| name: SonarCloud Analysis |
| on: |
| push: |
| branches: |
| - main |
| pull_request: |
| types: [opened, synchronize, reopened] |
| permissions: |
| pull-requests: read |
| jobs: |
| build: |
| name: Build and analyze |
| runs-on: ubuntu-latest |
| steps: |
| - uses: actions/checkout@v3 |
| with: |
| fetch-depth: 0 # disable shallow clone |
| - name: Set up JDK 11 |
| uses: actions/setup-java@v3 |
| with: |
| java-version: 11 |
| distribution: 'temurin' |
| - name: Cache SonarCloud packages |
| uses: actions/cache@v3 |
| with: |
| path: ~/.sonar/cache |
| key: ${{ runner.os }}-sonar |
| restore-keys: ${{ runner.os }}-sonar |
| - name: Cache Maven packages |
| uses: actions/cache@v3 |
| with: |
| path: ~/.m2 |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} |
| restore-keys: ${{ runner.os }}-m2 |
| - name: Build and test, with coverage |
| run: mvn -B verify -Pcoverage |
| - name: Perform Sonar analysis |
| env: |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} |
| run: mvn -B verify -DskipTests org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=xmlgraphics-commons |