From ef2d584bb9acb7df12aa81c037be46d0d31cf6db Mon Sep 17 00:00:00 2001 From: guwirth Date: Mon, 10 Feb 2025 15:16:59 +0100 Subject: [PATCH] test PR analysis with SonarCloud of forks --- .github/workflows/sonarcloud.yml | 45 ++++++++++++++++++++++++++++++++ pom.xml | 4 +++ 2 files changed, 49 insertions(+) create mode 100644 .github/workflows/sonarcloud.yml diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml new file mode 100644 index 000000000..1ece6dbae --- /dev/null +++ b/.github/workflows/sonarcloud.yml @@ -0,0 +1,45 @@ +name: SonarCloud +on: + push: + branches: + - master + pull_request: + types: [opened, synchronize, reopened] + +jobs: + + build: + + name: Build and analyze + runs-on: ubuntu-latest + + steps: + + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # shallow clones should be disabled for a better relevancy of analysis + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: 17 + distribution: 'zulu' # alternative distribution options are available + + - name: Cache SonarQube packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Cache Maven packages + uses: actions/cache@v4 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + + - name: Build and analyze + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=org.sonarsource.sonarqube-plugins.cxx:cxx diff --git a/pom.xml b/pom.xml index ab81a5931..0ef53baff 100644 --- a/pom.xml +++ b/pom.xml @@ -257,6 +257,10 @@ 2010-2024 GNU LGPL v3 + + sonaropencommunity + https://sonarcloud.io + true target/${project.artifactId}-${project.version}.jar UTF-8