diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 977bc68..8034957 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -32,3 +32,28 @@ jobs: API_KEY: ${{ secrets.API_KEY }} API_TOKEN: ${{ secrets.API_TOKEN }} run: mvn clean test + + sonarcloud-scan: + needs: mvn-test + name: Build and analyze with sonarcloud + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 17 + uses: actions/setup-java@v4.5.0 + with: + distribution: 'corretto' + java-version: '17' + - name: Cache maven repository + uses: actions/cache@v4.2.0 + with: + path: ~/.m2/repository + key: maven + restore-keys: maven + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=th-schwarz_DynDRest #-Dsonar.projectName=DynDRest