Add code analyses via Sonar

pf4j · May 10, 2024 · 6cb73fb · 6cb73fb
1 parent d0fce72
commit 6cb73fb
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,32 @@
+name: Build
+on:
+    push:
+        branches:
+            - '*'
+    pull_request:
+        types: [opened, synchronize, reopened]
+jobs:
+    build:
+        name: Build
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v2
+              with:
+                  fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+            - name: Set up JDK 17
+              uses: actions/setup-java@v4
+              with:
+                  distribution: "temurin"
+                  java-version: 17
+                  cache: maven
+            - name: Cache SonarCloud packages
+              uses: actions/cache@v1
+              with:
+                  path: ~/.sonar/cache
+                  key: ${{ runner.os }}-sonar
+                  restore-keys: ${{ runner.os }}-sonar
+            - name: Build and analyze
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+              run: cd pf4j-spring && mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar