From f9d0b8fe04b42f6016e6fe1b80ddde86656b3218 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Istv=C3=A1n=20R=C3=A1tkai?= Date: Fri, 21 Apr 2023 09:33:43 +0100 Subject: [PATCH 1/8] Split maven workflow --- .../{maven.yml => maven_pull_request.yml} | 11 ++---- .github/workflows/maven_push.yml | 35 +++++++++++++++++++ 2 files changed, 37 insertions(+), 9 deletions(-) rename .github/workflows/{maven.yml => maven_pull_request.yml} (74%) create mode 100644 .github/workflows/maven_push.yml diff --git a/.github/workflows/maven.yml b/.github/workflows/maven_pull_request.yml similarity index 74% rename from .github/workflows/maven.yml rename to .github/workflows/maven_pull_request.yml index c07083a5..280187cc 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven_pull_request.yml @@ -1,15 +1,13 @@ # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven -name: Java CI with Maven +name: Java CI with Maven on Pull Request # The API requires write permission on the repository to submit dependencies permissions: contents: write on: - push: - branches: ["main"] pull_request: branches: ["main"] @@ -28,16 +26,11 @@ jobs: run: mvn -B verify --file pom.xml - name: Scan with Sonar run: | - if [ $FORK = false ] || [ "$PUSH_REF" = "refs/heads/main" ] + if [ $FORK = false ] then mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=BerryCloud_xapi-java -Dsonar.organization=berry-cloud -Dsonar.host.url=https://sonarcloud.io --file pom.xml fi env: FORK: ${{ github.event.pull_request.head.repo.fork }} - PUSH_REF: ${{ github.event.ref }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive - - name: Update dependency graph - uses: advanced-security/maven-dependency-submission-action@v3 diff --git a/.github/workflows/maven_push.yml b/.github/workflows/maven_push.yml new file mode 100644 index 00000000..9feef6aa --- /dev/null +++ b/.github/workflows/maven_push.yml @@ -0,0 +1,35 @@ +# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven + +name: Java CI with Maven on Push + +# The API requires write permission on the repository to submit dependencies +permissions: + contents: write + +on: + push: + branches: ["main"] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: "17" + distribution: "temurin" + cache: maven + - name: Build with Maven + run: mvn -B verify --file pom.xml + - name: Scan with Sonar + run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=BerryCloud_xapi-java -Dsonar.organization=berry-cloud -Dsonar.host.url=https://sonarcloud.io --file pom.xml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive + - name: Update dependency graph + uses: advanced-security/maven-dependency-submission-action@v3 From 1054e6953528bafaa5e58898129d71bbc7da38cc Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:38:01 +0100 Subject: [PATCH 2/8] Update .github/workflows/maven_pull_request.yml --- .github/workflows/maven_pull_request.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_pull_request.yml b/.github/workflows/maven_pull_request.yml index 280187cc..b8da4f49 100644 --- a/.github/workflows/maven_pull_request.yml +++ b/.github/workflows/maven_pull_request.yml @@ -4,7 +4,6 @@ name: Java CI with Maven on Pull Request # The API requires write permission on the repository to submit dependencies -permissions: contents: write on: From be98047724c61aeac368e6c4979a6894d7852d44 Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:38:08 +0100 Subject: [PATCH 3/8] Update .github/workflows/maven_pull_request.yml --- .github/workflows/maven_pull_request.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_pull_request.yml b/.github/workflows/maven_pull_request.yml index b8da4f49..cf8e92cc 100644 --- a/.github/workflows/maven_pull_request.yml +++ b/.github/workflows/maven_pull_request.yml @@ -4,7 +4,6 @@ name: Java CI with Maven on Pull Request # The API requires write permission on the repository to submit dependencies - contents: write on: pull_request: From 6f3e1311c754a347b75753c2241e0d6812673800 Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:38:34 +0100 Subject: [PATCH 4/8] Update .github/workflows/maven_pull_request.yml --- .github/workflows/maven_pull_request.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_pull_request.yml b/.github/workflows/maven_pull_request.yml index cf8e92cc..e47a331d 100644 --- a/.github/workflows/maven_pull_request.yml +++ b/.github/workflows/maven_pull_request.yml @@ -3,7 +3,6 @@ name: Java CI with Maven on Pull Request -# The API requires write permission on the repository to submit dependencies on: pull_request: From 6b02fbee26d12cedbf50a498efc3d3e9d4ed5f56 Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:55:56 +0100 Subject: [PATCH 5/8] Update .github/workflows/maven_push.yml --- .github/workflows/maven_push.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_push.yml b/.github/workflows/maven_push.yml index 9feef6aa..d01a419a 100644 --- a/.github/workflows/maven_push.yml +++ b/.github/workflows/maven_push.yml @@ -4,7 +4,6 @@ name: Java CI with Maven on Push # The API requires write permission on the repository to submit dependencies -permissions: contents: write on: From 3f52ad6de924e0b35a017b7e31dbf34c2dcd675b Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:56:14 +0100 Subject: [PATCH 6/8] Update .github/workflows/maven_push.yml --- .github/workflows/maven_push.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_push.yml b/.github/workflows/maven_push.yml index d01a419a..66307586 100644 --- a/.github/workflows/maven_push.yml +++ b/.github/workflows/maven_push.yml @@ -3,7 +3,6 @@ name: Java CI with Maven on Push -# The API requires write permission on the repository to submit dependencies contents: write on: From d6cf6c00b16bfa771a4cbdfe769cc69ec12e5e08 Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 10:56:25 +0100 Subject: [PATCH 7/8] Update .github/workflows/maven_push.yml --- .github/workflows/maven_push.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/maven_push.yml b/.github/workflows/maven_push.yml index 66307586..6ad14126 100644 --- a/.github/workflows/maven_push.yml +++ b/.github/workflows/maven_push.yml @@ -3,7 +3,6 @@ name: Java CI with Maven on Push - contents: write on: push: From c6a3b6e9c7fd44413ee5f5a5c1606881fdfb0b28 Mon Sep 17 00:00:00 2001 From: Thomas Turrell-Croft Date: Fri, 21 Apr 2023 11:20:11 +0100 Subject: [PATCH 8/8] Apply suggestions from code review --- .github/workflows/maven_pull_request.yml | 1 - .github/workflows/maven_push.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/.github/workflows/maven_pull_request.yml b/.github/workflows/maven_pull_request.yml index e47a331d..d7b477c1 100644 --- a/.github/workflows/maven_pull_request.yml +++ b/.github/workflows/maven_pull_request.yml @@ -2,7 +2,6 @@ # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven name: Java CI with Maven on Pull Request - on: pull_request: diff --git a/.github/workflows/maven_push.yml b/.github/workflows/maven_push.yml index 6ad14126..ea330936 100644 --- a/.github/workflows/maven_push.yml +++ b/.github/workflows/maven_push.yml @@ -2,7 +2,6 @@ # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven name: Java CI with Maven on Push - on: push: