run sonar from pipeline instead of GH app #79
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven | |
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # we can build and run tests in a single step or do it in multiple steps... | |
| # the "package" phase on maven implicitly will download dependencies, build classes, run unit tests, and package classes | |
| name: CI with Maven | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| types: [opened, synchronize] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| java: [ '17', '21' ] | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ matrix.java }} | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Run unit and integration tests | |
| run: mvn test failsafe:integration-test verify | |
| - name: SonarQube analysis | |
| run: mvn sonar:sonar -Dsonar.qualitygate.wait=true -Dsonar.projectKey=bitcoder_tutorial-spring -Dsonar.organization=bitcoder -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=${{ secrets.SONAR_TOKEN }} -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} -Dsonar.pullrequest.branch=${{ github.head_ref }} -Dsonar.pullrequest.base=${{ github.base_ref }} -Dsonar.coverage.jacoco.xmlReportPaths=target/site/jacoco-merged-test-coverage-report/jacoco.xml | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Add code coverage information to PR | |
| id: jacoco-pr | |
| uses: madrapps/jacoco-report@v1.7.2 | |
| if: github.event_name == 'pull_request' | |
| with: | |
| paths: | | |
| ${{ github.workspace }}/**/target/site/jacoco-merged-test-coverage-report/jacoco.xml | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| min-coverage-overall: 80 | |
| min-coverage-changed-files: 80 | |
| - name: Push results to Xray on Jira Cloud | |
| if: always() | |
| env: | |
| XRAYCLOUD_CLIENT_ID: ${{ secrets.XRAYCLOUD_CLIENT_ID }} | |
| XRAYCLOUD_CLIENT_SECRET: ${{ secrets.XRAYCLOUD_CLIENT_SECRET }} | |
| XRAYCLOUD_TEST_PLAN_KEY: ${{ vars.XRAYCLOUD_TEST_PLAN_KEY }} | |
| REVISON: ${{ github.ref_name}} | |
| TEST_ENVIRONMENT: java${{ matrix.java }} | |
| run: mvn -Dxray.clientId=${{ env.XRAYCLOUD_CLIENT_ID }} -Dxray.clientSecret=${{ env.XRAYCLOUD_CLIENT_SECRET }} -Dxray.testEnvironment=${{ env.TEST_ENVIRONMENT }} -Dxray.testPlanKey=${{ env.XRAYCLOUD_TEST_PLAN_KEY }} -Dxray.revision=${{ env.REVISON }} xray:import-results |