Skip to content

Fix: refactor sonatype scan #2

Fix: refactor sonatype scan

Fix: refactor sonatype scan #2

---
# SPDX-License-Identifier: Apache-2.0
# SPDX-FileCopyrightText: 2023 The Linux Foundation
name: Composed Gradle Nexus IQ
# yamllint disable-line rule:truthy
on:
workflow_call:
inputs:
GERRIT_BRANCH:
description: "Branch that change is against"
required: true
type: string
GERRIT_CHANGE_ID:
description: "The ID for the change"
required: true
type: string
GERRIT_CHANGE_NUMBER:
description: "The Gerrit number"
required: true
type: string
GERRIT_CHANGE_URL:
description: "URL to the change"
required: true
type: string
GERRIT_EVENT_TYPE:
description: "Type of Gerrit event"
required: true
type: string
GERRIT_PATCHSET_NUMBER:
description: "The patch number for the change"
required: true
type: string
GERRIT_PATCHSET_REVISION:
description: "The revision sha"
required: true
type: string
GERRIT_PROJECT:
description: "Project in Gerrit"
required: true
type: string
GERRIT_REFSPEC:
description: "Gerrit refspec of change"
required: true
type: string
JDK_VERSION:
description: "OpenJDK version"
required: false
default: "17"
type: string
concurrency:
# yamllint disable-line rule:line-length
group: composed-gradle-nexus-iq-${{ github.workflow }}-${{ github.event.inputs.GERRIT_BRANCH}}-${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }}
cancel-in-progress: true
env:
NEXUS_IQ_SERVER: https://nexus-iq.wl.linuxfoundation.org
NEXUS_STAGE: build
NEXUS_TARGET: ""
jobs:
run-gradle-clm:
runs-on: ubuntu-latest
steps:
- name: Gerrit Checkout
# yamllint disable-line rule:line-length
uses: lfit/checkout-gerrit-change-action@54d751e8bd167bc91f7d665dabe33fae87aaaa63 # v0.9
with:
gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }}
gerrit-project: ${{ inputs.GERRIT_PROJECT }}
gerrit-url: ${{ vars.GERRIT_URL }}
delay: "0s"
submodules: "true"
# yamllint disable-line rule:line-length
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
id: setup-python
with:
python-version: "3.8"
- name: Run gradle build and CLM scan
# yamllint disable-line rule:line-length
uses: lfit/releng-reusable-workflows/.github/actions/gradle-build-action@main
with:
jdk-version: ${{ inputs.JDK_VERSION }}
- name: Obtain Application ID
# yamllint disable rule:line-length
run: |
REPO_DASHED=$(echo ${{ inputs.GERRIT_PROJECT }} | tr "/" "-")
echo "APPLICATION_ID=${{ vars.ORGANIZATION }}-${REPO_DASHED}" >> "$GITHUB_ENV"
- name: Sonatype Lifecycle Scan
# yamllint disable-line rule:line-length
uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@98e376a377e4622da10ce286a618343c733e41c2
secrets:
NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }}