From 503d7866051e3ee13e74d820550e54e9bdbc8b9c Mon Sep 17 00:00:00 2001 From: Decebal Suiu Date: Mon, 14 Jun 2021 22:51:39 +0300 Subject: [PATCH] Add code analyses via Sonar (#458) --- .github/workflows/build.yml | 36 ++++++++++++++++++++++++++++++++++++ pf4j/pom.xml | 4 ++++ pom.xml | 3 +++ 3 files changed, 43 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..5cdef8a --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,36 @@ +name: Build +on: + push: + branches: + - '*' + pull_request: + types: [opened, synchronize, reopened] +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v1 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: cd pf4j && mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar diff --git a/pf4j/pom.xml b/pf4j/pom.xml index f871590..a3fa87f 100644 --- a/pf4j/pom.xml +++ b/pf4j/pom.xml @@ -14,6 +14,10 @@ PF4J Plugin Framework for Java + + pf4j_pf4j + + diff --git a/pom.xml b/pom.xml index 5b597b0..34206af 100644 --- a/pom.xml +++ b/pom.xml @@ -58,6 +58,9 @@ false false false + + pf4j + https://sonarcloud.io -- 2.39.5