Skip to content

Create codeql.yml #6273

Create codeql.yml

Create codeql.yml #6273

name: Test branch
on:
push:
branches:
- '**'
- '!main'
merge_group:
branches: [ main ]
jobs:
run-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@v3.0.0
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false # we rely on step outputs, no need for environment variables
secrets: |
secret/data/products/connectors/ci/common ARTIFACTORY_USR | CI_LDAP_USER;
secret/data/products/connectors/ci/common ARTIFACTORY_PSW | CI_LDAP_PASSWORD;
- name: Restore cache
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '21'
# Use CI Nexus as co-located pull-through cache for Maven artifacts via ~/.m2/settings.xml
- name: 'Create settings.xml'
uses: s4u/maven-settings-action@v3.0.0
with:
githubServer: false
servers: |
[{
"id": "camunda-nexus",
"username": "${{ steps.secrets.outputs.CI_LDAP_USER }}",
"password": "${{ steps.secrets.outputs.CI_LDAP_PASSWORD }}"
}]
mirrors: '[{"url": "https://repository.nexus.camunda.cloud/content/groups/internal/", "id": "camunda-nexus", "mirrorOf": "camunda-nexus", "name": "camunda Nexus"}]'
- uses: actions/setup-node@v4
with:
node-version: '16'
- name: Install element templates CLI
run: npm install --global element-templates-cli
- name: Build Connectors
run: mvn --batch-mode clean test -PcheckFormat
- name: Lint Dockerfile - connector-runtime
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: connector-runtime/connector-runtime-application/Dockerfile
- name: Lint Dockerfile - SaaS
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: bundle/camunda-saas-bundle/Dockerfile
- name: Lint Dockerfile - default-bundle
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: bundle/default-bundle/Dockerfile
- name: Package Connectors
env:
PROJECTS: bundle/default-bundle
run: mvn --batch-mode compile generate-sources package -DskipTests --projects "${PROJECTS}" --also-make
- name: Set up Docker Build
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: registry.camunda.cloud
username: ${{ steps.secrets.outputs.CI_LDAP_USER }}
password: ${{ steps.secrets.outputs.CI_LDAP_PASSWORD }}
# Publish Docker images for Preview environments
- name: Build and Push Docker Image tag ${{ env.TAG }} - bundle-default
env:
TAG: pr-${{ github.sha }}
uses: docker/build-push-action@v5
with:
context: bundle/default-bundle/
provenance: false
push: true
tags: registry.camunda.cloud/team-connectors/connectors-bundle:${{ env.TAG }}