From a2358ccf19d611ae195f7d97fcc16af0c25ce758 Mon Sep 17 00:00:00 2001 From: Tunahan Cicek Date: Tue, 22 Oct 2024 14:13:48 +0200 Subject: [PATCH] Fix Sonarcloud Issue --- .github/workflows/sonar-scan.yaml | 59 +++++++++++++++++++++++++++++++ pom.xml | 8 +++++ 2 files changed, 67 insertions(+) create mode 100644 .github/workflows/sonar-scan.yaml diff --git a/.github/workflows/sonar-scan.yaml b/.github/workflows/sonar-scan.yaml new file mode 100644 index 00000000..ae855a34 --- /dev/null +++ b/.github/workflows/sonar-scan.yaml @@ -0,0 +1,59 @@ +################################################################################ +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################ + +name: "Sonar Analysis" +on: + workflow_dispatch: + push: + branches: + - main + pull_request: + branches: + - main + schedule: + - cron: "0 0 * * *" + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'adopt' + cache: maven + + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn --batch-mode verify sonar:sonar -Dsonar.projectKey=eclipse-tractusx_sldt-digital-twin-registry -Dsonar.organization=eclipse-tractusx \ No newline at end of file diff --git a/pom.xml b/pom.xml index 0cb6a621..b078dbd5 100644 --- a/pom.xml +++ b/pom.xml @@ -104,11 +104,19 @@ 0.8.11 + 3.10.0.2594 1.1.0 3.8.1 + + eclipse-tractusx + https://sonarcloud.io + eclipse-tractusx_sldt-digital-twin-registry + ${project.groupId}:${project.artifactId} + sldt-digital-twin-registry + 17