diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml index 8f7c3eb4efb..84b825003c6 100755 --- a/.github/workflows/security-scan.yaml +++ b/.github/workflows/security-scan.yaml @@ -4,6 +4,7 @@ on: branches: - 'develop' - 'release-**' + - 'feat-improvedGitHubActionCaching' env: BUILD_OPTS: "" @@ -14,22 +15,32 @@ jobs: owasp-dependency-check: name: Owasp Dependency Check runs-on: ubuntu-latest + timeout-minutes: 45 steps: - - uses: actions/checkout@v4 # Checks out a copy of the repository on the ubuntu-latest machine - - uses: actions/setup-java@v4 + - name: Clones Kapua repo inside the runner + uses: actions/checkout@v4 + + - name: Setup Java 11 + uses: actions/setup-java@v4 with: distribution: 'zulu' java-version: 11 - cache: 'maven' - - uses: actions/setup-node@v4 # Installs Node and NPM + + - name: Setup Node 16 + uses: actions/setup-node@v4 # Installs Node and NPM with: node-version: 16 + - name: Install Swagger CLI # Installs Swagger CLI to bundle OpenAPI files run: 'npm install -g @apidevtools/swagger-cli' - - uses: actions/cache@v4 # Cache local Maven repository to reuse dependencies + shell: bash + + - name: Cache Maven repository - External dependencies # Cache of external Maven dependencies to speed up build time + id: cache-maven-external-deps + uses: actions/cache@v4 with: - path: ~/.m2/repository - key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-maven- - - run: mvn -B ${BUILD_OPTS} -DskipTests -Psecurity-scan verify \ No newline at end of file + path: ~/.m2/repository/ + key: ${{ runner.os }}-maven-develop-dependencies + + - name: Run Owasp Security Scan + run: mvn -B ${BUILD_OPTS} -DskipTests -Psecurity-scan verify \ No newline at end of file