WIP

after push on all branches

.github/dependabot.yml

@@ -0,0 +1,7 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/main.yml

@@ -0,0 +1,42 @@
+name: "CI/CD Pipeline"
+
+on:
+  push:
+    branches: [ '*' ]
+    tags-ignore:
+      - '*'
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest, macos-latest]
+        java: [11, 15]
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v2
+      - name: Set up JDK ${{ matrix.java }}
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.java }}
+          architecture: x64
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Build with Maven
+        run: mvn clean install
+  notify-slack:
+    if: github.event_name == 'push' && (success() || failure())
+    needs:
+      - build
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Slack workflow notification"
+        uses: Gamesight/slack-workflow-status@master
+        with:
+          repo_token: ${{secrets.GITHUB_TOKEN}}
+          slack_webhook_url: ${{secrets.SLACK_WEBHOOK_URL}}

.github/workflows/release.yml

@@ -0,0 +1,94 @@
+name: "Release Pipeline"
+on:
+  push:
+    tags:
+      - test*  # todo replace with v*
+jobs:
+  release:
+    name: Release WebGoat
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: "Get tag name"
+        id: tag
+        uses: dawidd6/action-get-tag@v1
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+          architecture: x64
+
+      - name: Cache Maven packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: "Set labels for ${{ github.ref }}"
+        run: |
+          echo "WEBGOAT_TAG_VERSION=${{ steps.tag.outputs.tag }}" >> $GITHUB_ENV
+          echo "WEBGOAT_MAVEN_VERSION=${WEBGOAT_TAG_VERSION:1}" >> $GITHUB_ENV
+
+      - name: Build with Maven
+        run: |
+          mvn versions:set ${WEBGOAT_VERSION}
+          mvn clean install -DskipTests
+
+      - name: "Create release"
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: false
+          files: |
+            webgoat-server/target/webgoat-server-${WEBGOAT_MAVEN_VERSION}.jar
+            webwolf/target/webwolf-${WEBGOAT_MAVEN_VERSION}.jar
+          body: |
+            ## Version ${{ steps.tag.outputs.tag }}
+
+            ### New functionality
+
+            - test
+
+            ### Bug fixes
+
+            - [#743 - Character encoding errors](https://github.com/WebGoat/WebGoat/issues/743)
+
+
+            ## Contributors
+
+            Special thanks to the following contributors providing us with a pull request:
+
+            - Person 1
+            - Person 2
+
+            And everyone who provided feedback through Github.
+
+
+            Team WebGoat
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        - name: "Set up QEMU"
+          uses: docker/setup-qemu-action@v1
+        - name: "Set up Docker Buildx"
+          uses: docker/setup-buildx-action@v1
+        - name: "Login to dockerhub"
+          uses: docker/login-action@v1
+          with:
+            username: ${{ secrets.DOCKERHUB_USERNAME }}
+            password: ${{ secrets.DOCKERHUB_TOKEN }}
+        - name: "Build and push"
+          uses: docker/build-push-action@v2
+          with:
+            context: ./docker
+            file: docker/Dockerfile
+            push: false #todo enable
+            platforms: linux/amd64
+            tags: |
+              webgoat/goatandwolf:${WEBGOAT_TAG_VERSION}
+            # todo webgoat/goatandwolf:latest
+            build-args: |
+              webgoat_version=${WEBGOAT_TAG_VERSION}
+        - name: "Image digest"
+          run: echo ${{ steps.docker_build.outputs.digest }}