Switch to SonarCloud

2026-06-13 16:40:01 +00:00 · 2022-10-21 18:05:23 +02:00
parent 6ee1117f3d
commit b488cb59d9
3 changed files with 31 additions and 19 deletions
@@ -5,7 +5,7 @@ on:
    branches:
      - master
  pull_request:
-      types: [opened, synchronize, reopened]
+    types: [opened, synchronize, reopened]
  workflow_dispatch:

 jobs:
@@ -13,33 +13,41 @@ jobs:
    name: Build, Test & Scan
    runs-on: ubuntu-latest
    if: "!contains(github.event.head_commit.message, '[ci skip]')"
-    steps:        
+    steps:
      - name: Git checkout
        uses: actions/checkout@v3
-        
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
      - name: Set up JDK
        uses: actions/setup-java@v3
        with:
          java-version: '18'
          distribution: 'temurin'
-          cache: 'maven'
-          
+
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
      - name: Extract Maven project version
        id: project
        run: echo "GAMEYFIN_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT

-      - name: Show extracted Maven project version
-        run: echo "${{ steps.project.outputs.GAMEYFIN_VERSION }}"
-        
-      - name: Maven build
-        run: mvn --batch-mode --update-snapshots package
-        
-      - name: SonarQube scan
-        uses: kitabisa/sonarqube-action@v1.2.0
-        with:
-          host: https://sonarqube.grimsi.de
-          login: ${{ secrets.SONARQUBE_TOKEN }}
-          projectKey: grimsi_gameyfin_AYPM67pzsxiaNzCh9BZd
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar

      - name: Upload build artifact
        uses: actions/upload-artifact@v3