-
Notifications
You must be signed in to change notification settings - Fork 70
141 lines (124 loc) · 4.77 KB
/
sonar-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Sonar Analysis
on:
workflow_run:
workflows: ['CI/CD']
types: [completed]
jobs:
sonar-analysis:
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: 'Restore workflow context'
uses: dawidd6/action-download-artifact@v2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
run_id: ${{ github.event.workflow_run.id }}
name: maven-build-test-workflow-context
- name: 'Extract workflow context'
run: tar -xf workflow.tar.zst
- name: 'Restore workflow context'
run: cat workflow.env >> "${GITHUB_ENV}"
- name: 'Commit Status: Set Workflow Status as Pending'
uses: myrotvorets/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: pending
# Should match `env.PR_HEADSHA` when triggered by `pull_request` event workflow,
# Avoids failure of ENV being unavailable if job fails early:
sha: ${{ github.event.workflow_run.head_sha }}
- name: Clone Repository
uses: actions/checkout@v3
with:
ref: ${{ github.event.workflow_run.head_branch }}
- name: Cache SonarCloud packages
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
- name: Restore cli test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-cli # hit - restore
restore-keys: cobigen-dep-${{ hashFiles('**/pom.xml') }} # restore at least maven dependencies
# Restore other parallel results as well - seems that for any reason I could not reuse caches incrementally... need to restore all caches
- name: Restore eclipse test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-eclipse # hit - restore
- name: Restore core systemtest results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-core-systemtest # hit - restore
- name: Restore core template test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-templates # hit - restore
- name: Restore core maven results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-maven # hit - restore
- name: Restore core plugin test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-plugins # hit - restore
- name: Restore core cli test results
uses: actions/cache@v3
with:
path: |
**/*.exec
**/failsafe-reports/**/*
**/surefire-reports/**/*
key: Linux-11-jacoco-${{ github.sha }}-cli # hit - restore
- name: SonarCloud Analysis
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
git fetch --unshallow
mvn verify sonar:sonar -DskipTests
# - name: 'Comment on PR: Sonar Analysis Result'
# if: ${{ env.PR_NUMBER != '' }}
# uses: marocchino/sticky-pull-request-comment@v2
# with:
# number: ${{ env.PR_NUMBER }}
# header: preview-comment
# recreate: true
# message: |
# Sonar Analysis Results are available [here](${{ steps.preview.outputs.deploy-url }})! :tada:
# Built with commit: ${{ env.PR_HEADSHA }}
- name: 'Commit Status: Set workflow result status'
uses: myrotvorets/[email protected]
# Always run this step regardless of job failing early:
if: ${{ always() }}
env:
DEPLOY_SUCCESS: Quality gate passed.
DEPLOY_FAILURE: Failed to pass the quality gate!
with:
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status == 'success' && 'success' || 'failure' }}
sha: ${{ github.event.workflow_run.head_sha }}
description: ${{ job.status == 'success' && env.DEPLOY_SUCCESS || env.DEPLOY_FAILURE }}