.github/workflows/build.yml

name: Build CI

on:
  push:
    branches: [ main, develop ]
    tags: [ '[0-9]+.[0-9]+.[0-9]+' ]
  pull_request:
    branches: [ develop ]
    types: [ opened, reopened, synchronize ]
  workflow_dispatch:

concurrency:
  group: ${{ github.ref }}
  cancel-in-progress: true

jobs:
  test-project:
    runs-on: ubuntu-22.04
    timeout-minutes: 1
    steps:
      - name: Checkout repository
        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
      - name: Setup Java
        uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2
        with:
          distribution: temurin
          java-version: 17
          cache: maven
      - name: Executable Maven Wrapper
        run: chmod +x ./mvnw
      - name: Test project
        run: ./mvnw test

  quality-check:
    needs: test-project
    runs-on: ubuntu-22.04
    permissions:
      actions: read
      contents: read
      security-events: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
      - name: Setup Java
        uses: actions/setup-java@cd89f46ac9d01407894225f350157564c9c7cee2
        with:
          distribution: temurin
          java-version: 17
          cache: maven
      - name: Initialize CodeQL
        uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a
        with:
          languages: java
          queries: security-and-quality
      - name: Executable Maven Wrapper
        run: chmod +x ./mvnw
      - name: Compile project
        run: ./mvnw compile
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a