build(deps): Bump io.netty:netty-bom from 4.1.125.Final to 4.1.126.Final #1436
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - 'README.adoc' | |
| - 'CONTRIBUTING.adoc' | |
| pull_request: | |
| paths-ignore: | |
| - 'README.adoc' | |
| - 'CONTRIBUTING.adoc' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Set up JDK' | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: zulu | |
| java-version: 17 | |
| - name: 'Cache Maven packages' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}-${{ github.sha }} | |
| - name: 'Enable Sonar for local PRs not from Dependabot' | |
| if: ${{ github.event.sender.login != 'dependabot[bot]' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} | |
| run: echo "USE_SONAR=sonar" >> $GITHUB_ENV | |
| - name: 'Disable Sonar for foreign PRs or from Dependabot' | |
| if: ${{ github.event.sender.login == 'dependabot[bot]' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository) }} | |
| run: echo "USE_SONAR=-sonar" >> $GITHUB_ENV | |
| - name: 'Cache SonarQube packages' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: 'Enable reusable Testcontainers' | |
| run: echo "testcontainers.reuse.enable=true" > ~/.testcontainers.properties | |
| - name: 'Checkout' | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
| - name: 'Preflight unit tests only' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: ./mvnw --no-transfer-progress -DskipITs -am -pl neo4j-jdbc clean package | |
| - name: 'Verify and install' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| run: > | |
| ./mvnw --no-transfer-progress -DskipClusterIT -P$USE_SONAR -Dsonar.projectKey=neo4j-jdbc -Dsonar.projectName='neo4j-jdbc' install | |
| integration_tests: | |
| name: Integration tests using Java ${{ matrix.java }} against ${{ matrix.neo4j }} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| java: [ '21', '24' ] | |
| neo4j: [ '5.26.8' ] | |
| needs: build | |
| steps: | |
| - name: 'Set up JDK' | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: zulu | |
| java-version: ${{ matrix.java }} | |
| - name: 'Cache Maven packages' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}-${{ github.sha }} | |
| - name: 'Enable reusable Testcontainers' | |
| run: echo "testcontainers.reuse.enable=true" > ~/.testcontainers.properties | |
| - name: 'Checkout' | |
| uses: actions/checkout@v4 | |
| - name: 'Ensure read permissions for neo4j.conf' | |
| run: chmod 640 neo4j-jdbc-it/neo4j-jdbc-it-cp/src/test/resources/cc/neo4j.conf | |
| - name: 'Run integration tests' | |
| run: > | |
| ./mvnw --no-transfer-progress | |
| -DskipUTs | |
| -Dneo4j.version=${{ matrix.neo4j }} | |
| -f neo4j-jdbc-it | |
| clean verify | |
| native_build: | |
| name: Test using native image | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: 'Setup GraalVM' | |
| uses: graalvm/[email protected] | |
| with: | |
| distribution: 'graalvm-community' | |
| java-version: '17' | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 'Cache Maven packages' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}-${{ github.sha }} | |
| - name: 'Enable reusable Testcontainers' | |
| run: echo "testcontainers.reuse.enable=true" > ~/.testcontainers.properties | |
| - name: 'Checkout' | |
| uses: actions/checkout@v4 | |
| - name: 'Run native tests (default distribution)' | |
| run: ./mvnw --no-transfer-progress -DskipUTs -Dnative clean verify -pl neo4j-jdbc-it/neo4j-jdbc-it-cp | |
| - name: 'Run native tests (bundled distribution)' | |
| run: ./mvnw --no-transfer-progress -DskipUTs -Dnative clean verify -pl bundles/neo4j-jdbc-full-bundle | |
| security_test: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.sender.login != 'dependabot[bot]' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} | |
| steps: | |
| - name: 'Checkout' | |
| uses: actions/checkout@v4 | |
| - name: 'Run Snyk to check for vulnerabilities' | |
| uses: snyk/actions/maven@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| args: --severity-threshold=high --all-projects --exclude=dist,docs,etc,neo4j-jdbc-bundle,neo4j-jdbc-full-bundle,neo4j-jdbc-it,neo4j-jdbc-test-results,benchkit,neo4j-jdbc-text2cypher-translator,neo4j-jdbc-text2cypher-bundle |