-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaction.yml
156 lines (139 loc) · 6.4 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: 'Sonar Fork Analysis'
description: 'Sonar scan external forks of your project'
inputs:
java-version:
description: 'The Java version to set up. Takes a whole or semver Java version. See examples of supported syntax in actions/setup-java README file'
distribution:
description: 'Java distribution. See the list of supported distributions in actions/setup-java README file'
github-token:
description: 'The GitHub token used to authenticate with the GitHub API.'
sonar-token:
description: 'The Sonar token used to authenticate with the Sonar API.'
project-key:
description: 'The project''s unique key assigned by Sonar.'
branding:
icon: search
color: blue
runs:
using: "composite"
steps:
- name: 'Infer build type'
if: github.event_name != 'workflow_run'
shell: bash
run: echo "build_type=$(test -f pom.xml && echo maven || echo gradle)" >> "$GITHUB_ENV"
### PREPARE ANALYSIS ###
- name: 'Prepare pull request artifact'
if: github.event_name != 'workflow_run'
shell: bash
run: |
echo ${{ github.event.pull_request.number }} >> pr-event.txt
echo ${{ github.event.pull_request.head.ref }} >> pr-event.txt
echo ${{ github.event.pull_request.base.ref }} >> pr-event.txt
- name: 'Prepare output artifact'
if: github.event_name != 'workflow_run'
shell: bash
run: find -iname "*$(test ${build_type} = maven && echo target || echo build)" -type d -exec tar -rf output.tar {} \+
- name: 'Set groupId'
if: github.event_name != 'workflow_run' && env.build_type == 'maven'
shell: bash
run: echo "group_id=$(mvn -q -DforceStdout help:evaluate -Dexpression=project.groupId | tr . /)" >> "$GITHUB_ENV"
- name: 'Prepare repository artifact'
if: github.event_name != 'workflow_run' && env.build_type == 'maven'
shell: bash
run: |
pushd ~/.m2/repository
find -path "./${group_id}/*" -exec tar -rf repository.tar {} \+
popd
mv ~/.m2/repository/repository.tar .
- name: 'Upload sonar artifact'
if: github.event_name != 'workflow_run'
uses: actions/upload-artifact@v4
with:
name: sonar-artifact
path: |
pr-event.txt
output.tar
repository.tar
if-no-files-found: error
retention-days: 1
### EXECUTE ANALYSIS ###
- name: 'Checkout project'
if: github.event_name == 'workflow_run'
uses: actions/checkout@v4
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: 'Infer build type'
if: github.event_name == 'workflow_run'
shell: bash
run: echo "build_type=$(test -f pom.xml && echo maven || echo gradle)" >> "$GITHUB_ENV"
- name: 'Infer build command - Maven'
if: github.event_name == 'workflow_run' && env.build_type == 'maven'
shell: bash
run: echo "build_command=mvn" >> "$GITHUB_ENV"
- name: 'Infer build command - Gradle'
if: github.event_name == 'workflow_run' && env.build_type == 'gradle'
shell: bash
run: echo "build_command=gradle" >> "$GITHUB_ENV"
- name: 'Set up Java'
if: github.event_name == 'workflow_run'
uses: actions/setup-java@v4
with:
java-version: ${{ inputs.java-version }}
distribution: ${{ inputs.distribution }}
cache: ${{ env.build_type }}
- name: 'Cache SonarCloud packages'
if: github.event_name == 'workflow_run'
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: 'Download sonar artifact'
if: github.event_name == 'workflow_run'
uses: actions/download-artifact@v4
with:
name: sonar-artifact
run-id: ${{ github.event.workflow_run.id }}
github-token: ${{ inputs.github-token }}
merge-multiple: true
- name: 'Extract output artifact'
if: github.event_name == 'workflow_run'
shell: bash
run: tar -xf output.tar
- name: 'Extract repository artifact'
if: github.event_name == 'workflow_run' && env.build_type == 'maven'
shell: bash
run: |
mkdir -p ~/.m2/repository
tar -xf repository.tar -C ~/.m2/repository
- name: 'Read pull request event'
if: github.event_name == 'workflow_run'
shell: bash
run: |
echo "pr_number=$(sed '1q;d' pr-event.txt)" >> "$GITHUB_ENV"
echo "pr_head_ref=$(sed '2q;d' pr-event.txt)" >> "$GITHUB_ENV"
echo "pr_base_ref=$(sed '3q;d' pr-event.txt)" >> "$GITHUB_ENV"
- name: 'Sonar analysis - Maven'
if: github.event_name == 'workflow_run' && env.build_type == 'maven'
shell: bash
run: >
${{ env.build_command }} -B org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-Dsonar.projectKey=${{ inputs.project-key }}
-Dsonar.token=${{ inputs.sonar-token }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.scm.revision=', github.event.workflow_run.head_sha) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.key=', env.pr_number) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.branch=', env.pr_head_ref) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.base=', env.pr_base_ref) || '' }}
- name: 'Sonar analysis - Gradle'
if: github.event_name == 'workflow_run' && env.build_type == 'gradle'
shell: bash
run: >
${{ env.build_command }} sonar
-Dsonar.projectKey=${{ inputs.project-key }}
-Dsonar.token=${{ inputs.sonar-token }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.scm.revision=', github.event.workflow_run.head_sha) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.key=', env.pr_number) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.branch=', env.pr_head_ref) || '' }}
${{ github.event.workflow_run.event == 'pull_request' && format('{0}{1}', '-Dsonar.pullrequest.base=', env.pr_base_ref) || '' }}