name: API Gateway (Java Spring Boot) on: push: paths: - 'services/api-gateway/**' - '.gitea/workflows/api-gateway.yml' pull_request: paths: - 'services/api-gateway/**' env: REGISTRY: gitea.example.com IMAGE_PREFIX: labfusion SERVICE_NAME: api-gateway jobs: test: runs-on: ubuntu-latest defaults: run: working-directory: ./services/api-gateway strategy: matrix: java-version: [17, 21] steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up JDK ${{ matrix.java-version }} uses: actions/setup-java@v4 with: java-version: ${{ matrix.java-version }} distribution: 'temurin' - name: Cache Maven dependencies uses: actions/cache@v4 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ matrix.java-version }}-${{ hashFiles('**/pom.xml') }} restore-keys: | ${{ runner.os }}-m2-${{ matrix.java-version }}- ${{ runner.os }}-m2- - name: Validate POM run: mvn validate - name: Compile code run: mvn compile - name: Run unit tests run: mvn test - name: Generate test report uses: dorny/test-reporter@v1 if: success() || failure() with: name: Maven Tests (Java ${{ matrix.java-version }}) path: services/api-gateway/target/surefire-reports/*.xml reporter: java-junit - name: Run code quality checks run: | mvn spotbugs:check mvn checkstyle:check mvn pmd:check - name: Generate code coverage run: mvn jacoco:report - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 with: file: ./services/api-gateway/target/site/jacoco/jacoco.xml flags: api-gateway name: api-gateway-coverage build: runs-on: ubuntu-latest needs: test defaults: run: working-directory: ./services/api-gateway steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' - name: Cache Maven dependencies uses: actions/cache@v4 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - name: Build application run: mvn clean package -DskipTests - name: Build Docker image (test only) run: docker build -t api-gateway:test . security: runs-on: ubuntu-latest needs: build steps: - name: Checkout code uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: image-ref: api-gateway:test format: 'sarif' output: 'trivy-results.sarif' - name: Upload Trivy scan results uses: github/codeql-action/upload-sarif@v2 if: always() with: sarif_file: 'trivy-results.sarif'