File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ name : " Dependency Check"
2+
3+ on :
4+ push :
5+ branches : [ 'develop', 'master', 'release_**', 'CI/dependency_check' ]
6+ pull_request :
7+ branches : [ 'develop', "release_**" , 'CI/dependency_check' ]
8+ schedule :
9+ - cron : ' 25 6 * * *'
10+ workflow_dispatch :
11+
12+ jobs :
13+ dependency-check :
14+ name : Dependency Check
15+ runs-on : ubuntu-latest
16+
17+ steps :
18+ - name : Checkout repository
19+ uses : actions/checkout@v4
20+
21+ - name : Cache ODC data
22+ uses : actions/cache@v3
23+ with :
24+ path : ~/.dependency-check/data
25+ key : ${{ runner.os }}-odc-data-${{ hashFiles('**/build.gradle') }}
26+ restore-keys : |
27+ ${{ runner.os }}-odc-data-
28+
29+ name : Set up JDK 8
30+ uses : actions/setup-java@v3
31+ with :
32+ java-version : ' 8'
33+ distribution : ' temurin'
34+
35+ - name : Gradlew build
36+ run : ./gradlew --no-daemon -S -Dorg.gradle.dependency.verification=off -Dorg.gradle.warning.mode=none build -x test
37+
38+ - name : Dependency Check
39+ uses : dependency-check/Dependency-Check_Action@1.1.0
40+ env :
41+ # actions/setup-java@v1 changes JAVA_HOME, so it needs to be reset to match the depcheck image
42+ JAVA_HOME : /opt/jdk
43+ with :
44+ project : ' java-tron'
45+ path : ' .'
46+ format : ' HTML'
47+ out : ' reports'
48+ args : >
49+ --failOnCVSS 7
50+ --enableRetired
51+ name : Generate timestamp
52+ run : echo "BUILD_TIMESTAMP=$(date -u +"%Y%m%d-%H%M%S")" >> $GITHUB_ENV
53+ - name : Get Repository Name
54+ run : echo "REPO_NAME=$(echo '${{ github.repository }}' | cut -d'/' -f2)" >> $GITHUB_ENV
55+ - name : Upload report
56+ if : always()
57+ uses : actions/upload-artifact@v4
58+ with :
59+ name : dependency-check-${{ env.REPO_NAME }}-${{ env.BUILD_TIMESTAMP }}
60+ path : ${{github.workspace}}/reports
You can’t perform that action at this time.
0 commit comments