Skip to content
.github/workflows/ci.yml

Fix docker image build issue #41

Sign in to view logs

Fix docker image build issue

Fix docker image build issue #41

Workflow file for this run

.github/workflows/ci.yml at fb5fd4f
name: CI
on:
pull_request:
branches: [ main ]
types: [ ready_for_review, opened, reopened, synchronize ]
push:
branches: [ main ]
# Cancel in-progress runs for the same PR/branch
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build & Test
runs-on: ubuntu-latest
# Skip draft PRs
if: github.event.pull_request.draft == false
services:
postgres:
image: postgres:17-alpine
env:
POSTGRES_USER: test
POSTGRES_PASSWORD: test
POSTGRES_DB: test-db
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 3
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Set up JDK 25
uses: actions/setup-java@v5
with:
java-version: '25'
distribution: 'temurin'
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: ${{ runner.os }}-gradle-
- name: Grant execute permissions for gradlew
run: chmod +x gradlew
- name: Check code formatting
run: ./gradlew spotlessCheck
- name: Build
run: ./gradlew build -x test
- name: Run tests
run: ./gradlew test
env:
SPRING_DATASOURCE_URL: jdbc:postgresql://localhost:5432/test-db
SPRING_DATASOURCE_USERNAME: test
SPRING_DATASOURCE_PASSWORD: test
- name: Generate test coverage report
run: ./gradlew jacocoTestReport
- name: Check test coverage
run: ./gradlew jacocoTestCoverageVerification
- name: Upload coverage report
uses: actions/upload-artifact@v5
if: always()
with:
name: coverage-report
path: build/reports/jacoco/test/html/
retention-days: 7
- name: Upload test results
uses: actions/upload-artifact@v5
if: always()
with:
name: test-results
path: build/reports/tests/test/
retention-days: 7
# Add coverage comment to PR
coverage-comment:
name: Coverage Report
runs-on: ubuntu-latest
needs: build
if: github.event_name == 'pull_request'
steps:
- name: Download coverage report
uses: actions/download-artifact@v6
with:
name: coverage-report
path: coverage
- name: Add coverage to PR
uses: madrapps/jacoco-report@v1.7.2
with:
paths: build/reports/jacoco/test/jacocoTestReport.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 80
min-coverage-changed-files: 80
security-scan:
name: Security Scan
runs-on: ubuntu-latest
needs: build
permissions:
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Run Trivy repo scan
uses: aquasecurity/trivy-action@0.33.1
with:
scan-type: 'repo'
scan-ref: '.'
format: 'table'
severity: 'CRITICAL,HIGH'
ignore-unfixed: true
- name: Run Trivy config scan
uses: aquasecurity/trivy-action@0.33.1
with:
scan-type: 'config'
scan-ref: '.'
format: 'table'
severity: 'CRITICAL,HIGH'
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
- name: Build Docker image
uses: docker/build-push-action@v6
with:
builder: : ${{ steps.buildx.outputs.nameb}}

Check failure on line 153 in .github/workflows/ci.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/ci.yml

Invalid workflow file 

You have an error in your yaml syntax on line 153
context: .
push: false
load: true
tags: user-service:${{ github.sha }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Run Trivy image scan
uses: aquasecurity/trivy-action@0.33.1
with:
scan-type: 'image'
image-ref: 'user-service:${{ github.sha }}'
format: 'table'
severity: 'CRITICAL,HIGH'
ignore-unfixed: true