chore(deps): bump org.junit.jupiter:junit-jupiter (#216) #292

Workflow file for this run

	name: Deploy to dev
	on:
	push:
	branches:
	- main

	jobs:
	build:
	permissions:
	contents: "write"
	id-token: "write"
	security-events: "write"
	name: Checkout code and create docker tag
	runs-on: ubuntu-latest
	steps:
	- name: Setup java
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: '21'
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Gradle wrapper validation
	uses: gradle/[email protected]
	- name: Setup gradle dependency cache
	uses: actions/cache@v4
	with:
	path: \|
	~/.gradle/caches
	~/.gradle/wrapper
	key: ${{ runner.os }}-gradle-${{ hashFiles('*/.gradle*') }}
	restore-keys: \|
	${{ runner.os }}-gradle-
	- name: Run tests
	run: \|
	./gradlew test
	- name: setup frontend
	uses: actions/setup-node@v4
	with:
	node-version: '20'
	- run: corepack enable
	- run: yarn --immutable
	env:
	NPM_AUTH_TOKEN: ${{ secrets.READER_TOKEN }}
	working-directory: web
	- run: yarn build
	working-directory: web
	- run: yarn copy
	working-directory: web
	- name: Build jar
	run: \|
	./gradlew shadowJar -x test
	- name: docker-build-push
	if: github.event.pull_request.user.login != 'dependabot[bot]'
	uses: nais/docker-build-push@v0
	id: docker-build-push
	with:
	team: teamsykmelding
	identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
	project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}

	outputs:
	image: ${{ steps.docker-build-push.outputs.image }}

	trivy-docker:
	if: github.event.pull_request.user.login != 'dependabot[bot]'
	permissions:
	contents: "write"
	id-token: "write"
	security-events: "write"
	name: Trivy docker
	runs-on: ubuntu-latest
	needs: [ build ]
	steps:
	- run: touch me
	- uses: nais/login@v0
	with:
	project_id: ${{ vars.NAIS_MANAGEMENT_PROJECT_ID }}
	identity_provider: ${{ secrets.NAIS_WORKLOAD_IDENTITY_PROVIDER }}
	team: teamsykmelding

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8
	with:
	image-ref: ${{ needs.build.outputs.image }}
	ignore-unfixed: true
	vuln-type: 'os'
	severity: 'CRITICAL,HIGH'
	format: 'sarif'
	output: 'trivy-results.sarif'
	scanners: 'vuln'

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

	deploy-dev:
	if: github.event.pull_request.user.login != 'dependabot[bot]'
	name: Deploy to dev
	runs-on: ubuntu-latest
	needs: [ build ]
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	- name: Deploy to dev
	uses: nais/deploy/actions/deploy@master
	env:
	APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
	CLUSTER: dev-gcp
	RESOURCE: naiserator-dev.yaml
	VAR: image=${{ needs.build.outputs.image }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump org.junit.jupiter:junit-jupiter (#216) #292

Workflow file

chore(deps): bump org.junit.jupiter:junit-jupiter (#216) #292

Jobs

Run details

Workflow file for this run