Skip to content

Sonar Analysis

Sonar Analysis #429

name: Sonar Analysis
on:
workflow_run:
workflows: ['CI/CD']
types: [completed]
jobs:
sonar-analysis:
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: 'Restore workflow context'
uses: dawidd6/action-download-artifact@v2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
run_id: ${{ github.event.workflow_run.id }}
name: maven-build-test-workflow-context
- name: 'Extract workflow context'
run: tar -xf workflow.tar.zst
- name: 'Restore workflow context'
run: cat workflow.env >> "${GITHUB_ENV}"
- name: 'Commit Status: Set Workflow Status as Pending'
uses: myrotvorets/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: pending
# Should match `env.PR_HEADSHA` when triggered by `pull_request` event workflow,
# Avoids failure of ENV being unavailable if job fails early:
sha: ${{ github.event.workflow_run.head_sha }}
- name: Clone Repository
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
- name: Restore cli test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-cli # hit - restore
restore-keys: cobigen-dep-${{ hashFiles('**/pom.xml') }} # restore at least maven dependencies
# Restore other parallel results as well - seems that for any reason I could not reuse caches incrementally... need to restore all caches
- name: Restore eclipse test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-eclipse # hit - restore
- name: Restore core systemtest results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-core-systemtest # hit - restore
- name: Restore core template test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-templates # hit - restore
- name: Restore core maven results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-maven # hit - restore
- name: Restore core plugin test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-plugins # hit - restore
- name: Restore core cli test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-cli # hit - restore
- name: SonarCloud Analysis
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
git fetch --unshallow
mvn verify sonar:sonar -DskipTests
# - name: 'Comment on PR: Sonar Analysis Result'
# if: ${{ env.PR_NUMBER != '' }}
# uses: marocchino/sticky-pull-request-comment@v2
# with:
# number: ${{ env.PR_NUMBER }}
# header: preview-comment
# recreate: true
# message: |
# Sonar Analysis Results are available [here](${{ steps.preview.outputs.deploy-url }})! :tada:
# Built with commit: ${{ env.PR_HEADSHA }}
- name: 'Commit Status: Set workflow result status'
uses: myrotvorets/[email protected]
# Always run this step regardless of job failing early:
if: ${{ always() }}
env:
DEPLOY_SUCCESS: Quality gate passed.
DEPLOY_FAILURE: Failed to pass the quality gate!
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status == 'success' && 'success' || 'failure' }}
sha: ${{ github.event.workflow_run.head_sha }}
description: ${{ job.status == 'success' && env.DEPLOY_SUCCESS || env.DEPLOY_FAILURE }}