diffblue
diff --git a/‎.github/scripts/check-version.sh‎
Lines changed: 24 additions & 0 deletions b/‎.github/scripts/check-version.sh‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 63 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎.github/workflows/test.yml‎
Lines changed: 90 additions & 0 deletions b/‎.github/workflows/test.yml‎
Lines changed: 90 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 11 additions & 0 deletions b/‎.gitignore‎
Lines changed: 11 additions & 0 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 122 additions & 0 deletions b/‎CONTRIBUTING.md‎
Lines changed: 122 additions & 0 deletions
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+CURRENT_VERSION=$(awk -F'[<>]' '/<revision>/ {print $3; exit}' pom.xml)
+echo "Current version: '$CURRENT_VERSION'"
+echo "current_version=$CURRENT_VERSION" >> "$GITHUB_ENV"
+
+if [[ "$CURRENT_VERSION" == *-SNAPSHOT ]]; then
+    echo "::warning::Version '$CURRENT_VERSION' is a SNAPSHOT"
+    echo "skip=true" >> "$GITHUB_ENV"
+    echo "skip_reason=snapshot" >> "$GITHUB_ENV"
+elif PREVIOUS_VERSION=$(git describe --tags --abbrev=0 2>/dev/null); then
+    echo "Previous version: '$PREVIOUS_VERSION'"
+    if [[ "v$CURRENT_VERSION" == "$PREVIOUS_VERSION" ]]; then
+        echo "::warning::Version number has not changed from $PREVIOUS_VERSION"
+        echo "skip=true" >> "$GITHUB_ENV"
+        echo "skip_reason=unchanged" >> "$GITHUB_ENV"
+    else
+        echo "skip=false" >> "$GITHUB_ENV"
+    fi
+else
+    echo "No previous tags found, first release"
+    echo "skip=false" >> "$GITHUB_ENV"
+fi
@@ -0,0 +1,63 @@
+name: Release to GitHub
+
+on:
+  push:
+    branches:
+      - "main"
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout this branch
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'adopt'
+          java-version: '17'
+          cache: 'maven'
+
+      - name: Check version number has been increased
+        run: .github/scripts/check-version.sh
+      
+      - name: Configure GPG Key
+        if: ${{ env.skip == 'false' }}
+        run: |
+          echo -n "$GPG_KEY_BASE64" | base64 --decode | gpg --batch --passphrase ${GPG_PASSPHRASE} --import
+        env:
+          GPG_KEY_BASE64: ${{ secrets.GPG_KEY_BASE64 }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      
+      - name: Build and sign artifact
+        if: ${{ env.skip == 'false' }}
+        run: |
+            mvn install -B -P sign -Dgpg.passphrase="$GPG_PASSPHRASE"
+        env:
+          GPG_ID: ${{ secrets.GPG_ID }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      
+      - name: Create Release on GitHub
+        if: ${{ env.skip == 'false' }}
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          git tag "v${{ env.current_version }}"
+          git push origin "v${{ env.current_version }}"
+          gh release create "v${{ env.current_version }}" --repo="$GITHUB_REPOSITORY" --title="v${{ env.current_version }}" --generate-notes \
+            sonar-plugin/target/diffblue-sonar-plugin-"${{ env.current_version }}".jar \
+            sonar-plugin/target/diffblue-sonar-plugin-"${{ env.current_version }}".jar.asc
+
+      - name: Create mergeback PR
+        if: ${{ env.skip == 'false' }}
+        continue-on-error: true
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          gh pr create --head main --base develop \
+            --title "Mergeback: v${{ env.current_version }} into develop" \
+            --body "Automated mergeback of release v${{ env.current_version }} into develop."
+          gh pr merge main --auto --merge
@@ -0,0 +1,90 @@
+name: Build and Test
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - develop
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+
+    - name: Set up JDK
+      uses: actions/setup-java@v4
+      with:
+        distribution: 'adopt'
+        java-version: '17'
+        cache: 'maven'
+
+    - name: Run Spotless Check
+      run: mvn spotless:check
+
+    - name: Run Unit and Integration Tests
+      run: mvn install
+
+  release-check:
+    if: github.event_name == 'pull_request' && github.base_ref == 'main'
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Set up JDK
+      uses: actions/setup-java@v4
+      with:
+        distribution: 'adopt'
+        java-version: '17'
+        cache: 'maven'
+
+    - name: Check version number has been increased
+      run: .github/scripts/check-version.sh
+
+    - name: Fail if version is not releasable
+      if: ${{ env.skip == 'true' }}
+      run: |
+        echo "::error::Version check failed: ${{ env.skip_reason }}"
+        exit 1
+
+    - name: Configure GPG Key
+      run: |
+        echo -n "$GPG_KEY_BASE64" | base64 --decode | gpg --batch --passphrase ${GPG_PASSPHRASE} --import
+      env:
+        GPG_KEY_BASE64: ${{ secrets.GPG_KEY_BASE64 }}
+        GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+
+    - name: Build and sign artifact
+      run: mvn install -B -P sign -Dgpg.passphrase="$GPG_PASSPHRASE"
+      env:
+        GPG_ID: ${{ secrets.GPG_ID }}
+        GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+
+    - name: Upload artifact
+      id: upload
+      uses: actions/upload-artifact@v4
+      with:
+        name: diffblue-sonar-plugin-${{ env.current_version }}
+        path: |
+          sonar-plugin/target/diffblue-sonar-plugin-${{ env.current_version }}.jar
+          sonar-plugin/target/diffblue-sonar-plugin-${{ env.current_version }}.jar.asc
+
+    - name: Comment artifact link on PR
+      env:
+        GH_TOKEN: ${{ github.token }}
+      run: |
+        ARTIFACT_URL="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts/${{ steps.upload.outputs.artifact-id }}"
+        gh pr comment "${{ github.event.pull_request.number }}" --body "$(cat <<EOF
+        **Build artifact for v${{ env.current_version }}**
+
+        [Download diffblue-sonar-plugin-${{ env.current_version }}]($ARTIFACT_URL)
+        EOF
+        )"
@@ -0,0 +1,11 @@
+# IntelliJ
+.idea/*
+
+# Maven
+target/
+.flattened-pom.xml
+
+# Diffblue
+.diffblue/
+!**/src/test/resources/**/.diffblue/
+!test-examples/.diffblue/
@@ -0,0 +1,122 @@
+# Contributing to Diffblue SonarQube Plugin
+
+This guide will help you set up your development environment and walk through the testing workflow for making changes to the plugin.
+
+## Development Prerequisites
+
+- Java Development Kit (JDK 17 or higher)
+- Maven 3.6+
+- A local instance of SonarQube Community Edition
+- Diffblue Cover CLI (for generating test coverage data - optional)
+- A Java project with Diffblue tests present for testing
+
+## Initial Setup
+
+### 1. Set Up SonarQube Locally
+
+Download and set up a local instance of **SonarQube Community Edition** from the [official SonarQube downloads page](https://www.sonarqube.org/downloads/).
+
+### 2. Prepare a Test Project
+
+Pick a Java project to use for testing the plugin. For convenience, you can clone the [SonarQube Example Repository](https://github.com/diffblue/SonarQube-Example-Repo), which includes pre-generated Diffblue tests and metadata.
+
+### 3. Configure SonarQube
+
+1. Create a new project in your local SonarQube instance.
+2. Configure the **Analysis Method** to "Locally".
+3. Generate a SonarQube authentication token through the UI.
+4. Store this token somewhere secure for later use.
+
+## Development Workflow
+
+### Building the Plugin
+
+Build the SonarQube plugin JAR file from the project root:
+
+```bash
+mvn clean package
+```
+
+This produces the plugin JAR at `sonar-plugin/target/diffblue-sonar-plugin-X.X.X-SNAPSHOT.jar`.
+
+### Installing Your Build
+
+1. Copy the produced JAR to the `extensions/plugins/` directory of your SonarQube installation, replacing any previous versions:
+
+   ```bash
+   cp sonar-plugin/target/diffblue-sonar-plugin-X.X.X-SNAPSHOT.jar ~/sonarqube-25.11.0.114957/extensions/plugins/
+   ```
+   
+2. Restart SonarQube to load the new version of the plugin:
+
+   ```bash
+   # Navigate to your SonarQube installation directory
+   ./bin/[your-platform]/sonar.sh restart
+   ```
+
+### Running an Analysis
+
+Run the SonarQube analysis on your test project using the Maven command provided by SonarQube:
+
+```bash
+mvn clean verify sonar:sonar \
+  -Dsonar.projectKey=Your-Project-Key \
+  -Dsonar.projectName='Your Project Name' \
+  -Dsonar.host.url=http://localhost:9000 \
+  -Dsonar.token=YOUR_TOKEN_HERE
+```
+
+Replace `Your-Project-Key`, `Your Project Name`, and `YOUR_TOKEN_HERE` with the appropriate values for your test project.
+
+### Viewing Results
+
+1. Open the SonarQube UI at `http://localhost:9000`.
+2. Navigate to your project.
+3. View the latest measures, including the Diffblue coverage metrics.
+
+## Testing Changes
+
+When making changes to the plugin, follow this iteration cycle:
+
+1. Make your code changes.
+2. Build the plugin: `mvn clean package`
+3. Copy the new JAR to SonarQube's plugins directory.
+4. Restart SonarQube.
+5. Run the analysis on your test project.
+6. Verify the changes in the SonarQube UI.
+7. Repeat as needed.
+
+## Debugging and Logs
+
+### Analysis-Time Logs
+
+When running the analysis locally, log messages from **DiffblueCoverageSensor** will appear in the console where you execute the `mvn sonar:sonar` command. These logs show information about:
+- Detection of Diffblue coverage files
+- Processing of coverage data
+- Any errors or warnings during sensor execution
+
+### Server-Side Logs
+
+Log lines from the **DiffblueMeasureComputer** and **PercentageMeasureComputer** can be found in SonarQube's server log, as this component runs server-side after the analysis completes.
+
+To view server logs:
+- Navigate to your SonarQube installation directory
+- Check `logs/sonar.log` or `logs/web.log`
+
+## Code Style and Standards
+
+- Follow standard Java coding conventions
+- Write clear, descriptive commit messages
+- Include unit tests for new functionality
+- Run the code formatter before submitting changes: `mvn spotless:apply`
+- Ensure all tests pass before submitting changes: `mvn clean test`
+
+## Questions or Issues?
+
+If you encounter problems or have questions:
+- Check existing [GitHub Issues](https://github.com/diffblue/diffblue-sonar-plugin/issues)
+- Open a new issue with detailed information about your problem
+- Include relevant logs and SonarQube/plugin versions
+- Contact Diffblue with [support@Diffblue.com](support@Diffblue.com)
+
+Thank you for contributing to the Diffblue SonarQube Plugin!