From aa75392914b17530cfe4f983365f42075d439cfb Mon Sep 17 00:00:00 2001 From: Marco Date: Wed, 30 Oct 2024 14:54:07 +0100 Subject: [PATCH] ci: sonar analysis --- .github/workflows/ci-backend.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/ci-backend.yml b/.github/workflows/ci-backend.yml index 4864e301..13a5ce55 100644 --- a/.github/workflows/ci-backend.yml +++ b/.github/workflows/ci-backend.yml @@ -37,6 +37,26 @@ jobs: cache: maven - name: Run the Maven verify phase run: mvn --batch-mode --update-snapshots verify + - name: SonarCloud scan for PR + uses: sonarsource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 # v3 + if: github.event_name == 'pull_request' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: | + -Dsonar.pullrequest.base=${{ github.base_ref }} + -Dsonar.pullrequest.branch=${{ github.head_ref }} + -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} + - name: SonarCloud scan for Push + uses: sonarsource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 # v3 + if: github.event_name == 'push' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: | + -Dsonar.branch.name=${{ github.head_ref }} - name: Login to GitHub Container Registry if: github.ref == 'refs/heads/main' run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin