-
Notifications
You must be signed in to change notification settings - Fork 5
104 lines (99 loc) · 4.06 KB
/
sonarcloud-analysis.yml
File metadata and controls
104 lines (99 loc) · 4.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# SPDX-FileCopyrightText: 2022 Alliander N.V.
#
# SPDX-License-Identifier: Apache-2.0
name: SonarCloud Analysis
on:
workflow_run:
workflows: [SonarCloud Build]
types: [completed]
jobs:
sonar-check:
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion == 'success'
timeout-minutes: 15
permissions:
contents: read
actions: read
pull-requests: read
steps:
- name: echo event
run: cat $GITHUB_EVENT_PATH
- name: Download PR number artifact
if: github.event.workflow_run.event == 'pull_request'
uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
with:
workflow: SonarCloud Build
run_id: ${{ github.event.workflow_run.id }}
name: PR_NUMBER
- name: Read PR_NUMBER.txt
if: github.event.workflow_run.event == 'pull_request'
id: pr_number
uses: juliangruber/read-file-action@271ff311a4947af354c6abcd696a306553b9ec18 # v1
with:
path: ./PR_NUMBER.txt
- name: Request GitHub API for PR data
if: github.event.workflow_run.event == 'pull_request'
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
id: get_pr_data
with:
route: GET /repos/{full_name}/pulls/{number}
number: ${{ steps.pr_number.outputs.content }}
full_name: ${{ github.event.repository.full_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
- name: Download build artifacts
uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
with:
workflow: SonarCloud Build
run_id: ${{ github.event.workflow_run.id }}
name: build-artifacts
- name: Cache SonarCloud packages
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Set up JDK 17
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
with:
distribution: 'zulu'
java-version: '17'
cache: 'maven'
- name: Set Common Sonar Variables
id: sonar_env
run: |
echo "sonar_opts=-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.projectKey=com-pas_compas-cim-mapping \
-Dsonar.organization=com-pas" >> $GITHUB_OUTPUT
- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d # v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
- name: Build and analyze (Pull Request)
if: ${{ github.event.workflow_run.event == 'pull_request' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- name: Build and analyze (Push)
if: ${{ github.event.workflow_run.event == 'push' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
-Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} \
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar