From feb3fd56c8c35840b1112342c9afc767fab3bb64 Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 16:55:34 +0200
Subject: [PATCH 01/10] sonar maven sample config
---
.github/workflows/sonar_maven.yaml | 53 ++++++++++++++++++++++++++
.github/workflows/template_CI.yaml | 7 +++-
pom.xml | 31 +++++++++++++++
src/main/java/com/example/App.java | 7 ++++
src/test/java/com/example/AppTest.java | 13 +++++++
5 files changed, 110 insertions(+), 1 deletion(-)
create mode 100644 .github/workflows/sonar_maven.yaml
create mode 100644 pom.xml
create mode 100644 src/main/java/com/example/App.java
create mode 100644 src/test/java/com/example/AppTest.java
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
new file mode 100644
index 0000000..da37ed8
--- /dev/null
+++ b/.github/workflows/sonar_maven.yaml
@@ -0,0 +1,53 @@
+name: Sonar for Maven
+
+on:
+ workflow_call:
+
+jobs:
+ build:
+ name: Build and analyze
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+
+ - name: Check for pom.xml
+ id: check_pom
+ run: |
+ if git ls-files "pom.xml" "**/pom.xml" | grep -q "."; then
+ echo "pom.xml found"
+ echo "found=true" >> "$GITHUB_OUTPUT"
+ else
+ echo "No pom.xml found"
+ echo "found=false" >> "$GITHUB_OUTPUT"
+ fi
+
+ - name: Set up JDK 17
+ if: steps.check_pom.outputs.found == 'true'
+ uses: actions/setup-java@v4
+ with:
+ java-version: 17
+ distribution: 'zulu' # Alternative distribution options are available.
+
+ - name: Cache SonarQube packages
+ if: steps.check_pom.outputs.found == 'true'
+ uses: actions/cache@v4
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+
+ - name: Cache Maven packages
+ if: steps.check_pom.outputs.found == 'true'
+ uses: actions/cache@v4
+ with:
+ path: ~/.m2
+ key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+ restore-keys: ${{ runner.os }}-m2
+
+ - name: Build and analyze
+ if: steps.check_pom.outputs.found == 'true'
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
diff --git a/.github/workflows/template_CI.yaml b/.github/workflows/template_CI.yaml
index d64f768..5950f09 100644
--- a/.github/workflows/template_CI.yaml
+++ b/.github/workflows/template_CI.yaml
@@ -10,7 +10,12 @@ jobs:
linting:
uses: woped/devops/.github/workflows/linting.yaml@main
testing_maven:
- uses: woped/devops/.github/workflows/testing_maven.yaml@main
+ uses: woped/devops/.github/workflows/testing_maven.yaml@maven_sonar
+ sonar_maven:
+ needs: testing_maven
+ uses: woped/devops/.github/workflows/sonar_maven.yaml@maven_sonar
+ secrets: inherit
+
testing_pytest:
uses: woped/devops/.github/workflows/testing_pytest.yaml@main
sonar_python:
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..6448823
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,31 @@
+
+ 4.0.0
+ com.example
+ demo-app
+ 1.0-SNAPSHOT
+ jar
+
+
+
+
+ org.junit.jupiter
+ junit-jupiter-engine
+ 5.9.3
+ test
+
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+ 3.0.0-M8
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/com/example/App.java b/src/main/java/com/example/App.java
new file mode 100644
index 0000000..edc8d0a
--- /dev/null
+++ b/src/main/java/com/example/App.java
@@ -0,0 +1,7 @@
+package com.example;
+
+public class App {
+ public static String greet() {
+ return "Hello, World!";
+ }
+}
\ No newline at end of file
diff --git a/src/test/java/com/example/AppTest.java b/src/test/java/com/example/AppTest.java
new file mode 100644
index 0000000..97723f2
--- /dev/null
+++ b/src/test/java/com/example/AppTest.java
@@ -0,0 +1,13 @@
+package com.example;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import org.junit.jupiter.api.Test;
+
+public class AppTest {
+
+ @Test
+ public void testGreet() {
+ assertEquals("Hello, World!", App.greet());
+ }
+}
\ No newline at end of file
From ae5a116a8b690ce3ab99a91e098424364f217ec2 Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 16:57:15 +0200
