Add Code Quality Actions in Github #16
Comments
ebresie
added
infrastructure
|
Trying to add some maven quality / security checks initially, adding plugins to the pom.xml file. See https://rieckpil.de/top-3-maven-plugins-to-ensure-quality-and-security-for-your-project/ 5.2.2 For Security try For quality try |
|
Put these originally in build but due to current failures not addressed, it prevented any subsequent successful builds. Tried putting in reporting section but then had execution and dependencies tag issues. Not sure if this is a maven or plugin version issue (i.e. not supported in given maven or plugin in use - may require plugin version update). For now moving out of build section and commenting out until can resolve issue. |
Presently build includes basic Github Security Checks (see https://github.com/ebresie/python4nb/security ) however adding additional checks is preferred going forward.
This issue involves updating the CI/Build flow (either during maven build or during other phase) to accommodate additional Code quality actions where applicable. This may include but not limited to
Reference:
https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-maven/
https://github.com/marketplace/actions/sonarcloud-scan
The text was updated successfully, but these errors were encountered: