Sonar Analysis #1175

Workflow file for this run

	name: Sonar Analysis
	# Perform sonar analysis
	# more details here: https://community.sonarsource.com/t/how-to-use-sonarcloud-with-a-forked-repository-on-github/7363/32

	on:
	workflow_run: # only executed on master branch, prevent leak of SONAR_TOKEN to PRs
	workflows: [ Build ]
	types: [ completed ]

	jobs:
	sonar:
	name: Sonar
	runs-on: ubuntu-latest
	if: github.event.workflow_run.conclusion == 'success'
	steps:
	- name: Download PR number artifact
	if: github.event.workflow_run.event == 'pull_request'
	uses: dawidd6/action-download-artifact@v6
	with:
	workflow: Build
	run_id: ${{ github.event.workflow_run.id }}
	name: PR_NUMBER
	- name: Read PR_NUMBER.txt
	if: github.event.workflow_run.event == 'pull_request'
	id: pr_number
	uses: juliangruber/read-file-action@v1
	with:
	path: ./PR_NUMBER.txt
	- name: Request GitHub API for PR data
	if: github.event.workflow_run.event == 'pull_request'
	uses: octokit/[email protected]
	id: get_pr_data
	with:
	route: GET /repos/{full_name}/pulls/{number}
	number: ${{ steps.pr_number.outputs.content }}
	full_name: ${{ github.event.repository.full_name }}
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- uses: actions/checkout@v4
	with:
	repository: ${{ github.event.workflow_run.head_repository.full_name }}
	ref: ${{ github.event.workflow_run.head_branch }}
	fetch-depth: 0
	- name: Checkout base branch
	if: github.event.workflow_run.event == 'pull_request'
	run: \|
	git remote add upstream ${{ github.event.repository.clone_url }}
	git fetch upstream
	git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
	git checkout ${{ github.event.workflow_run.head_branch }}
	git clean -ffdx && git reset --hard HEAD
	- name: Download build files
	if: github.event.workflow_run.event == 'pull_request'
	uses: dawidd6/action-download-artifact@v6
	with:
	workflow: Build
	run_id: ${{ github.event.workflow_run.id }}
	name: BUILD_FILES
	- name: List files
	run: ls
	- name: Set up JDK 21
	uses: actions/setup-java@v4
	with:
	java-version: '21'
	distribution: 'temurin'
	- name: SonarCloud Scan on PR
	if: github.event.workflow_run.event == 'pull_request'
	run: \|
	mvn -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
	-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
	-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
	-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
	-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
	org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	- name: Set up JDK 21
	uses: actions/setup-java@v4
	with:
	java-version: '21'
	distribution: 'temurin'
	- name: Build on push for sonarscan (not PR branch)
	if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_repository.full_name == github.event.repository.full_name
	run: mvn -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn verify

	- name: SonarCloud Scan on push
	if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_repository.full_name == github.event.repository.full_name
	run: \|
	mvn -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
	-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
	-Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} \
	org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sonar Analysis #1175

Workflow file

Sonar Analysis #1175

Jobs

Run details

Workflow file for this run