Subject: [PATCH 02/10] Update Maven workflow references to use feature branch
---
.github/workflows/template_CI.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/template_CI.yaml b/.github/workflows/template_CI.yaml
index 5950f09..111207f 100644
--- a/.github/workflows/template_CI.yaml
+++ b/.github/workflows/template_CI.yaml
@@ -10,10 +10,10 @@ jobs:
linting:
uses: woped/devops/.github/workflows/linting.yaml@main
testing_maven:
- uses: woped/devops/.github/workflows/testing_maven.yaml@maven_sonar
+ uses: woped/devops/.github/workflows/testing_maven.yaml@feature/maven_sonar
sonar_maven:
needs: testing_maven
- uses: woped/devops/.github/workflows/sonar_maven.yaml@maven_sonar
+ uses: woped/devops/.github/workflows/sonar_maven.yaml@feature/maven_sonar
secrets: inherit
testing_pytest:
From 1e8c7f2b7e6479478ff0bc73a43ecfb0ccfbe761 Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 16:59:08 +0200
Subject: [PATCH 03/10] Refactor SonarQube build step to use organization
parameter and clean up whitespace
---
.github/workflows/sonar_maven.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index da37ed8..ca0ca66 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -45,9 +45,9 @@ jobs:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
-
+
- name: Build and analyze
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
+ run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
From 5c685101f6c58a67de37edd9a48f41e3f6e91972 Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 17:09:56 +0200
Subject: [PATCH 04/10] Remove sonar.organization parameter from Maven build
step
---
.github/workflows/sonar_maven.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index ca0ca66..d09f87d 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -50,4 +50,4 @@ jobs:
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
+ run: mvn -B verify woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
From 7c4896c63093cefc8bb78eb9d0f6e2fd459526fb Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 17:11:37 +0200
Subject: [PATCH 05/10] Fix SonarQube command to include organization parameter
in Maven build step
---
.github/workflows/sonar_maven.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index d09f87d..b458f74 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -50,4 +50,4 @@ jobs:
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: mvn -B verify woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
+ run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
From bbc08f6858b3a4f0635a3dcb03e531471755ceae Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 17:15:36 +0200
Subject: [PATCH 06/10] Add SONAR_HOST_URL environment variable to SonarQube
build step
---
.github/workflows/sonar_maven.yaml | 1 +
1 file changed, 1 insertion(+)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index b458f74..5c406fc 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -50,4 +50,5 @@ jobs:
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ SONAR_HOST_URL: https://sonarcloud.io
run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
From 200d4bcca9d03e2b48a7bf09f4ab9f2dbb270d2b Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 19:22:08 +0200
Subject: [PATCH 07/10] Update SonarQube build step to include SONAR_HOST_URL
in the Maven command
---
.github/workflows/sonar_maven.yaml | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index 5c406fc..3ce7a9a 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -50,5 +50,4 @@ jobs:
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- SONAR_HOST_URL: https://sonarcloud.io
- run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }}
\ No newline at end of file
+ run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }} -Dsonar.host.url=https://sonarcloud.io
\ No newline at end of file
From e64c5f488e50a907c1988771636a830fce1154cf Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 19:26:55 +0200
