Skip to content

Issue sonar

Issue sonar #17

# CI with maven build and scan
#
# version 1.0.1
#
# see : https://universe.fugerit.org/src/docs/conventions/workflows/build_maven_package.html
name: CI maven build and scan
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- main
- develop
- branch-preview
pull_request:
types:
- opened
- synchronize
- reopened
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@main
with:
# Shallow clones should be disabled for a better relevancy of analysis
fetch-depth: 0
- uses: graalvm/setup-graalvm@main
with:
java-version: '22-ea'
distribution: 'graalvm'
github-token: ${{ secrets.GITHUB_TOKEN }}
native-image-job-reports: 'true'
- name: Cache Maven packages
uses: actions/cache@main
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Cache SonarCloud packages
uses: actions/cache@main
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- uses: actions/setup-node@main
with:
node-version: 20
- name: Maven version
run: mvn -v
env:
# Needed to get some information about the pull request, if any
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# SonarCloud access token should be generated from https://sonarcloud.io/account/security/
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Build and analyze
run: mvn -B clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Pcoverage,full,metadata,sonarfugerit,buildreact -Dsonar.projectKey=fugerit-org_${{github.event.repository.name}}
env:
# Needed to get some information about the pull request, if any
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# SonarCloud access token should be generated from https://sonarcloud.io/account/security/
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
- name: Update dependency graph
# if DISABLE_MAVEN_DEPENDENCY_SUBMISSION is set to true, skip this step
if: ${{ vars.DISABLE_MAVEN_DEPENDENCY_SUBMISSION != 'true' }}
uses: advanced-security/maven-dependency-submission-action@main