Add SonarCloud scan to CI workflow
Introduce a new job in the GitHub Actions workflow to integrate SonarCloud analysis. This includes setting up JDK 17, caching Maven dependencies, and running the SonarCloud Maven plugin for code quality checks.
This commit is contained in:
@@ -32,3 +32,28 @@ jobs:
|
||||
API_KEY: ${{ secrets.API_KEY }}
|
||||
API_TOKEN: ${{ secrets.API_TOKEN }}
|
||||
run: mvn clean test
|
||||
|
||||
sonarcloud-scan:
|
||||
needs: mvn-test
|
||||
name: Build and analyze with sonarcloud
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
|
||||
- name: Set up JDK 17
|
||||
uses: actions/setup-java@v4.5.0
|
||||
with:
|
||||
distribution: 'corretto'
|
||||
java-version: '17'
|
||||
- name: Cache maven repository
|
||||
uses: actions/cache@v4.2.0
|
||||
with:
|
||||
path: ~/.m2/repository
|
||||
key: maven
|
||||
restore-keys: maven
|
||||
- name: Build and analyze
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
|
||||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
||||
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=th-schwarz_DynDRest #-Dsonar.projectName=DynDRest
|
||||
|
||||
Reference in New Issue
Block a user