Skip to content

Commit bc9f167

Browse files
authored
Merge pull request #4
ci: add GitHub Actions CI pipeline
2 parents 382f316 + 0106deb commit bc9f167

4 files changed

Lines changed: 195 additions & 0 deletions

File tree

.github/dependabot.yaml

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
version: 2
2+
3+
updates:
4+
5+
# Maven dependencies
6+
- package-ecosystem: "maven"
7+
directory: "/"
8+
schedule:
9+
interval: "weekly"
10+
day: "monday"
11+
time: "08:00"
12+
timezone: "Africa/Kigali"
13+
open-pull-requests-limit: 8
14+
labels:
15+
- "dependencies"
16+
- "java"
17+
18+
groups:
19+
20+
spring-boot:
21+
patterns:
22+
- "org.springframework.boot:*"
23+
- "org.springframework:*"
24+
- "org.springframework.security:*"
25+
26+
jwt:
27+
patterns:
28+
- "io.jsonwebtoken:*"
29+
30+
database:
31+
patterns:
32+
- "org.postgresql:*"
33+
- "org.flywaydb:*"
34+
35+
observability-and-docs:
36+
patterns:
37+
- "org.springdoc:*"
38+
- "com.bucket4j:*"
39+
40+
mfa:
41+
patterns:
42+
- "dev.samstevens.totp:*"
43+
44+
lombok-and-mapstruct:
45+
patterns:
46+
- "org.projectlombok:*"
47+
- "org.mapstruct:*"
48+
49+
testing:
50+
patterns:
51+
- "org.junit.jupiter:*"
52+
- "org.mockito:*"
53+
- "org.assertj:*"
54+
55+
# GitHub Actions themselves
56+
- package-ecosystem: "github-actions"
57+
directory: "/"
58+
schedule:
59+
interval: "weekly"
60+
day: "monday"
61+
time: "08:00"
62+
timezone: "Africa/Kigali"
63+
open-pull-requests-limit: 3
64+
labels:
65+
- "dependencies"
66+
- "github-actions"
67+
groups:
68+
github-actions:
69+
patterns:
70+
- "*"

.github/workflows/ci.yaml

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
name: CI
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
pull_request:
8+
branches:
9+
- main
10+
11+
jobs:
12+
test:
13+
name: Build & Test
14+
runs-on: ubuntu-latest
15+
16+
steps:
17+
- name: Checkout code
18+
uses: actions/checkout@v4
19+
20+
- name: Set up JDK 21
21+
uses: actions/setup-java@v4
22+
with:
23+
java-version: '21'
24+
distribution: 'temurin'
25+
cache: 'maven'
26+
27+
- name: Run unit tests
28+
run: mvn --batch-mode test
29+
30+
- name: Upload test results
31+
if: always()
32+
uses: actions/upload-artifact@v4
33+
with:
34+
name: surefire-test-results
35+
path: target/surefire-reports/
36+
retention-days: 14
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
#-------------------------------------------------------------------------------#
2+
# Discover all capabilities of Qodana in our documentation #
3+
# https://www.jetbrains.com/help/qodana/about-qodana.html #
4+
#-------------------------------------------------------------------------------#
5+
6+
name: Qodana
7+
on:
8+
workflow_dispatch:
9+
pull_request:
10+
push:
11+
branches:
12+
- main
13+
- ci
14+
15+
jobs:
16+
qodana:
17+
runs-on: ubuntu-latest
18+
permissions:
19+
contents: write
20+
pull-requests: write
21+
checks: write
22+
steps:
23+
- uses: actions/checkout@v4
24+
with:
25+
ref: ${{ github.event.pull_request.head.sha }}
26+
fetch-depth: 0
27+
- name: 'Qodana Scan'
28+
uses: JetBrains/qodana-action@v2026.1
29+
env:
30+
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
31+
with:
32+
# When pr-mode is set to true, Qodana analyzes only the files that have been changed
33+
pr-mode: false
34+
use-caches: true
35+
post-pr-comment: true
36+
use-annotations: true
37+
# Upload Qodana results (SARIF, other artifacts, logs) as an artifact to the job
38+
upload-result: false
39+
# quick-fixes available in Ultimate and Ultimate Plus plans
40+
push-fixes: 'none'

qodana.yaml

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
#-------------------------------------------------------------------------------#
2+
# Qodana analysis is configured by qodana.yaml file #
3+
# https://www.jetbrains.com/help/qodana/qodana-yaml.html #
4+
#-------------------------------------------------------------------------------#
5+
6+
#################################################################################
7+
# WARNING: Do not store sensitive information in this file, #
8+
# as its contents will be included in the Qodana report. #
9+
#################################################################################
10+
version: "1.0"
11+
12+
#Specify inspection profile for code analysis
13+
profile:
14+
name: qodana.starter
15+
16+
#Enable inspections
17+
#include:
18+
# - name: <SomeEnabledInspectionId>
19+
20+
#Disable inspections
21+
#exclude:
22+
# - name: <SomeDisabledInspectionId>
23+
# paths:
24+
# - <path/where/not/run/inspection>
25+
26+
projectJDK: "21" #(Applied in CI/CD pipeline)
27+
28+
#Execute shell command before Qodana execution (Applied in CI/CD pipeline)
29+
#bootstrap: sh ./prepare-qodana.sh
30+
31+
#Install IDE plugins before Qodana execution (Applied in CI/CD pipeline)
32+
#plugins:
33+
# - id: <plugin.id> #(plugin id can be found at https://plugins.jetbrains.com)
34+
35+
# Quality gate. Will fail the CI/CD pipeline if any condition is not met
36+
# severityThresholds - configures maximum thresholds for different problem severities
37+
# testCoverageThresholds - configures minimum code coverage on a whole project and newly added code
38+
# Code Coverage is available in Ultimate and Ultimate Plus plans
39+
#failureConditions:
40+
# severityThresholds:
41+
# any: 15
42+
# critical: 5
43+
# testCoverageThresholds:
44+
# fresh: 70
45+
# total: 50
46+
47+
#Qodana supports other languages, for example, Python, JavaScript, TypeScript, Go, C#, PHP
48+
#For all supported languages see https://www.jetbrains.com/help/qodana/linters.html
49+
linter: jetbrains/qodana-jvm-community:2026.1

0 commit comments

Comments
 (0)