1- # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
2- # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
1+ # CI with maven build and scan
2+ #
3+ # version 1.0.1
4+ #
5+ # see : https://universe.fugerit.org/src/docs/conventions/workflows/build_maven_package.html
36
4- # This workflow uses actions that are not certified by GitHub.
5- # They are provided by a third-party and are governed by
6- # separate terms of service, privacy policy, and support
7- # documentation.
8-
9- name : CI build maven package
7+ name : CI maven build and scan
108
119on :
10+ # Trigger analysis when pushing in master or pull requests, and when creating
11+ # a pull request.
1212 push :
1313 branches :
14- - main
15- - develop
16- - branch-sonarcloud
14+ - main
15+ - develop
16+ - branch-preview
1717 pull_request :
18- branches :
19- - main
18+ types :
19+ - opened
20+ - synchronize
21+ - reopened
2022
2123jobs :
2224 build :
23-
25+ name : Build
2426 runs-on : ubuntu-latest
25-
2627 steps :
27- - uses : actions/checkout@v3
28- - name : Set up JDK 11
29- uses : actions/setup-java@v3
30- with :
31- java-version : ' 11'
32- distribution : ' corretto'
33- cache : maven
34- - name : Build with Maven
35- run : mvn -P full,coverage,metadata -B package --file pom.xml
28+ - uses : actions/checkout@main
29+ with :
30+ # Shallow clones should be disabled for a better relevancy of analysis
31+ fetch-depth : 0
32+ - name : Set up JDK 17
33+ uses : actions/setup-java@main
34+ with :
35+ java-version : ' 17'
36+ distribution : ' corretto'
37+ cache : ' maven'
38+ - name : Cache Maven packages
39+ uses : actions/cache@main
40+ with :
41+ path : ~/.m2
42+ key : ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
43+ restore-keys : ${{ runner.os }}-m2
44+ - name : Cache SonarCloud packages
45+ uses : actions/cache@main
46+ with :
47+ path : ~/.sonar/cache
48+ key : ${{ runner.os }}-sonar
49+ restore-keys : ${{ runner.os }}-sonar
50+ - uses : actions/setup-node@main
51+ with :
52+ node-version : 20
53+ - name : Maven version
54+ run : mvn -v
55+ env :
56+ # Needed to get some information about the pull request, if any
57+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
58+ # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
59+ SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
60+ - name : Build and analyze
61+ run : mvn -B clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Pcoverage,full,metadata,sonarfugerit -Dsonar.projectKey=fugerit-org_${{github.event.repository.name}}
62+ env :
63+ # Needed to get some information about the pull request, if any
64+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
65+ # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
66+ SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
3667
37- # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
38- - name : Update dependency graph
39- uses : advanced-security/maven-dependency-submission-action@v3.0.2
68+ # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
69+ - name : Update dependency graph
70+ # if DISABLE_MAVEN_DEPENDENCY_SUBMISSION is set to true, skip this step
71+ if : ${{ vars.DISABLE_MAVEN_DEPENDENCY_SUBMISSION != 'true' }}
72+ uses : advanced-security/maven-dependency-submission-action@main
0 commit comments