Add SonarCloud scan to CI workflow

Introduce a new job in the GitHub Actions workflow to integrate SonarCloud analysis. This includes setting up JDK 17, caching Maven dependencies, and running the SonarCloud Maven plugin for code quality checks.
This commit is contained in:
2025-03-24 14:51:32 +01:00
parent efac34e73c
commit 5c1e7fe86d
+25
View File
@@ -32,3 +32,28 @@ jobs:
API_KEY: ${{ secrets.API_KEY }}
API_TOKEN: ${{ secrets.API_TOKEN }}
run: mvn clean test
sonarcloud-scan:
needs: mvn-test
name: Build and analyze with sonarcloud
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 17
uses: actions/setup-java@v4.5.0
with:
distribution: 'corretto'
java-version: '17'
- name: Cache maven repository
uses: actions/cache@v4.2.0
with:
path: ~/.m2/repository
key: maven
restore-keys: maven
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=th-schwarz_DynDRest #-Dsonar.projectName=DynDRest