fix: fixing sonarqube quality issues #88
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: maven-build | |
on: | |
push: | |
branches: ['**/**'] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
env: | |
S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY }} | |
S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_USERNAME: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_USERNAME }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_TOKEN: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_TOKEN }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PASSPHRASE: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PASSPHRASE }} | |
GITHUB_TOKEN: ${{ github.token }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
MARKDOWN2HTML_MAVEN_PLUGIN_FAIL_ON_ERROR: true | |
steps: | |
# Checkout the repository | |
- name: 📄 Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
fetch-depth: 0 | |
# Set up JDK and Maven | |
- name: 🧱 Set up JDK and Maven | |
uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4 | |
with: | |
distribution: adopt | |
java-version: 17 | |
gpg-private-key: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PRIVATE_KEY }} | |
# Get the project version | |
- name: 📝 Store project version | |
id: project_version | |
run: echo "project_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT | |
# Generate cache key | |
- name: 📝 Store cache key | |
id: cache_key | |
run: echo "cache_key=${{ runner.os }}-mvn-${{ hashFiles('**/pom.xml') }}-${{ github.sha }}" >> $GITHUB_OUTPUT | |
# Prepare cache using cache key | |
- name: 💾 Prepare Cache | |
id: prepare-cache | |
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 | |
with: | |
path: | | |
/home/runner/.m2 | |
/home/runner/work | |
key: ${{ steps.cache_key.outputs.cache_key }} | |
# Generate settings.xml for Maven | |
- name: 🔘 Generate settings.xml | |
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d # v22 | |
with: | |
repositories: > | |
[ | |
{ | |
"id": "s3", | |
"name": "s3.sbb.polarion.maven.repo", | |
"url": "s3://sbb-polarion-maven-repo/polarion.mvn", | |
"releases": { | |
"enabled": "true", | |
"updatePolicy": "never" | |
} | |
} | |
] | |
servers: > | |
[ | |
{ | |
"id": "s3", | |
"username": "${env.S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY}", | |
"password": "${env.S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY}" | |
}, | |
{ | |
"id": "github", | |
"username": "${env.GITHUB_ACTOR}", | |
"password": "${env.GITHUB_TOKEN}" | |
}, | |
{ | |
"id": "ossrh", | |
"username": "${env.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_USERNAME}", | |
"password": "${env.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_TOKEN}" | |
}, | |
{ | |
"id": "gpg.passphrase", | |
"passphrase": "${env.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PASSPHRASE}" | |
} | |
] | |
profiles: > | |
[ | |
{ | |
"id": "deploy-github-packages", | |
"properties": | |
{ | |
"altDeploymentRepository": "github::default::https://maven.pkg.github.com/${{ github.repository }}" | |
} | |
} | |
] | |
# Print settings.xml | |
- name: 🔘 Print settings.xml | |
run: cat /home/runner/.m2/settings.xml | |
# Build with Maven | |
- name: 📦 Build with Maven | |
run: mvn --batch-mode clean package sonar:sonar | |
outputs: | |
project_version: ${{ steps.project_version.outputs.project_version }} | |
cache_key: ${{ steps.cache_key.outputs.cache_key }} | |
# Deploy release to Maven Central | |
deploy-maven-central: | |
needs: build | |
runs-on: ubuntu-latest | |
if: ${{ !endsWith(needs.build.outputs.project_version, '-SNAPSHOT') && github.ref == 'refs/heads/main' }} | |
env: | |
S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY }} | |
S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_USERNAME: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_USERNAME }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_TOKEN: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_TOKEN }} | |
COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PASSPHRASE: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PASSPHRASE }} | |
steps: | |
# Set up JDK and Maven | |
- name: 🧱 Set up JDK and Maven | |
uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4 | |
with: | |
distribution: adopt | |
java-version: 17 | |
gpg-private-key: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PRIVATE_KEY }} | |
# Restore cache using cache key | |
- name: 💾 Restore Cache | |
id: restore-cache | |
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 | |
with: | |
path: | | |
/home/runner/.m2 | |
/home/runner/work | |
key: ${{ needs.build.outputs.cache_key }} | |
# Deploy artifacts to Maven Central | |
- name: 📦 Publish to Maven Central | |
run: mvn --batch-mode deploy -P gpg-sign -P nexus-staging | |
# deploy to GitHub Packages | |
deploy-github-packages: | |
needs: build | |
runs-on: ubuntu-latest | |
if: ${{ !endsWith(needs.build.outputs.project_version, '-SNAPSHOT') && github.ref == 'refs/heads/main' }} | |
permissions: | |
contents: write | |
packages: write | |
env: | |
S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY }} | |
S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY }} | |
GITHUB_TOKEN: ${{ github.token }} | |
steps: | |
# Set up JDK and Maven | |
- name: 🧱 Set up JDK and Maven | |
uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4 | |
with: | |
distribution: adopt | |
java-version: 17 | |
# Restore cache using cache key | |
- name: 💾 Restore Cache | |
id: restore-cache | |
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 | |
with: | |
path: | | |
/home/runner/.m2 | |
/home/runner/work | |
key: ${{ needs.build.outputs.cache_key }} | |
# Deploy artifacts to GitHub Packages | |
- name: 📦 Publish to GitHub Packages | |
run: mvn --batch-mode -Dmaven.javadoc.skip=true -Dmaven.source.skip=true deploy -P deploy-github-packages | |
# Upload assets to GitHub Release | |
- name: 📦 Upload assets | |
run: |- | |
gh release upload v${{ needs.build.outputs.project_version }} **/target/*-${{ needs.build.outputs.project_version }}.jar | |
gh release upload v${{ needs.build.outputs.project_version }} **/target/*-${{ needs.build.outputs.project_version }}-tests.jar |