Subject: [PATCH 08/10] Update SonarQube build step to use sonar-maven-plugin
for analysis
---
.github/workflows/sonar_maven.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/sonar_maven.yaml b/.github/workflows/sonar_maven.yaml
index 3ce7a9a..3c3aa6a 100644
--- a/.github/workflows/sonar_maven.yaml
+++ b/.github/workflows/sonar_maven.yaml
@@ -50,4 +50,4 @@ jobs:
if: steps.check_pom.outputs.found == 'true'
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: mvn -B verify -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }} -Dsonar.host.url=https://sonarcloud.io
\ No newline at end of file
+ run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.organization=woped -Dsonar.projectKey=woped_${{ github.event.repository.name }} -Dsonar.host.url=https://sonarcloud.io
\ No newline at end of file
From 911b1efa8acfdcf6a1ec20e2807c661e41ae832b Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 19:33:30 +0200
Subject: [PATCH 09/10] Add Jacoco Maven plugin for code coverage reporting
---
pom.xml | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/pom.xml b/pom.xml
index 6448823..da2684f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -26,6 +26,25 @@
maven-surefire-plugin
3.0.0-M8
+
+ org.jacoco
+ jacoco-maven-plugin
+ 0.8.11
+
+
+
+ prepare-agent
+
+
+
+ report
+ test
+
+ report
+
+
+
+
\ No newline at end of file
From c9ce9f12995e74160014476a68f950fe33ba6b53 Mon Sep 17 00:00:00 2001
From: jonaRumberg <66677551+jonaRumberg@users.noreply.github.com>
Date: Sat, 14 Jun 2025 19:41:43 +0200
Subject: [PATCH 10/10] cleanup
---
.github/workflows/template_CI.yaml | 4 +--
pom.xml | 50 --------------------------
src/main/java/com/example/App.java | 7 ----
src/test/java/com/example/AppTest.java | 13 -------
4 files changed, 2 insertions(+), 72 deletions(-)
delete mode 100644 pom.xml
delete mode 100644 src/main/java/com/example/App.java
delete mode 100644 src/test/java/com/example/AppTest.java
diff --git a/.github/workflows/template_CI.yaml b/.github/workflows/template_CI.yaml
index 111207f..3b1f09a 100644
--- a/.github/workflows/template_CI.yaml
+++ b/.github/workflows/template_CI.yaml
@@ -10,10 +10,10 @@ jobs:
linting:
uses: woped/devops/.github/workflows/linting.yaml@main
testing_maven:
- uses: woped/devops/.github/workflows/testing_maven.yaml@feature/maven_sonar
+ uses: woped/devops/.github/workflows/testing_maven.yaml@feature/main
sonar_maven:
needs: testing_maven
- uses: woped/devops/.github/workflows/sonar_maven.yaml@feature/maven_sonar
+ uses: woped/devops/.github/workflows/sonar_maven.yaml@feature/main
secrets: inherit
testing_pytest:
diff --git a/pom.xml b/pom.xml
deleted file mode 100644
index da2684f..0000000
--- a/pom.xml
+++ /dev/null
@@ -1,50 +0,0 @@
-
- 4.0.0
- com.example
- demo-app
- 1.0-SNAPSHOT
- jar
-
-
-
-
- org.junit.jupiter
- junit-jupiter-engine
- 5.9.3
- test
-
-
-
-
-
-
-
- org.apache.maven.plugins
- maven-surefire-plugin
- 3.0.0-M8
-
-
- org.jacoco
- jacoco-maven-plugin
- 0.8.11
-
-
-
- prepare-agent
-
-
-
- report
- test
-
- report
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/src/main/java/com/example/App.java b/src/main/java/com/example/App.java
deleted file mode 100644
index edc8d0a..0000000
--- a/src/main/java/com/example/App.java
+++ /dev/null
@@ -1,7 +0,0 @@
-package com.example;
-
-public class App {
- public static String greet() {
- return "Hello, World!";
- }
-}
\ No newline at end of file
diff --git a/src/test/java/com/example/AppTest.java b/src/test/java/com/example/AppTest.java
deleted file mode 100644
index 97723f2..0000000
--- a/src/test/java/com/example/AppTest.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package com.example;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
-import org.junit.jupiter.api.Test;
-
-public class AppTest {
-
- @Test
- public void testGreet() {
- assertEquals("Hello, World!", App.greet());
- }
-}
\ No newline at end of file