Skip to content

sign both ECDH as well as ECDSA keys #1170

sign both ECDH as well as ECDSA keys

sign both ECDH as well as ECDSA keys #1170

Workflow file for this run

name: CI Build
on:
push:
pull_request_target:
types: [labeled]
workflow_dispatch:
inputs:
tag:
description: 'Image Tag'
required: false
env:
NODE_VERSION: 20
JAVA_VERSION: 21
defaults:
run:
shell: bash
jobs:
test:
name: Build and Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'npm'
cache-dependency-path: frontend/package-lock.json
- name: Install npm dependencies
working-directory: frontend
run: npm install
- name: Build and test frontend
working-directory: frontend
run: npm test
- name: Deploy frontend
working-directory: frontend
run: npm run dist
- name: SonarCloud Scan Frontend
uses: SonarSource/sonarcloud-github-action@master
with:
projectBaseDir: frontend
args: >
-Dsonar.organization=cryptomator
-Dsonar.projectKey=cryptomator_hub_frontend
-Dsonar.typescript.tsconfigPath=tsconfig.json
-Dsonar.sources=src/
-Dsonar.tests=test/
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ env.JAVA_VERSION }}
cache: 'maven'
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Build and test backend
working-directory: backend
run: >
mvn -B clean verify
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-Dsonar.projectKey=cryptomator_hub_backend
-Dsonar.organization=cryptomator
-Dsonar.host.url=https://sonarcloud.io
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- id: get_tag
if: inputs.tag != '' || github.ref_type == 'tag' || contains(github.event.head_commit.message, '[build image]')
run: |
if [[ ! -z "${{ inputs.tag }}" ]]; then
TAG="${{ inputs.tag }}"
elif [[ ${{ github.ref_type }} == 'tag' || ${{ github.ref_name }} == 'develop' ]]; then
TAG="${{ github.ref_name }}"
else
TAG="commit-${{ github.sha }}"
fi
echo tag=${TAG} >> "$GITHUB_OUTPUT"
- name: Ensure to use tagged version
if: startsWith(github.ref, 'refs/tags/')
run: mvn versions:set --file ./backend/pom.xml -DnewVersion=${GITHUB_REF##*/}
- name: Build and push container image
if: github.event.inputs.tag != '' || startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[build image]')
working-directory: backend
run: mvn -B clean package -DskipTests
env:
QUARKUS_JIB_PLATFORMS: linux/amd64,linux/arm64/v8
QUARKUS_CONTAINER_IMAGE_TAG: ${{ steps.get_tag.outputs.tag }}
QUARKUS_CONTAINER_IMAGE_BUILD: true
QUARKUS_CONTAINER_IMAGE_PUSH: true
QUARKUS_CONTAINER_IMAGE_REGISTRY: ghcr.io
QUARKUS_CONTAINER_IMAGE_USERNAME: ${{ github.actor }}
QUARKUS_CONTAINER_IMAGE_PASSWORD: ${{ secrets.GITHUB_TOKEN }}