Bump securego/gosec from 417a44c73be12f54ac1732daaca952f3d3a0ba9d to 40f29c8d4abf59af475a79f6aa0268c296319501 #9004
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Gradle" | |
on: | |
pull_request: | |
branches: | |
- 'main' | |
- 'release/**' | |
push: | |
branches: | |
- 'main' | |
- 'release/**' | |
tags: | |
- 'v*' | |
defaults: | |
run: | |
shell: bash | |
permissions: | |
contents: read | |
env: | |
LC_ALL: C.UTF-8 | |
CGO_ENABLED: 1 | |
jobs: | |
build: | |
name: Build | |
runs-on: [ self-hosted, Linux, large, ephemeral ] | |
strategy: | |
matrix: | |
project: | |
- common | |
- graphql | |
- grpc | |
- importer | |
- monitor | |
- rest | |
- rest-java | |
- 'rest:check-state-proof' | |
- 'rest:monitoring' | |
- rosetta | |
- test | |
- web3 | |
schema: | |
- v1 | |
- v2 | |
exclude: | |
- project: common | |
schema: v2 | |
- project: monitor | |
schema: v2 | |
- project: rest:check-state-proof | |
schema: v2 | |
- project: rest:monitoring | |
schema: v2 | |
- project: rosetta | |
schema: v2 | |
- project: test | |
schema: v2 | |
timeout-minutes: 20 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
with: | |
egress-policy: audit | |
- name: Checkout Code | |
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 | |
- name: Setup Node | |
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
with: | |
node-version: 18 | |
- name: Install JDK | |
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 | |
with: | |
distribution: temurin | |
java-version: 21 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@db19848a5fa7950289d3668fb053140cf3028d43 # v3.3.2 | |
- name: Setup GCC Compiler | |
if: ${{ matrix.project == 'rosetta' }} | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y --no-install-recommends gcc libc-dev libc6-dev | |
- name: Execute Gradle | |
env: | |
MIRROR_NODE_SCHEMA: ${{ matrix.schema}} | |
SPRING_PROFILES_ACTIVE: ${{ matrix.schema}} | |
run: ./gradlew :${{matrix.project}}:build --scan ${{ secrets.GRADLE_ARGS }} | |
- name: Upload coverage report | |
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
if: ${{ matrix.schema == 'v1' && matrix.project != 'rest:monitoring' && matrix.project != 'test' && always() }} |