Skip to content

ci: sonar analysis #125

ci: sonar analysis

ci: sonar analysis #125

Workflow file for this run

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Backend Java CI with Maven
defaults:
run:
working-directory: backend
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
cache: maven
- name: Run the Maven verify phase
run: mvn --batch-mode --update-snapshots verify
- name: SonarCloud scan for PR
uses: sonarsource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 # v3
if: github.event_name == 'pull_request'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
projectBaseDir: backend
args: |
-Dsonar.pullrequest.base=${{ github.base_ref }}
-Dsonar.pullrequest.branch=${{ github.head_ref }}
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
- name: SonarCloud scan for Push
uses: sonarsource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 # v3
if: github.event_name == 'push'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
projectBaseDir: backend
args: |
-Dsonar.branch.name=${{ github.head_ref }}
- name: Login to GitHub Container Registry
if: github.ref == 'refs/heads/main'
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
- name: Create container image
if: github.ref == 'refs/heads/main'
env:
IMAGE_ID: ghcr.io/${{ github.repository }}/backend
VERSION: main
run: |
# Convert to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
mvn spring-boot:build-image \
-Dmaven.test.skip=true \
-Dspring-boot.build-image.imageName=$IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
- name: Update dependency graph
uses: advanced-security/maven-dependency-submission-action@v4
with:
directory: backend