Sonar #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sonar | |
| on: | |
| workflow_run: | |
| workflows: ["Build PR"] | |
| types: [completed] | |
| jobs: | |
| sonar: | |
| name: Sonar | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| if: github.event.workflow_run.conclusion == 'success' | |
| steps: | |
| # Download the PR number artifact | |
| - name: Download PR number | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pr-number | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| run-id: ${{ github.event.workflow_run.id }} | |
| path: . | |
| # Read the PR number from the file and store it in 'steps.pr_number.outputs.content' | |
| - name: Read PR number from file | |
| id: pr_number | |
| run: echo "content=$(cat pr-number.txt)" >> $GITHUB_OUTPUT | |
| # Request GitHub API for PR data | |
| - name: Request GitHub API for PR data | |
| if: github.event.workflow_run.event == 'pull_request' | |
| uses: octokit/request-action@v2.x | |
| id: get_pr_data | |
| with: | |
| route: GET /repos/${{ github.event.repository.full_name }}/pulls/${{ steps.pr_number.outputs.content }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Checkout the PR branch | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.event.workflow_run.head_repository.full_name }} | |
| ref: ${{ github.event.workflow_run.head_branch }} | |
| fetch-depth: 0 | |
| # Checkout the base branch to keep the information about the new lines of code | |
| - name: Checkout base branch | |
| if: github.event.workflow_run.event == 'pull_request' | |
| run: | | |
| git remote add upstream ${{ github.event.repository.clone_url }} | |
| git fetch upstream | |
| git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} | |
| git checkout ${{ github.event.workflow_run.head_branch }} | |
| git clean -ffdx && git reset --hard HEAD | |
| # Download compiled classes | |
| - name: Download Compiled Classes | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: compiled-classes | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| run-id: ${{ github.event.workflow_run.id }} | |
| path: target/classes | |
| # Download Jacoco XML coverage files | |
| - name: Download Coverage Reports | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: coverage-reports | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| run-id: ${{ github.event.workflow_run.id }} | |
| path: target/site/jacoco | |
| # SonarCloud Scan analysis and push | |
| - name: SonarCloud Scan | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ | |
| -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \ | |
| -Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \ | |
| -Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \ | |
| -Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} |