From 43a200df5201352d2c83a4fe7944d83861986377 Mon Sep 17 00:00:00 2001
From: Konrad Windszus <konrad_w@gmx.de>
Date: Mon, 3 Jun 2024 16:52:22 +0200
Subject: [PATCH] Trigger Sonarcloud analysis from GHA (#143)

Only generate coverage info conditionally (with profile "code-coverage")
This closes #140
---
 .github/workflows/build.yml | 12 ++++++++++++
 README.md                   |  2 +-
 pom.xml                     | 15 +++++++++++----
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d5f896a0..c76a873e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -14,6 +14,11 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
         java: [ '11', '17', '21' ]
+        include:
+          # lengthy build steps should only be performed on linux with Java 17 (Sonarcloud analysis, deployment)
+          - os: ubuntu-latest
+            java: '17'
+            isMainBuildEnv: true
       fail-fast: false
 
     runs-on: ${{ matrix.os }}
@@ -27,5 +32,12 @@ jobs:
           cache: 'maven'
 
       - name: Build with Maven
+        if: '!matrix.isMainBuildEnv'
         run: ./mvnw verify -e -B -V
 
+      - name: Build with Maven (incl. Sonarcloud analysis)
+        if: 'matrix.isMainBuildEnv'
+        env: 
+          # SonarCloud access token and project coordinates provided in context of https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/4700
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: ./mvnw verify -Pcode-coverage -e -B -V org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }} -Dsonar.organization=${{ vars.SONAR_ORGANIZATION }}
diff --git a/README.md b/README.md
index 06c7ebdf..1d0c62fa 100644
--- a/README.md
+++ b/README.md
@@ -9,7 +9,7 @@
 ```
 
 [![build](https://github.com/eclipse/sisu.inject/actions/workflows/build.yml/badge.svg?event=push)](https://github.com/eclipse/sisu.inject/actions/workflows/build.yml)
-[![maintainability](https://sonarcloud.io/api/project_badges/measure?project=org.eclipse.sisu%3Asisu-inject&metric=sqale_rating)](https://sonarcloud.io/summary/overall?id=org.eclipse.sisu%3Asisu-inject)
+[![maintainability](https://sonarcloud.io/api/project_badges/measure?project=eclipse-sisu_sisu.inject&metric=sqale_rating)](https://sonarcloud.io/summary/overall?id=eclipse-sisu_sisu.inject)
 [![license](https://img.shields.io/badge/license-EPL_1.0-blue.svg)](https://www.eclipse.org/legal/epl-v10.html)
 
 Sisu is a modular [JSR330](https://javax-inject.github.io/javax-inject/)-based container that supports classpath scanning, auto-binding, and dynamic auto-wiring.
diff --git a/pom.xml b/pom.xml
index e3359c44..ea92a0d5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -624,10 +624,6 @@ Bundle-DocURL: http://www.eclipse.org/sisu/
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-enforcer-plugin</artifactId>
       </plugin>
-      <plugin>
-        <groupId>org.jacoco</groupId>
-        <artifactId>jacoco-maven-plugin</artifactId>
-      </plugin>
     </plugins>
   </build>
 
@@ -689,5 +685,16 @@ Bundle-DocURL: http://www.eclipse.org/sisu/
         </plugins>
       </build>
     </profile>
+    <profile>
+      <id>code-coverage</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.jacoco</groupId>
+            <artifactId>jacoco-maven-plugin</artifactId>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
   </profiles>
 </project>