sarif report: allow file paths in file URI scheme #209
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Quality Monitor PR' | |
on: | |
pull_request_target: | |
jobs: | |
build: | |
runs-on: [ubuntu-latest] | |
name: Build, test and monitor quality on Ubuntu | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: "refs/pull/${{ github.event.number }}/merge" | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: 21 | |
check-latest: true | |
cache: 'maven' | |
- name: Set up Maven | |
uses: stCarolas/setup-maven@v5 | |
with: | |
maven-version: 3.9.9 | |
- name: Cache the NVD database | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2/repository/org/owasp/dependency-check-data | |
key: dependency-check | |
- name: Build with Maven | |
env: | |
BROWSER: chrome-container | |
NVD_API_KEY: ${{ secrets.NVD_API_KEY }} | |
run: mvn -V --color always -ntp clean verify -Pci -Powasp | tee maven.log | |
- name: Extract pull request number | |
uses: jwalton/gh-find-current-pr@v1 | |
id: pr | |
- name: Run Quality Monitor | |
uses: uhafner/quality-monitor@v1 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
pr-number: ${{ steps.pr.outputs.number }} | |
config: > | |
{ | |
"tests": { | |
"tools": [ | |
{ | |
"id": "test", | |
"name": "Tests", | |
"pattern": "**/target/*-reports/TEST*.xml" | |
} | |
], | |
"name": "Tests" | |
}, | |
"analysis": [ | |
{ | |
"name": "Style", | |
"id": "style", | |
"tools": [ | |
{ | |
"id": "checkstyle", | |
"pattern": "**/target/checkstyle-*/checkstyle-result.xml" | |
}, | |
{ | |
"id": "pmd", | |
"pattern": "**/target/pmd-*/pmd.xml" | |
} | |
] | |
}, | |
{ | |
"name": "Bugs", | |
"id": "bugs", | |
"icon": "bug", | |
"tools": [ | |
{ | |
"id": "spotbugs", | |
"sourcePath": "src/main/java", | |
"pattern": "**/target/spotbugsXml.xml" | |
}, | |
{ | |
"id": "error-prone", | |
"pattern": "**/maven.log" | |
} | |
] | |
}, | |
{ | |
"name": "Vulnerabilities", | |
"id": "vulnerabilities", | |
"icon": "shield", | |
"tools": [ | |
{ | |
"id": "owasp-dependency-check", | |
"pattern": "**/target/dependency-check-report.json" | |
} | |
] | |
} | |
], | |
"coverage": [ | |
{ | |
"name": "Code Coverage", | |
"tools": [ | |
{ | |
"id": "jacoco", | |
"name": "Line Coverage", | |
"metric": "line", | |
"sourcePath": "src/main/java", | |
"pattern": "**/target/site/jacoco/jacoco.xml" | |
}, | |
{ | |
"id": "jacoco", | |
"name": "Branch Coverage", | |
"metric": "branch", | |
"sourcePath": "src/main/java", | |
"pattern": "**/target/site/jacoco/jacoco.xml" | |
} | |
] | |
} | |
] | |
} |