build: Update build workflow #186
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- "*" | |
pull_request: | |
branches: | |
- main | |
env: | |
JAVA_VERSION: 21 | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Build with Gradle | |
run: ./gradlew build publishToMavenLocal --build-cache | |
- name: Run zpa-checks integration tests | |
run: ./gradlew :zpa-checks:integrationTest --build-cache | |
- name: Build custom rules example | |
run: ./gradlew build -p plsql-custom-rules | |
- name: Upload build artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build-artifacts | |
path: | | |
**/build/ | |
zpa-checks/tools/ | |
retention-days: 1 | |
integration-tests: | |
name: IT | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
sqVersion: | |
- LATEST_RELEASE[9.9] | |
- LATEST_RELEASE[10.5] | |
- 10.6-SNAPSHOT | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Download build artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: build-artifacts | |
- if: ${{ !contains(matrix.sqVersion, 'SNAPSHOT') }} | |
name: Run plugin integration test | |
run: ./gradlew :sonar-zpa-plugin:integrationTest -Dsonar.runtimeVersion=${{ matrix.sqVersion }} --info | |
- if: ${{ contains(matrix.sqVersion, 'SNAPSHOT') }} | |
name: Run plugin integration test | |
run: | | |
curl -s -L "https://nexus.felipezorzo.com.br/service/rest/v1/search/assets/download?repository=maven-snapshots&maven.groupId=org.sonarsource.sonarqube&maven.artifactId=sonar-application&maven.extension=zip&sort=version&maven.baseVersion=${{ matrix.sqVersion }}" \ | |
-u "$AUTH_REPOSITORY" \ | |
-o sonar-zpa-plugin/sonar-application-${{ matrix.sqVersion }}.zip | |
./gradlew :sonar-zpa-plugin:integrationTest -Dsonar.zipFile=sonar-application-${{ matrix.sqVersion }}.zip --info | |
env: | |
AUTH_REPOSITORY: ${{ secrets.AUTH_REPOSITORY }} | |
release: | |
name: Release | |
needs: integration-tests | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Download build artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: build-artifacts | |
- if: github.ref == 'refs/heads/main' | |
name: Run SonarQube Scanner | |
run: ./gradlew sonar --info | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
- if: github.ref == 'refs/heads/main' | |
name: Release artifacts | |
run: ./gradlew publish jreleaserFullRelease | |
env: | |
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
JRELEASER_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_SECRET_KEY }} | |
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_KEY_PASSWORD }} | |
dependency-submission: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Generate and submit dependency graph | |
uses: gradle/actions/dependency-submission@v3 |