iluwatar/java-design-patterns
4 workflows · maturity 50% · 3 patterns · GitHub ↗
Practices
○ Matrix✓ Permissions○ Security scan✓ AI review✓ Cache○ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Workflows (4)
maven-ci .github/workflows/maven-ci.yml
View raw YAML
name: Java CI
on:
push:
branches: [ master ]
jobs:
build-and-analyze:
name: Build and Run Sonar analysis on JDK 21
runs-on: ubuntu-22.04
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
# Disabling shallow clone for improving relevancy of SonarQube reporting
fetch-depth: 0
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
cache: 'maven'
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Cache Sonar packages which are used to run analysis and collect metrics
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
# Some tests need screen access
- name: Install xvfb
run: sudo apt-get install -y xvfb
- name: Build with Maven and run SonarQube analysis
run: xvfb-run ./mvnw clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
env:
# These two env variables are needed for sonar analysis
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}maven-pr-builder perms .github/workflows/maven-pr-builder.yml
View raw YAML
name: Java PR Builder
on:
pull_request_target:
branches: [ master ]
types: [ opened, reopened, synchronize ]
permissions:
contents: read
jobs:
build-and-analyze:
name: Build on JDK 21
runs-on: ubuntu-22.04
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
cache: 'maven'
- name: Cache local Maven repository
uses: actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Cache Sonar packages which are used to run analysis and collect metrics
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
# Some tests need screen access
- name: Install xvfb
run: sudo apt-get install -y xvfb
- name: Build with Maven and run SonarQube analysis
env:
# Intermediate variable
HEAD_REF: ${{ github.head_ref }}
# These two env variables are needed for sonar analysis
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: xvfb-run ./mvnw clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=iluwatar -Dsonar.projectKey=iluwatar_java-design-patterns -Dsonar.pullrequest.branch=$HEAD_REF -Dsonar.pullrequest.base=${{ github.base_ref }} -Dsonar.pullrequest.key=${{ github.event.pull_request.number }}presubmit perms AI .github/workflows/presubmit.yml
View raw YAML
name: Presubmit.ai
permissions:
contents: read
pull-requests: write
issues: write
on:
pull_request_target:
types: [opened, synchronize]
pull_request_review_comment:
types: [created]
jobs:
review:
runs-on: ubuntu-latest
steps:
- name: Check required secrets
run: |
if [ -z "${{ secrets.LLM_API_KEY }}" ]; then
echo "Error: LLM_API_KEY secret is not configured"
exit 1
fi
- uses: presubmit/ai-reviewer@latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
LLM_MODEL: "gpt-5-nano"stale .github/workflows/stale.yml
View raw YAML
name: 'Comment on stale issues and PRs'
on:
schedule:
- cron: '30 1 * * *'
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
with:
stale-issue-message: 'This issue is stale because it has been open 60 days with no activity.'
stale-pr-message: 'This PR is stale because it has been open 60 days with no activity.'
close-issue-message: 'This issue was closed because it has been stalled for too long with no activity.'
close-pr-message: 'This PR was closed because it has been stalled for too long with no activity.'
days-before-issue-stale: 60
days-before-pr-stale: 60
days-before-issue-close: -1
days-before-pr-close: -1
exempt-issue-labels: 'info: help wanted'