mirror of
https://github.com/spring-projects/spring-petclinic.git
synced 2025-07-22 07:45:49 +00:00
disable snapshot for registries, create a Dockerfile, and more...
This commit is contained in:
parent
0a9ea623aa
commit
d26fb582c1
3 changed files with 30 additions and 12 deletions
22
.github/workflows/maven-build.yml
vendored
22
.github/workflows/maven-build.yml
vendored
|
@ -23,28 +23,32 @@ jobs:
|
|||
uses: actions/setup-java@v2
|
||||
with:
|
||||
java-version: ${{matrix.java}}
|
||||
distribution: 'adopt'
|
||||
distribution: 'amazoncorretto'
|
||||
cache: maven
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Compile the code
|
||||
run: ./mvnw -B package
|
||||
run: ./mvnw -B package -D skipTests
|
||||
- name: Run the tests
|
||||
run: ./mvnw test
|
||||
|
||||
- name: Package the project as a runnable Docker image
|
||||
run: ./mvnw spring-boot:build-image
|
||||
run: docker buildx build --platform linux/arm64,linux/amd64 --load -t my_repo/jfrog_assignment:${{ github.sha }} .
|
||||
- name: Scan the project with your preferred SCA tool
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'docker.io/library/spring-petclinic:3.2.0-JFrog_Assignment'
|
||||
image-ref: 'my_repo/jfrog_assignment:${{ github.sha }}'
|
||||
format: 'sarif'
|
||||
output: 'trivy-results.sarif'
|
||||
ignore-unfixed: true
|
||||
vuln-type: 'os,library'
|
||||
severity: 'CRITICAL,HIGH'
|
||||
- name: Upload Trivy scan results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
- uses: actions/upload-artifact@v4
|
||||
with:
|
||||
sarif_file: 'trivy-results.sarif'
|
||||
name: trivy-results.sarif
|
||||
path: trivy-results.sarif
|
||||
|
||||
- name: Tag Docker image
|
||||
run: docker tag docker.io/library/spring-petclinic:3.2.0-JFrog_Assignment my_repo/spring-petclinic:3.2.0-JFrog_Assignment
|
||||
|
|
14
Dockerfile
Normal file
14
Dockerfile
Normal file
|
@ -0,0 +1,14 @@
|
|||
# Use a base image with Java runtime
|
||||
FROM amazoncorretto:17-alpine
|
||||
|
||||
# Set the working directory inside the container
|
||||
WORKDIR /app
|
||||
|
||||
# Copy the compiled JAR file into the container at /app
|
||||
COPY target/spring-petclinic-*.jar /app/app.jar
|
||||
|
||||
# Expose the port that your application will run on
|
||||
EXPOSE 8080
|
||||
|
||||
# Specify the command to run your application
|
||||
CMD ["java", "-jar", "app.jar"]
|
4
pom.xml
4
pom.xml
|
@ -281,7 +281,7 @@
|
|||
<name>Maven Repository Switchboard</name>
|
||||
<url>https://repo1.maven.org/maven2</url>
|
||||
<snapshots>
|
||||
<enabled>true</enabled>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
</repository>
|
||||
</repositories>
|
||||
|
@ -292,7 +292,7 @@
|
|||
<name>Maven Plugin Repository</name>
|
||||
<url>https://repo1.maven.org/maven2</url>
|
||||
<snapshots>
|
||||
<enabled>true</enabled>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
</pluginRepository>
|
||||
</pluginRepositories>
|
||||
|
|
Loading…
Reference in a new issue