Skip to content

feature: split sonar action from pr action #652

feature: split sonar action from pr action

feature: split sonar action from pr action #652

# Copyright (c) 2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
name: "[BE][BUILT][DEPLOYMENT] Pull request"
on:
workflow_dispatch: # Trigger manually
pull_request:
env:
GHCR_REGISTRY: ghcr.io
JAVA_VERSION: 17
DOCKER_HUB_REGISTRY_NAMESPACE: tractusx
BACKEND_IMAGE_DOCKER_HUB: traceability-foss
jobs:
Check-Pom-for-snapshot-versions:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Check pom for -SNAPSHOT
id: pom-version
run: |
snapshot_count_root_pom=$(sed -n '/<properties>/,/properties>/p' pom.xml | grep -o '\-SNAPSHOT' | wc -l)
if (( $snapshot_count_root_pom > 1 )); then
echo "pom_changed=true" >> $GITHUB_OUTPUT
else
echo "pom_changed=false" >> $GITHUB_OUTPUT
fi
- name: Create Review Comment
uses: ntsd/auto-request-changes-action@v3
if: steps.pom-version.outputs.pom_changed == 'true'
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
review-message: "Please remove -SNAPSHOT from property versions. You can find them in pom.xml(tx-root)."
- name: Print environment variables
id: print-env-vars
run: |
echo ${{steps.pom-version.outputs.pom_changed}}
Test:
permissions:
checks: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: '${{ env.JAVA_VERSION }}'
distribution: 'temurin'
cache: 'maven'
- name: Run unit & integration tests
run: mvn -pl tx-models,tx-backend,tx-coverage -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -B verify
- name: Upload integration test results
uses: actions/upload-artifact@v3
with:
name: integration-test-results
path: "${{ github.workspace }}/tx-backend/target/failsafe-reports"
- name: Upload unit test results
uses: actions/upload-artifact@v3
with:
name: unit-tests-results
path: "**/surefire-reports/"
Sonar:
needs: Test
permissions:
checks: write
pull-requests: write
runs-on: ubuntu-latest
if: success()
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: '${{ env.JAVA_VERSION }}'
distribution: 'temurin'
cache: 'maven'
- name: Publish integration test results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always()
with:
files: "${{ github.workspace }}/tx-backend/target/failsafe-reports/TEST-*.xml"
check_name: "Integration Test Results"
- name: Publish unit test results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always()
with:
files: "**/surefire-reports/TEST-*.xml"
check_name: "Unit Test Results"
- name: Clean working directories
run: |
rm -rf .scannerwork
rm -rf .sonar
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Verify Sonar Scan
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BACKEND }}
SONAR_ORGANIZATION: ${{ vars.SONAR_ORGANIZATION }}
SONAR_PROJECT_KEY: ${{ vars.SONAR_PROJECT_KEY_BACKEND }}
run: mvn -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn --batch-mode sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${{ github.workspace }}/tx-coverage/target/site/jacoco-aggregate/jacoco.xml -Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY_BACKEND }} -Dsonar.organization=${{ vars.SONAR_ORGANIZATION }}
Publish-docker-image:
# needs: [ "Test-and-Sonar" ]
runs-on: ubuntu-latest
defaults:
run:
working-directory: tx-backend
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: '${{ env.JAVA_VERSION }}'
distribution: 'temurin'
cache: 'maven'
- name: Login to GHCR Registry
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
if: env.DOCKER_HUB_USER == ''
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build & Push docker image for GHCR ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }}
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
if: env.DOCKER_HUB_USER == ''
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:${{ github.event.pull_request.head.sha }}
- name: Login to Docker Hub
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
if: env.DOCKER_HUB_USER != ''
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build & push docker image for Docker Hub ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }}
env:
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
if: env.DOCKER_HUB_USER != ''
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.DOCKER_HUB_REGISTRY_NAMESPACE }}/${{ env.BACKEND_IMAGE_DOCKER_HUB }}:${{ github.event.pull_request.head.sha }}