5c1e7fe86d
Introduce a new job in the GitHub Actions workflow to integrate SonarCloud analysis. This includes setting up JDK 17, caching Maven dependencies, and running the SonarCloud Maven plugin for code quality checks.
60 lines
1.7 KiB
YAML
60 lines
1.7 KiB
YAML
name: Build and Test
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- develop
|
|
- feature*
|
|
pull_request:
|
|
types: [ opened, synchronize, reopened ]
|
|
|
|
jobs:
|
|
|
|
mvn-test:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
- name: Set up JDK 17
|
|
uses: actions/setup-java@v4.5.0
|
|
with:
|
|
java-version: '17'
|
|
distribution: 'corretto'
|
|
- name: Cache maven repository
|
|
uses: actions/cache@v4.2.0
|
|
with:
|
|
path: ~/.m2/repository
|
|
key: maven
|
|
restore-keys: maven
|
|
- name: Build with Maven and Test
|
|
env:
|
|
API_EMAIL: ${{ secrets.API_EMAIL }}
|
|
API_KEY: ${{ secrets.API_KEY }}
|
|
API_TOKEN: ${{ secrets.API_TOKEN }}
|
|
run: mvn clean test
|
|
|
|
sonarcloud-scan:
|
|
needs: mvn-test
|
|
name: Build and analyze with sonarcloud
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
|
|
- name: Set up JDK 17
|
|
uses: actions/setup-java@v4.5.0
|
|
with:
|
|
distribution: 'corretto'
|
|
java-version: '17'
|
|
- name: Cache maven repository
|
|
uses: actions/cache@v4.2.0
|
|
with:
|
|
path: ~/.m2/repository
|
|
key: maven
|
|
restore-keys: maven
|
|
- name: Build and analyze
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=th-schwarz_DynDRest #-Dsonar.projectName=DynDRest
|