Skip to content

Adds SECURITY.md and scanning workflow #9

Adds SECURITY.md and scanning workflow

Adds SECURITY.md and scanning workflow #9

Workflow file for this run

# yamllint --format github .github/workflows/test_readme.yml
---
name: test_readme
# These test build commands mentioned in various README.md files.
#
# This doesn't literally scrape the README.md, so we don't test documentation-only commits.
on:
# We run tests on only on pull requests targeted at the master branch.
# * This skips master pushes as it is rare things not done in PRs break, and conserves resources
pull_request:
branches: master
paths-ignore: '**/*.md'
jobs:
zipkin-dependencies:
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '17' # until Spark 4 per SPARK-43831
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: README.md # Tests the build which is re-used for docker
run: ./mvnw -T1C -q --batch-mode -DskipTests -Denforcer.fail=false package
- name: docker/README.md
run: build-bin/docker/docker_build openzipkin/zipkin-dependencies:test
env:
RELEASE_FROM_MAVEN_BUILD: true