Skip to content

github-workflows-dojo360-java-ci

Build, test, and scan Java apps using the recommended UHG reusable CI workflows (Maven/Gradle), with Artifactory integration and optional container builds

active
IDE:
claude
codex
vscode
Version:
1.0.0
Owner:pcorazao
github-actions
workflow
dojo360

Java CI Workflow Skill

Overview

This skill covers Java CI patterns for unit tests/build/scans and optional artifact uploads.

The Dojo360 workflow (java-ci.yml) exists, but for new implementations the recommended approach is to use the UHG CI Workflows reusable workflows from uhg-pipelines/ci-workflows (Maven/Gradle variants).

Workflow Reference

Recommended (Use This)

Repository: uhg-pipelines/ci-workflows
Workflows:

  • .github/workflows/java-maven-ci.yml@v2
  • .github/workflows/java-gradle-ci.yml@v2

Legacy (Dojo360)

Repository: dojo360/pipelines-workflows
Workflow: .github/workflows/java-ci.yml
Docs: https://github.com/dojo360/pipelines-workflows/tree/main/web/java-ci/index.md

Key Features

  • Runs Java unit tests and quality scans
  • Supports Maven or Gradle based projects
  • Artifactory integration via jfrog-project-key
  • Optional artifact upload (e.g., target/ or Gradle build outputs)
  • Optional Docker build/publish if you pass Docker inputs

Prerequisites

  • Java project (Maven: pom.xml or Gradle: build.gradle / build.gradle.kts)
  • Artifactory project/repositories provisioned
  • If building containers:
    • Dockerfile must use Optum golden images (no public base images)
    • Runner must have Docker available

Common Inputs (UHG reusable workflows)

InputTypeDescription
jfrog-project-keystringJFrog project key (routes to the correct SaaS Artifactory repos)
working-directorystringWhere your Java project lives (default: .)
java-versionstringJava version (e.g., 17)
java-distributionstringJava distribution (e.g., temurin)
docker-tagsstringImage tag(s) to publish when doing Docker builds
docker-contextstringDocker build context
docker-dockerfilestringDockerfile path
upload-artifacts-pathstringPaths to upload (commonly target/ for Maven)

Secrets

UHG reusable workflows generally handle Artifactory auth via OIDC + EPL actions, but you may still need:

  • Repo/org secrets required by your org’s scanning configuration
  • If you enable scanners that require tokens (e.g., Sonar), ensure those secrets exist

Templates

See ready-to-copy examples in .github/skills/github-workflows-dojo360-java-ci/templates/:

  • basic-java-maven-ci.yml
  • basic-java-gradle-ci.yml
  • java-maven-ci-with-docker-build.yml

Notes / Gotchas

  • If you build container images, ensure your Dockerfile uses Optum golden images (see .github/instructions/docker.instructions.md).
  • If your repo is multi-module, set working-directory to the module root.

Related Assets