-
Notifications
You must be signed in to change notification settings - Fork 3
58 lines (51 loc) · 2.16 KB
/
sonarscan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
name: SonarScan
env:
NPMRC: ${{ secrets.NPMRC }}
on:
push:
branches: [ main, feature/* ]
pull_request_target:
branches: [ main, feature/* ]
jobs:
sonar:
name: Test - SonarCloud Scan
runs-on: ubuntu-latest
services:
postgres:
image: postgis/postgis:16-3.4
ports:
- 5432:5432
env:
POSTGRES_USER: wfprev
POSTGRES_PASSWORD: password
POSTGRES_DB: wfprevdb
options: >
--health-cmd="pg_isready -U wfprev -d wfprevdb"
--health-interval=10s
--health-timeout=5s
--health-retries=5
steps:
- uses: actions/checkout@v4
- name: Wait for Postgres to be ready
run: |
for i in {1..30}; do
if pg_isready -h postgres -p 5432 -U wfprev -d wfprevdb; then
echo "Postgres is ready!"
break
fi
echo "Waiting for Postgres..."
sleep 2
done
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'adopt'
- name: SonarCloud Scan
run: |
export MAVEN_OPTS="-Xmx10000m"
export NODE_OPTIONS="--max-old-space-size=4096"
mvn clean --settings server/wfprev-api/mvn_settings/settings.xml -B org.jacoco:jacoco-maven-plugin:prepare-agent verify org.jacoco:jacoco-maven-plugin:report org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=bcgov_nr-bcws-wfprev -Drepo.login=${{ secrets.IDIR_AS_EMAIL }} -Drepo.password=${{ secrets.IDIR_PASSWORD }} -DWFPREV_CLIENT_ID=${{ vars.WFPREV_CLIENT_ID }} -DWFPREV_CLIENT_SECRET=${{ secrets.WFPREV_CLIENT_SECRET }} -DWEBADE_OAUTH2_CHECK_TOKEN_URL=${{ vars.WEBADE_OAUTH2_CHECK_TOKEN_URL }} -DWEBADE_OAUTH2_CHECK_AUTHORIZE_URL=${{ vars.WEBADE_OAUTH2_CHECK_AUTHORIZE_URL }} -DWFPREV_DATASOURCE_URL=${{ vars.WFPREV_DATASOURCE_URL }} -DWFPREV_DATASOURCE_USERNAME=${{ vars.WFPREV_DATASOURCE_USERNAME }} -DWFPREV_DATASOURCE_PASSWORD=${{ secrets.WFPREV_DATASOURCE_PASSWORD }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}