feat:intergrate project with sonaqube #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Java CI with Maven | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
architecture: x64 | |
distribution: 'temurin' | |
- name: Cache Maven packages | |
uses: actions/cache@v2 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Set up Maven settings.xml | |
run: | | |
mkdir -p ~/.m2 | |
echo "<settings> | |
<servers> | |
<server> | |
<id>github-ledgers</id> | |
<username>${{ github.actor }}</username> | |
<password>${{ secrets.LEDGER_READ_SECRET }}</password> | |
</server> | |
</servers> | |
</settings>" > ~/.m2/settings.xml | |
- name: Build with webank BankAcount | |
run: mvn clean install -s ~/.m2/settings.xml -DskipTests -DskipITs -Dmaven.javadoc.skip=true | |
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive | |
# - name: Update dependency graph | |
# uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6 | |
javaDoc: | |
needs: build | |
name: Generate Javadocs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clone webank-BankAccount repository | |
uses: actions/checkout@v4 | |
- name: Set up JDK 17 for x64 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
architecture: x64 | |
distribution: 'temurin' | |
- name: Cache Maven packages | |
uses: actions/cache@v2 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Compile before generate Javadocs | |
run: mvn -ntp -DskipTests -DskipITs -Dmaven.javadoc.skip=true clean install | |
- name: Generate javadocs | |
run: mvn -ntp javadoc:javadoc | |
UItests: | |
needs: build | |
name: Run UI tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clone webank BankAccount main repository | |
uses: actions/checkout@v4 | |
- name: Set up JDK 17 for x64 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
architecture: x64 | |
distribution: 'temurin' | |
- name: Cache Maven packages | |
uses: actions/cache@v2 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Run UI tests | |
run: mvn -ntp -DskipITs --fail-at-end clean install | |
analyze: | |
name: Build and analyze | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: 17 | |
distribution: 'zulu' # Alternative distribution options are available. | |
- name: Cache SonarQube packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Maven packages | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Set up Maven settings.xml | |
run: | | |
mkdir -p ~/.m2 | |
echo "<settings> | |
<servers> | |
<server> | |
<id>github-ledgers</id> | |
<username>${{ github.actor }}</username> | |
<password>${{ secrets.LEDGER_READ_SECRET }}</password> | |
</server> | |
</servers> | |
</settings>" > ~/.m2/settings.xml | |
- name: Build and analyze | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=webank -Dsonar.projectName='webank' | |
# Check the SonarQube Quality Gate status | |
- name: SonarQube Quality Gate check | |
id: sonarqube-quality-gate-check | |
uses: sonarsource/sonarqube-quality-gate-action@master | |
with: | |
scanMetadataReportFile: target/sonar/report-task.txt | |
timeout-minutes: 5 | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
# Display Quality Gate status result in the console | |
- name: Show SonarQube Quality Gate Status | |
run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}" | |