Manage Maven Dependencies #76
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manage Maven Dependencies | |
| on: | |
| schedule: | |
| - cron: '0 4 * * *' # Runs daily at 4 AM UTC | |
| workflow_dispatch: # Allows manual trigger | |
| jobs: | |
| dependency-management: | |
| runs-on: ubuntu-latest | |
| name: Dependency Analysis and Management | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| - name: Set Up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '11' | |
| cache: maven | |
| - name: Display Java Version | |
| run: java -version | |
| - name: Generate Dependency Tree | |
| run: mvn dependency:tree -DoutputType=dot -DoutputFile=dependency-tree.dot | |
| - name: Upload Dependency Tree | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: dependency-tree | |
| path: dependency-tree.dot | |
| - name: Analyze Dependencies | |
| run: mvn dependency:analyze -DfailOnWarning=false > dependency-analysis.txt | |
| - name: Upload Dependency Analysis Report | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: dependency-analysis | |
| path: dependency-analysis.txt | |
| - name: Check for Missing Dependencies | |
| id: check_missing | |
| run: | | |
| if grep -q "Used undeclared dependencies" dependency-analysis.txt; then | |
| echo "Missing dependencies found." | |
| echo "::set-output name=missing::true" | |
| else | |
| echo "No missing dependencies." | |
| echo "::set-output name=missing::false" | |
| fi | |
| - name: Check for Unused Dependencies | |
| id: check_unused | |
| run: | | |
| if grep -q "Unused declared dependencies" dependency-analysis.txt; then | |
| echo "Unused dependencies found." | |
| echo "::set-output name=unused::true" | |
| else | |
| echo "No unused dependencies." | |
| echo "::set-output name=unused::false" | |
| fi | |
| - name: Send Notification for Missing Dependencies | |
| if: steps.check_missing.outputs.missing == 'true' | |
| uses: dawidd6/action-send-mail@v3 | |
| with: | |
| server_address: smtp.example.com | |
| server_port: 587 | |
| username: ${{ secrets.SMTP_USERNAME }} | |
| password: ${{ secrets.SMTP_PASSWORD }} | |
| subject: 'Maven Dependency Alert: Missing Dependencies' | |
| body: | | |
| The Maven dependency analysis has detected missing dependencies in your project. | |
| Please review the dependency-analysis.txt report for details. | |
| to: your-email@example.com | |
| from: github-actions@example.com | |
| - name: Send Notification for Unused Dependencies | |
| if: steps.check_unused.outputs.unused == 'true' | |
| uses: dawidd6/action-send-mail@v3 | |
| with: | |
| server_address: smtp.example.com | |
| server_port: 587 | |
| username: ${{ secrets.SMTP_USERNAME }} | |
| password: ${{ secrets.SMTP_PASSWORD }} | |
| subject: 'Maven Dependency Alert: Unused Dependencies' | |
| body: | | |
| The Maven dependency analysis has detected unused dependencies in your project. | |
| Please review the dependency-analysis.txt report for details. | |
| to: your-email@example.com | |
| from: github-actions@example.com | |
| - name: Attempt to Locate Alternative Sources (Manual Intervention Required) | |
| if: steps.check_missing.outputs.missing == 'true' || steps.check_unused.outputs.unused == 'true' | |
| run: | | |
| echo "Manual intervention required to update pom.xml with correct dependencies." | |
| echo "Refer to the uploaded dependency-analysis report for guidance." | |
| # Optional: Automatically Create an Issue for Missing Dependencies | |
| - name: Create GitHub Issue for Missing Dependencies | |
| if: steps.check_missing.outputs.missing == 'true' | |
| uses: peter-evans/create-issue-from-file@v3 | |
| with: | |
| title: 'Maven Dependency Alert: Missing Dependencies' | |
| content-file: dependency-analysis.txt | |
| labels: dependency, bug |