Improve repository.

- add kokuwa checkstyle - add dependabot - add dependency documentation - add code owners - add codeql - add license badge
2022-01-25 11:30:00 +01:00 · 2022-01-25 11:30:00 +01:00 · 0f6596becc
commit 0f6596becc
parent f92d80d1a9
10 changed files with 196 additions and 47 deletions
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@ -0,0 +1,22 @@
+name: CodeQL
+
+"on":
+  workflow_dispatch: {}
+  pull_request: {}
+  schedule:
+    - cron: '0 0 * * *'
+
+jobs:
+  codeql:
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+    steps:
+      - uses: actions/checkout@v3
+      - uses: github/codeql-action/init@v1
+        with:
+          languages: java
+      - uses: github/codeql-action/autobuild@v1
+      - uses: github/codeql-action/analyze@v1
--- a/.github/workflows/dependabot.yaml
+++ b/.github/workflows/dependabot.yaml
@ -0,0 +1,17 @@
+name: Dependabot
+
+"on": pull_request_target
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}
+      - run: gh pr merge --auto --squash "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{ secrets.GIT_ACTION_TOKEN }}
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@ -0,0 +1,26 @@
+name: Lint
+
+"on":
+  workflow_dispatch: {}
+  push:
+    branches: [main]
+  pull_request: {}
+
+jobs:
+
+  yaml:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ibiqlik/action-yamllint@v3
+        with:
+          format: colored
+          strict: true
+
+  markdown:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: avto-dev/markdown-lint@v1
+        with:
+          args: /github/workspace
--- a/.github/workflows/pullrequest.yaml
+++ b/.github/workflows/pullrequest.yaml
@ -0,0 +1,26 @@
+name: PullRequest
+
+"on": pull_request
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 11
+          cache: maven
+      - run: mvn -B dependency:go-offline
+      - run: mvn -B verify
+      - uses: dorny/test-reporter@v1.5.0
+        if: failure()
+        with:
+          name: surefire
+          path: '**/target/surefire-reports/*.xml,**/target/invoker-reports/*.xml'
+          reporter: java-junit
+          list-suites: failed
+          list-tests: failed
+          fail-on-error: false
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -1,13 +1,12 @@
 name: Release

-"on":
-  workflow_dispatch: {}
+"on": workflow_dispatch

 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
        with:
          token: ${{ secrets.GIT_ACTION_TOKEN }}
      - uses: crazy-max/ghaction-import-gpg@v4
@ -16,16 +15,17 @@ jobs:
          passphrase: ${{ secrets.GPG_PASSPHRASE }}
          git_user_signingkey: true
          git_commit_gpgsign: true
-      - uses: actions/setup-java@v2
+      - uses: actions/setup-java@v3
        with:
          distribution: temurin
          java-version: 11
+          cache: maven
          server-id: sonatype-nexus
          server-username: SERVER_USERNAME
          server-password: SERVER_PASSWORD
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          gpg-passphrase: GPG_PASSPHRASE
-      - run: mvn -B dependency:go-offline -q
+      - run: mvn -B dependency:go-offline
      - run: mvn -B release:prepare
      - run: mvn -B release:perform
        env:
--- a/.github/workflows/snapshot.yaml
+++ b/.github/workflows/snapshot.yaml
@ -2,32 +2,16 @@ name: Snapshot

 "on":
  workflow_dispatch: {}
-  push: {}
+  push:
+    branches: [main]
+    paths-ignore: ['**.md']

 jobs:
-
-  lint-yaml:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: ibiqlik/action-yamllint@v3
-        with:
-          format: colored
-          strict: true
-
-  lint-markdown:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: docker://avtodev/markdown-lint:v1
-        with:
-          args: /github/workspace
-
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-java@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-java@v3
        with:
          distribution: temurin
          java-version: 11
@ -35,19 +19,17 @@ jobs:
          server-id: sonatype-nexus
          server-username: SERVER_USERNAME
          server-password: SERVER_PASSWORD
-      - run: mvn -B dependency:go-offline -q
-      - run: mvn -B verify
-        if: github.ref != 'refs/heads/main'
+      - run: mvn -B dependency:go-offline
      - run: mvn -B deploy
-        if: github.ref == 'refs/heads/main'
        env:
          SERVER_USERNAME: ${{ secrets.SONATYPE_NEXUS_USERNAME }}
          SERVER_PASSWORD: ${{ secrets.SONATYPE_NEXUS_PASSWORD }}
-      - uses: dorny/test-reporter@v1
+      - uses: dorny/test-reporter@v1.5.0
        if: failure()
        with:
          name: surefire
-          path: '*/target/surefire-reports/*.xml'
+          path: '**/target/surefire-reports/*.xml'
          reporter: java-junit
          list-suites: failed
          list-tests: failed
+          fail-on-error: false