From 4f93c7e1ccbe7c63facadc5444ec17b87a759715 Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 09:06:55 -0700 Subject: [PATCH 1/6] API-2456 add sonar scan github action --- .github/workflows/sonar-scan.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/sonar-scan.yml diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml new file mode 100644 index 0000000..9ecd3fe --- /dev/null +++ b/.github/workflows/sonar-scan.yml @@ -0,0 +1,18 @@ +name: SonarQube Scan +run-name: ${{ github.actor }} is running the workflow for Workspace services +on: + push: + branches: [ "release" ] + pull_request: + types: [opened, synchronize, reopened] + branches: [ "master" ] + workflow_dispatch: # Allows you to run this workflow manually from the Actions tab + +jobs: + sonar-scan: + runs-on: bynder-arc + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Run SonarQube Scan + uses: bynder/github-actions/actions/sonarqube@master From bc05bde890a3c8703241e3e37590bf87293ec019 Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 10:27:59 -0700 Subject: [PATCH 2/6] API-2456 add sonarqube env variables --- .github/workflows/sonar-scan.yml | 38 +++++++++++++++++++++++++++----- 1 file changed, 32 insertions(+), 6 deletions(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index 9ecd3fe..d8606c7 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -1,5 +1,5 @@ name: SonarQube Scan -run-name: ${{ github.actor }} is running the workflow for Workspace services +run-name: ${{ github.actor }} is running the workflow on: push: branches: [ "release" ] @@ -10,9 +10,35 @@ on: jobs: sonar-scan: - runs-on: bynder-arc + runs-on: ubuntu-22.04 steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Run SonarQube Scan - uses: bynder/github-actions/actions/sonarqube@master + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 8 + uses: actions/setup-java@v4 + with: + distribution: 'zulu' + java-version: 8 + - name: Cache SonarQube packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v4 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} + run: | + mvn sonar:sonar \ + -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} \ + -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ + -Dsonar.login=${{ secrets.SONAR_TOKEN }} From 158a6e1afef3243aeab7503518cd6747568cf692 Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 10:36:10 -0700 Subject: [PATCH 3/6] API-2456 add sonar-maven-plugin --- pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pom.xml b/pom.xml index 54d34eb..2da7a81 100644 --- a/pom.xml +++ b/pom.xml @@ -179,6 +179,11 @@ true + + org.sonarsource.scanner.maven + sonar-maven-plugin + 3.9.1.2184 + From c275b32042b194fed85919fbfa7ef9f67911e1f3 Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 10:40:28 -0700 Subject: [PATCH 4/6] API-2456 use jdk 17 for sonarqube --- .github/workflows/sonar-scan.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index d8606c7..01afde1 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -15,11 +15,11 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 8 + - name: Set up JDK 11 uses: actions/setup-java@v4 with: distribution: 'zulu' - java-version: 8 + java-version: 11 - name: Cache SonarQube packages uses: actions/cache@v4 with: From c9f7d221840a8fd107bb420f215269e5419be1fc Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 10:45:18 -0700 Subject: [PATCH 5/6] API-2456 use jdk 17 for sonarqube --- .github/workflows/sonar-scan.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index 01afde1..a0f442f 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -15,11 +15,11 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 11 + - name: Set up JDK 17 uses: actions/setup-java@v4 with: distribution: 'zulu' - java-version: 11 + java-version: 17 - name: Cache SonarQube packages uses: actions/cache@v4 with: From c7f433743285d3be2257fad247595df75520285f Mon Sep 17 00:00:00 2001 From: ahongbynder Date: Mon, 13 Oct 2025 10:56:37 -0700 Subject: [PATCH 6/6] API-2456 test bynder-arc --- .github/workflows/sonar-scan.yml | 68 +++++++++++++++++--------------- 1 file changed, 36 insertions(+), 32 deletions(-) diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index a0f442f..56d10e7 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -1,5 +1,4 @@ name: SonarQube Scan -run-name: ${{ github.actor }} is running the workflow on: push: branches: [ "release" ] @@ -10,35 +9,40 @@ on: jobs: sonar-scan: - runs-on: ubuntu-22.04 + runs-on: bynder-arc steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - distribution: 'zulu' - java-version: 17 - - name: Cache SonarQube packages - uses: actions/cache@v4 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - name: Cache Maven packages - uses: actions/cache@v4 - with: - path: ~/.m2 - key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} - restore-keys: ${{ runner.os }}-m2 - - name: Build and analyze - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} - run: | - mvn sonar:sonar \ - -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} \ - -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ - -Dsonar.login=${{ secrets.SONAR_TOKEN }} + - name: Checkout repository + uses: actions/checkout@v4 + - name: Run SonarQube Scan + uses: bynder/github-actions/actions/sonarqube@master +# steps: +# - uses: actions/checkout@v4 +# with: +# fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis +# - name: Set up JDK 17 +# uses: actions/setup-java@v4 +# with: +# distribution: 'zulu' +# java-version: 17 +# - name: Cache SonarQube packages +# uses: actions/cache@v4 +# with: +# path: ~/.sonar/cache +# key: ${{ runner.os }}-sonar +# restore-keys: ${{ runner.os }}-sonar +# - name: Cache Maven packages +# uses: actions/cache@v4 +# with: +# path: ~/.m2 +# key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} +# restore-keys: ${{ runner.os }}-m2 +# - name: Build and analyze +# env: +# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} +# SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} +# SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} +# run: | +# mvn sonar:sonar \ +# -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} \ +# -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ +# -Dsonar.login=${{ secrets.SONAR_TOKEN }}