Skip to content

Sonar

Sonar #89

Workflow file for this run

name: Sonar
'on':
push:
branches:
- "**"
pull_request_target:
branches:
- "**"
types: [opened, synchronize, reopened, labeled]
schedule:
- cron: 0 16 * * *
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 17
java-package: jdk
- uses: actions/checkout@v1
with:
fetch-depth: 0
- name: Check for external PR
if: ${{ !(contains(github.event.pull_request.labels.*.name, 'safe') ||
github.event.pull_request.head.repo.full_name == github.repository ||
github.event_name != 'pull_request_target') }}
run: echo "Unsecure PR, must be labelled with the 'safe' label, then run the workflow again" && exit 1
- name: Build with Maven
run: >-
mvn clean install -Dgpg.signature.skip=true --file pom.xml
- name: Sonar Scan
env:
GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}'
run: >-
mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-Dsonar.projectName=client-encryption-java
-Dsonar.projectKey=Mastercard_client-encryption-java
-Dsonar.organization=mastercard -Dsonar.host.url=https://sonarcloud.io
-Dsonar.login=$SONAR_TOKEN -Dsonar.cpd.exclusions=**/OkHttp*.java
-Dsonar.exclusions=**/*.xml -Dgpg.signature.skip=true