Skip to content

feat: Add a flag to fail when one or more suppression rules are not used #2089

feat: Add a flag to fail when one or more suppression rules are not used

feat: Add a flag to fail when one or more suppression rules are not used #2089

Workflow file for this run

name: Pull Requests
on:
pull_request:
paths-ignore:
- '**/*.md'
- '**/*.txt'
jobs:
test:
name: Build and Test
permissions:
security-events: write
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check Maven Cache
id: maven-cache
uses: actions/cache@v4
with:
path: ~/.m2/repository/
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- uses: actions/setup-dotnet@v4.1.0
with:
dotnet-version: '8.0.x'
- name: Set up JDK 11
id: jdk-11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'zulu'
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: 6.0.2
- name: Test with Maven
id: build
run: |
mvn -V -s settings.xml -pl utils,core,cli,ant,archetype -am compile verify --no-transfer-progress --batch-mode
- name: SARIF Multitool
uses: microsoft/sarif-actions@v0.1
with:
# Command to be sent to SARIF Multitool
command: 'validate core/target/test-reports/Report.sarif'
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: utils/target/spotbugsSarif.json
category: spotbugs-utils
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: cli/target/spotbugsSarif.json
category: spotbugs-cli
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ant/target/spotbugsSarif.json
category: spotbugs-ant
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: core/target/spotbugsSarif.json
category: spotbugs-core
maven:
name: Regression Test Maven Plugin
permissions:
security-events: write
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check Maven Cache
id: maven-cache
uses: actions/cache@v4
with:
path: ~/.m2/repository/
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- uses: actions/setup-dotnet@v4.1.0
with:
dotnet-version: '8.0.x'
- name: Set up JDK 11
id: jdk-11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'zulu'
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
with:
version: 6.0.2
- name: Regression Test Maven Plugin
id: build
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: |
mvn -V -s settings.xml -pl maven -am compile verify -DtestMavenPlugin -DreleaseTesting --no-transfer-progress --batch-mode
- name: Archive IT test logs
id: archive-logs
if: always()
uses: actions/upload-artifact@v4
with:
name: it-test-logs
retention-days: 7
path: maven/target/it/**/build.log
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: maven/target/spotbugsSarif.json
category: spotbugs-maven
checkstyle:
name: Checkstyle Validation
permissions:
security-events: write
contents: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Check Maven Cache
id: maven-cache
uses: actions/cache@v4
with:
path: ~/.m2/repository/
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up JDK 11
id: jdk-11
uses: actions/setup-java@v4
with:
java-version: 11
distribution: 'zulu'
- name: Checkstyle
id: checkstyle
run: |
mvn -V -s settings.xml checkstyle:checkstyle-aggregate --no-transfer-progress --batch-mode
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: target/checkstyle-result.sarif
category: checkstyle