Create maven.yml (#1825)

* Create maven.yml * refactor * SONAR_TOKEN * sonar.organization + sonar.projectKey=corona-warn-app_cwa-server * run sonar after mvn verify * run parallel and publish test results * needs to run sequential * EnricoMi/publish-unit-test-result-action/composite@v1
corona-warn-app · May 13, 2022 · 199f0d2 · 199f0d2
1 parent e0ef70f
commit 199f0d2
Show file tree

Hide file tree

Showing 5 changed files with 99 additions and 27 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -2,30 +2,35 @@ name: codeql-analysis-workflow
 
 on:
     push:
-        branches: [ main, release/** ]
+        branches:
+        - main
+        - release/**
     pull_request:
-        branches: [ main, release/** ]
+        branches:
+        - main
+        - release/**
     schedule:
-     - cron: '42 5 * * 1'
+    -   cron: 42 5 * * 1
 
 jobs:
     codeql-analysis-job:
-        strategy:
-            fail-fast: false
+        name: CodeQL Analysis
         runs-on: ubuntu-latest
         steps:
         -   name: Checkout repository
-            uses: actions/checkout@v2
+            uses: actions/checkout@v3
         -   name: Initialize CodeQL
             uses: github/codeql-action/init@v1
             with:
                 languages: java
                 queries: security-extended
-        -   name: Java Setup
-            uses: actions/setup-java@v1
+        -   name: Set up JDK 11
+            uses: actions/setup-java@v3
             with:
-                java-version: 11
+                java-version: '11'
+                distribution: temurin
+                cache: maven
         -   name: Build
-            run: ./mvnw --batch-mode clean compile
+            run: mvn -B clean compile
         -   name: Perform CodeQL Analysis
-            uses: github/codeql-action/analyze@v1
+            uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/hadolint-analysis.yml b/.github/workflows/hadolint-analysis.yml
@@ -1,49 +1,65 @@
 name: hadolint-analysis-workflow
 
 on:
+    push:
+        branches:
+        - main
+        - release/**
     pull_request:
-        branches: [ main, release/** ]
+        branches:
+        - main
+        - release/**
         paths:
         - '**/Dockerfile'
 
 jobs:
     hadolint-callback:
+        name: Lint callback Dockerfile
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: Pull HaDoLint image
             run: docker pull hadolint/hadolint
-        -   name: Lint Dockerfile
+        -   name: Lint callback Dockerfile
             run: docker run --rm --interactive hadolint/hadolint hadolint --ignore DL3059 - < ./services/callback/Dockerfile
     hadolint-distribution:
+        name: Lint distribution Dockerfile
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: Pull HaDoLint Image
             run: docker pull hadolint/hadolint
-        -   name: Lint Dockerfile
+        -   name: Lint distribution Dockerfile
             run: docker run --rm --interactive hadolint/hadolint hadolint --ignore DL3059 - < ./services/distribution/Dockerfile
     hadolint-download:
+        name: Lint download Dockerfile
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: Pull HaDoLint Image
             run: docker pull hadolint/hadolint
-        -   name: Lint Dockerfile
+        -   name: Lint download Dockerfile
             run: docker run --rm --interactive hadolint/hadolint hadolint --ignore DL3059 - < ./services/download/Dockerfile
     hadolint-submission:
+        name: Lint submission Dockerfile
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: Pull HaDoLint Image
             run: docker pull hadolint/hadolint
-        -   name: Lint Dockerfile
+        -   name: Lint submission Dockerfile
             run: docker run --rm --interactive hadolint/hadolint hadolint --ignore DL3059 - < ./services/submission/Dockerfile
     hadolint-upload:
+        name: Lint upload Dockerfile
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: Pull HaDoLint Image
             run: docker pull hadolint/hadolint
-        -   name: Lint Dockerfile
+        -   name: Lint upload Dockerfile
             run: docker run --rm --interactive hadolint/hadolint hadolint --ignore DL3059 - < ./services/upload/Dockerfile
diff --git a/.github/workflows/license-analysis.yml b/.github/workflows/license-analysis.yml
@@ -1,13 +1,21 @@
 name: license-analysis-workflow
 
 on:
+    push:
+        branches:
+        - main
+        - release/**
     pull_request:
-        branches: [ main, release/** ]
+        branches:
+        - main
+        - release/**
 
 jobs:
     license-analysis-job:
+        name: REUSE Compliance Check
         runs-on: ubuntu-latest
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: REUSE Compliance Check
             uses: fsfe/[email protected]
diff --git a/.github/workflows/markdown-analysis.yml b/.github/workflows/markdown-analysis.yml
@@ -1,8 +1,14 @@
 name: markdown-analysis-workflow
 
 on:
+    push:
+        branches:
+        - main
+        - release/**
     pull_request:
-        branches: [ main, release/** ]
+        branches:
+        - main
+        - release/**
         paths:
         - '**/*.md'
 
@@ -11,7 +17,8 @@ jobs:
         runs-on: ubuntu-latest
         name: 'github actions: markdownlint'
         steps:
-        -   uses: actions/checkout@v2
+        -   name: Checkout repository
+            uses: actions/checkout@v3
         -   name: markdownlint
             uses: nosborn/[email protected]
             with:
@@ -20,4 +27,4 @@ jobs:
         -   name: markdown link check
             uses: gaurav-nelson/github-action-markdown-link-check@v1
             with:
-                config-file: ./codestyle/.markdown-link-check.json
+                config-file: ./codestyle/.markdown-link-check.json
diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
@@ -0,0 +1,36 @@
+name: maven-build
+
+on:
+    push:
+        branches:
+        - main
+        - release/**
+    pull_request:
+        branches:
+        - main
+        - release/**
+
+jobs:
+    mvn-verify:
+        name: run mvn verify and do SonarCloud scan
+        runs-on: ubuntu-latest
+        steps:
+        -   name: Checkout repository
+            uses: actions/checkout@v3
+        -   name: Set up JDK 11
+            uses: actions/setup-java@v3
+            with:
+                java-version: '11'
+                distribution: temurin
+                cache: maven
+        -   name: mvn verify
+            run: mvn -B -P integration-test verify --fail-fast --file pom.xml
+        -   name: SonarCloud scan
+            run: mvn -B sonar:sonar --fail-never
+            env:
+                SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        -   name: Report JUnit results
+            uses: EnricoMi/publish-unit-test-result-action/composite@v1
+            if: always()
+            with:
+                files: '**/surefire-reports/*.xml'