Skip to content

Address sonar security warnings #171

Address sonar security warnings

Address sonar security warnings #171

Workflow file for this run

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
name: Build
on:
push:
branches: [ main ]
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'Check out repository'
uses: actions/checkout@v3
with:
submodules: 'true'
fetch-depth: 0
- name: 'Set up Java'
uses: actions/setup-java@v3
with:
java-version: 21
distribution: 'temurin'
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: 'Cache Maven packages'
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: 'Build Kroxylicious maven project'
if: github.ref_name != 'main'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn -B clean verify -Pci
- name: 'Build Kroxylicious maven project on main'
if: github.event_name == 'push' && github.ref_name == 'main'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: mvn -B clean verify -Pci org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar -Dsonar.projectKey=kroxylicious_kroxylicious
- name: Save PR number to file
if: github.event_name == 'pull_request' && ${{ matrix.os }} == 'ubuntu-latest'
run: echo ${{ github.event.number }} > PR_NUMBER.txt
- name: Archive PR number
if: github.event_name == 'pull_request' && ${{ matrix.os }} == 'ubuntu-latest'
uses: actions/upload-artifact@v3
with:
name: PR_NUMBER
path: PR_NUMBER.txt