Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-22 07:45:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

disable snapshot for registries, create a Dockerfile, and more...

Browse source
This commit is contained in:
Dan Alima 2023-12-30 22:53:27 +02:00
parent 0a9ea623aa
commit d26fb582c1
3 changed files with 30 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/workflows/maven-build.yml vendored
View file

@ -23,28 +23,32 @@ jobs:
uses: actions/setup-java@v2 uses: actions/setup-java@v2
with: with:
java-version: ${{matrix.java}} java-version: ${{matrix.java}}
distribution: 'adopt' distribution: 'amazoncorretto'
cache: maven cache: maven
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Compile the code - name: Compile the code
run: ./mvnw -B package run: ./mvnw -B package -D skipTests
- name: Run the tests - name: Run the tests
run: ./mvnw test run: ./mvnw test
- name: Package the project as a runnable Docker image - name: Package the project as a runnable Docker image
run: ./mvnw spring-boot:build-image run: docker buildx build --platform linux/arm64,linux/amd64 --load -t my_repo/jfrog_assignment:${{ github.sha }} .
- name: Scan the project with your preferred SCA tool - name: Scan the project with your preferred SCA tool
uses: aquasecurity/trivy-action@master uses: aquasecurity/trivy-action@master
with: with:
image-ref: 'docker.io/library/spring-petclinic:3.2.0-JFrog_Assignment' image-ref: 'my_repo/jfrog_assignment:${{ github.sha }}'
format: 'sarif' format: 'sarif'
output: 'trivy-results.sarif' output: 'trivy-results.sarif'
ignore-unfixed: true ignore-unfixed: true
vuln-type: 'os,library' vuln-type: 'os,library'
severity: 'CRITICAL,HIGH' severity: 'CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab - uses: actions/upload-artifact@v4
uses: github/codeql-action/upload-sarif@v2
with: with:
sarif_file: 'trivy-results.sarif' name: trivy-results.sarif
path: trivy-results.sarif
- name: Tag Docker image
run: docker tag docker.io/library/spring-petclinic:3.2.0-JFrog_Assignment my_repo/spring-petclinic:3.2.0-JFrog_Assignment

14
Dockerfile Normal file
View file

@ -0,0 +1,14 @@
# Use a base image with Java runtime
FROM amazoncorretto:17-alpine
# Set the working directory inside the container
WORKDIR /app
# Copy the compiled JAR file into the container at /app
COPY target/spring-petclinic-*.jar /app/app.jar
# Expose the port that your application will run on
EXPOSE 8080
# Specify the command to run your application
CMD ["java", "-jar", "app.jar"]

4
pom.xml
View file

@ -281,7 +281,7 @@
<name>Maven Repository Switchboard</name> <name>Maven Repository Switchboard</name>
<url>https://repo1.maven.org/maven2</url> <url>https://repo1.maven.org/maven2</url>
<snapshots> <snapshots>
<enabled>true</enabled> <enabled>false</enabled>
</snapshots> </snapshots>
</repository> </repository>
</repositories> </repositories>
@ -292,7 +292,7 @@
<name>Maven Plugin Repository</name> <name>Maven Plugin Repository</name>
<url>https://repo1.maven.org/maven2</url> <url>https://repo1.maven.org/maven2</url>
<snapshots> <snapshots>
<enabled>true</enabled> <enabled>false</enabled>
</snapshots> </snapshots>
</pluginRepository> </pluginRepository>
</pluginRepositories> </pluginRepositories>