Skip to content
Reachables tests

Goodbye validate-iri #2342

Sign in to view logs

Goodbye validate-iri

Goodbye validate-iri #2342

Workflow file for this run

.github/workflows/java-reachables-test.yml at 915dd63
name: Reachables tests
on:
pull_request:
paths:
- '.github/workflows/java-reachables-test.yml'
- '.pnpmfile.cjs'
- 'bin/**'
- 'data/**'
- 'index.cjs'
- 'lib/**'
- 'package.json'
- 'pnpm-lock.yaml'
- '!**.poku.js'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
permissions: {}
jobs:
java-js-sample-tests:
strategy:
fail-fast: false
matrix:
java-version: ['24']
node-version: ['24.5.0']
os: ['ubuntu-24.04']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Set up JDK ${{ matrix.java-version }}
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ matrix.node-version }}
- name: npm install, build
run: |
npm install --global corepack@latest
corepack enable
corepack pnpm install --config.strict-dep-builds=true
mkdir -p repotests
mkdir -p bomresults
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'DependencyTrack/dependency-track'
path: 'repotests/dependency-track'
ref: '4.11.1'
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'DependencyTrack/frontend'
path: 'repotests/frontend'
ref: '4.13.0'
- name: compile
run: |
cd repotests/dependency-track
mvn -q clean compile -DskipTests -Dmaven.test.skip=true
- name: reachables tests - java
run: |
node bin/cdxgen.js -p -t java --profile research -o repotests/dependency-track/bom.json repotests/dependency-track
ls -ltr repotests/dependency-track/
cp -rf repotests/dependency-track/*.json bomresults/
env:
CDXGEN_DEBUG_MODE: verbose
- name: reachables tests - js
run: |
node bin/cdxgen.js -p -t js --profile research -o repotests/frontend/bom.json repotests/frontend
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: bomresults
path: bomresults
ruby-samples:
strategy:
fail-fast: false
matrix:
os: ["ubuntu-24.04"]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: setup paths
run: |
mkdir -p repotests
mkdir -p rubyresults
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'bionomia/bionomia'
path: 'repotests/bionomia'
ref: '5ada8b5f4a5f68561a7195e2badc2f744dc4676e'
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'OWASP/railsgoat'
path: 'repotests/railsgoat'
ref: 'c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9'
- name: generate reachables sbom - bionomia
run: |
mkdir -p $GITHUB_WORKSPACE/rubyresults/bionomia
cd repotests/bionomia
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-debian-ruby33:v11 -r /app -o /app/bom.json -t ruby --profile research
cp bom.json *.slices.json $GITHUB_WORKSPACE/rubyresults/bionomia
- name: generate reachables sbom - railsgoat
run: |
mkdir -p $GITHUB_WORKSPACE/rubyresults/railsgoat
cd repotests/railsgoat
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-debian-ruby26:v11 -r /app -o /app/bom.json -t ruby --profile research
cp bom.json *.slices.json $GITHUB_WORKSPACE/rubyresults/railsgoat
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: rubyresults
path: rubyresults
scala-samples:
strategy:
fail-fast: false
matrix:
os: ["ubuntu-24.04"]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'playframework/play-samples'
path: 'repotests/play-samples'
ref: '0dccba17856e89dbb5e457ab760efb14cc691395'
- name: setup paths
run: |
mkdir -p repotests
mkdir -p scalaresults
- name: generate reachables sbom - play-scala-rest-api-example
run: |
mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-rest-api-example
cd repotests/play-samples/play-scala-rest-api-example
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-rest-api-example
- name: generate reachables sbom - play-scala-slick-example
run: |
mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-slick-example
cd repotests/play-samples/play-scala-slick-example
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-slick-example
- name: generate reachables sbom - play-scala-starter-example/
run: |
mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-starter-example
cd repotests/play-samples/play-scala-starter-example
docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-starter-example
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: scalaresults
path: scalaresults