| update_release_draft: | |||
| runs-on: ubuntu-latest | |||
| steps: | |||
| - uses: release-drafter/release-drafter@v5.18.1 | |||
| - uses: release-drafter/release-drafter@v5 | |||
| env: | |||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |||
+ 0
- 17
.travis.yml
View File
| @@ -1,17 +0,0 @@ | |||
| language: java | |||
| dist: xenial | |||
| jdk: | |||
| - openjdk8 | |||
| install: "mvn clean install -DskipTests=true -B -V -Pci-build" | |||
| script: "mvn clean install -B -V -Pci-build" | |||
| cache: | |||
| directories: | |||
| - $HOME/.m2 | |||
| branches: | |||
| except: | |||
| - gh-pages | |||
+ 1
- 1
Jenkinsfile
View File
| @@ -149,7 +149,7 @@ pipeline { | |||
| { | |||
| sh "chmod 755 ./src/ci/scripts/prepareWorkspace.sh" | |||
| sh "./src/ci/scripts/prepareWorkspace.sh" | |||
| sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Dmaven.compiler.fork=true -Pci-build -T${THREADS}" | |||
| sh "mvn clean install -U -B -e -fae -Dorg.slf4j.simpleLogger.showThreadName=true -Pci-build -T${THREADS}" | |||
| } | |||
| } | |||
| } | |||
+ 27
- 24
archiva-modules/archiva-web/archiva-webapp/pom.xml
View File
| @@ -840,30 +840,6 @@ | |||
| </systemPropertyVariables> | |||
| </configuration> | |||
| </plugin> | |||
| <plugin> | |||
| <groupId>org.owasp</groupId> | |||
| <artifactId>dependency-check-maven</artifactId> | |||
| <version>6.0.4</version> | |||
| <configuration> | |||
| <skipProvidedScope>true</skipProvidedScope> | |||
| <failBuildOnCVSS>8</failBuildOnCVSS> | |||
| <suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile> | |||
| <ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled> | |||
| <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled> | |||
| <nodeAnalyzerEnabled>false</nodeAnalyzerEnabled> | |||
| </configuration> | |||
| <executions> | |||
| <execution> | |||
| <goals> | |||
| <goal>check</goal> | |||
| </goals> | |||
| </execution> | |||
| </executions> | |||
| </plugin> | |||
| </plugins> | |||
| </build> | |||
| @@ -874,6 +850,33 @@ | |||
| <archiva.repositorySessionFactory.id>cassandra</archiva.repositorySessionFactory.id> | |||
| </properties> | |||
| </profile> | |||
| <profile> | |||
| <id>owasp</id> | |||
| <build> | |||
| <plugins> | |||
| <plugin> | |||
| <groupId>org.owasp</groupId> | |||
| <artifactId>dependency-check-maven</artifactId> | |||
| <version>6.0.4</version> | |||
| <configuration> | |||
| <skipProvidedScope>true</skipProvidedScope> | |||
| <failBuildOnCVSS>8</failBuildOnCVSS> | |||
| <suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile> | |||
| <ossindexAnalyzerEnabled>false</ossindexAnalyzerEnabled> | |||
| <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled> | |||
| <nodeAnalyzerEnabled>false</nodeAnalyzerEnabled> | |||
| </configuration> | |||
| <executions> | |||
| <execution> | |||
| <goals> | |||
| <goal>check</goal> | |||
| </goals> | |||
| </execution> | |||
| </executions> | |||
| </plugin> | |||
| </plugins> | |||
| </build> | |||
| </profile> | |||
| </profiles> | |||
| </project> | |||
+ 22
- 22
pom.xml
View File
| @@ -2179,17 +2179,17 @@ | |||
| <enabled>true</enabled> | |||
| </snapshots> | |||
| </repository> | |||
| <repository> | |||
| <id>jetty.snapshots</id> | |||
| <name>Jetty Snapshots</name> | |||
| <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url> | |||
| <releases> | |||
| <enabled>false</enabled> | |||
| </releases> | |||
| <snapshots> | |||
| <enabled>true</enabled> | |||
| </snapshots> | |||
| </repository> | |||
| <!-- <repository>--> | |||
| <!-- <id>jetty.snapshots</id>--> | |||
| <!-- <name>Jetty Snapshots</name>--> | |||
| <!-- <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>--> | |||
| <!-- <releases>--> | |||
| <!-- <enabled>false</enabled>--> | |||
| <!-- </releases>--> | |||
| <!-- <snapshots>--> | |||
| <!-- <enabled>true</enabled>--> | |||
| <!-- </snapshots>--> | |||
| <!-- </repository>--> | |||
| </repositories> | |||
| <pluginRepositories> | |||
| <pluginRepository> | |||
| @@ -2203,16 +2203,16 @@ | |||
| <enabled>true</enabled> | |||
| </snapshots> | |||
| </pluginRepository> | |||
| <pluginRepository> | |||
| <id>jetty.snapshots</id> | |||
| <name>Jetty Snapshots</name> | |||
| <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url> | |||
| <releases> | |||
| <enabled>false</enabled> | |||
| </releases> | |||
| <snapshots> | |||
| <enabled>true</enabled> | |||
| </snapshots> | |||
| </pluginRepository> | |||
| <!-- <pluginRepository>--> | |||
| <!-- <id>jetty.snapshots</id>--> | |||
| <!-- <name>Jetty Snapshots</name>--> | |||
| <!-- <url>https://oss.sonatype.org/content/repositories/jetty-snapshots/</url>--> | |||
| <!-- <releases>--> | |||
| <!-- <enabled>false</enabled>--> | |||
| <!-- </releases>--> | |||
| <!-- <snapshots>--> | |||
| <!-- <enabled>true</enabled>--> | |||
| <!-- </snapshots>--> | |||
| <!-- </pluginRepository>--> | |||
| </pluginRepositories> | |||
| </project> | |||
Loading…