Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/workflows/build-project.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,21 @@ jobs:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 15

permissions:
contents: read

steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2

- name: Set up JDK 17
uses: actions/setup-java@v4
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 #v4
with:
distribution: 'zulu'
java-version: '17'

- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@v22
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d #v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/release-please.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
release_please:
runs-on: ubuntu-latest
steps:
- uses: google-github-actions/release-please-action@v4
- uses: google-github-actions/release-please-action@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee #v4
id: release
with:
release-type: maven
Expand All @@ -25,7 +25,7 @@ jobs:

- if: ${{ steps.release.outputs.release_created }}
name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2

- name: Extract tag name
if: ${{ steps.release.outputs.release_created }}
Expand All @@ -35,14 +35,14 @@ jobs:
run: echo "##[set-output name=tagname;]$(echo ${GITHUB_REF##*/})"

- name: Set up JDK 17
uses: actions/setup-java@v4
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 #v4
if: ${{ steps.release.outputs.release_created }}
with:
distribution: 'zulu'
java-version: '17'

- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@v22
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d #v22
if: ${{ steps.release.outputs.release_created }}
with:
output_file: custom_maven_settings.xml
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/release-project.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2

- name: Extract tag name
id: extract_tagname
Expand All @@ -25,13 +25,13 @@ jobs:
run: echo "##[set-output name=tagname;]$(echo ${GITHUB_REF##*/})"

- name: Set up JDK 17
uses: actions/setup-java@v4
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 #v4
with:
distribution: 'zulu'
java-version: '17'

- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@v22
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d #v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/reuse.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd #v6.0.2
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v3
uses: fsfe/reuse-action@a46482ca367aef4454a87620aa37c2be4b2f8106 #v3
175 changes: 85 additions & 90 deletions .github/workflows/sonarcloud-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,96 +14,91 @@ jobs:
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion == 'success'
timeout-minutes: 15
permissions:
contents: read
actions: read
pull-requests: read
steps:
- name: echo event
run: cat $GITHUB_EVENT_PATH
- name: Download PR number artifact
if: github.event.workflow_run.event == 'pull_request'
uses: dawidd6/action-download-artifact@v3
with:
workflow: SonarCloud Build
run_id: ${{ github.event.workflow_run.id }}
name: PR_NUMBER
- name: Read PR_NUMBER.txt
if: github.event.workflow_run.event == 'pull_request'
id: pr_number
uses: juliangruber/read-file-action@v1
with:
path: ./PR_NUMBER.txt
- name: Request GitHub API for PR data
if: github.event.workflow_run.event == 'pull_request'
uses: octokit/request-action@v2.x
id: get_pr_data
with:
route: GET /repos/{full_name}/pulls/{number}
number: ${{ steps.pr_number.outputs.content }}
full_name: ${{ github.event.repository.full_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
fetch-depth: 0
- name: Checkout base branch
if: github.event.workflow_run.event == 'pull_request'
run: |
git remote add upstream ${{ github.event.repository.clone_url }}
git fetch upstream
git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
git checkout ${{ github.event.workflow_run.head_branch }}
git clean -ffdx && git reset --hard HEAD
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@v4
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: echo event
run: cat $GITHUB_EVENT_PATH
- name: Download PR number artifact
if: github.event.workflow_run.event == 'pull_request'
uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
with:
workflow: SonarCloud Build
run_id: ${{ github.event.workflow_run.id }}
name: PR_NUMBER
- name: Read PR_NUMBER.txt
if: github.event.workflow_run.event == 'pull_request'
id: pr_number
uses: juliangruber/read-file-action@271ff311a4947af354c6abcd696a306553b9ec18 # v1
with:
path: ./PR_NUMBER.txt
- name: Request GitHub API for PR data
if: github.event.workflow_run.event == 'pull_request'
uses: octokit/request-action@b91aabaa861c777dcdb14e2387e30eddf04619ae # v3.0.0
id: get_pr_data
with:
route: GET /repos/{full_name}/pulls/{number}
number: ${{ steps.pr_number.outputs.content }}
full_name: ${{ github.event.repository.full_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
- name: Download build artifacts
uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
with:
workflow: SonarCloud Build
run_id: ${{ github.event.workflow_run.id }}
name: build-artifacts
- name: Cache SonarCloud packages
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar

- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '17'
- name: Set up JDK 17
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
with:
distribution: 'zulu'
java-version: '17'
cache: 'maven'

- name: Set Common Sonar Variables
id: sonar_env
run: |
echo "##[set-output name=sonar_opts;]$(echo -Dsonar.host.url=https://sonarcloud.io \
-Dsonar.projectKey=com-pas_compas-core \
-Dsonar.organization=com-pas )"
- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
- name: Build and analyze (Pull Request)
if: ${{ github.event.workflow_run.event == 'pull_request' || (github.event.workflow_run.actor == 'dependabot[bot]' && github.event.workflow_run.event == 'pull_request_target') }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
./mvnw -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- name: Build and analyze (Push)
if: ${{ github.event.workflow_run.event == 'push' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
./mvnw -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
-Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} \
clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- name: Set Common Sonar Variables
id: sonar_env
run: |
echo "sonar_opts=-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.projectKey=com-pas_compas-core \
-Dsonar.organization=com-pas" >> $GITHUB_OUTPUT
- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d # v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
- name: Build and analyze (Pull Request)
if: ${{ github.event.workflow_run.event == 'pull_request' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
- name: Build and analyze (Push)
if: ${{ github.event.workflow_run.event == 'push' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
mvn -B -s custom_maven_settings.xml -Psonar \
${{ steps.sonar_env.outputs.sonar_opts }} \
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
-Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} \
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
59 changes: 32 additions & 27 deletions .github/workflows/sonarcloud-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,66 +12,71 @@ on:
branches:
- 'main'
- 'develop'
pull_request_target:
branches:
- 'main'
- 'develop'

jobs:
precheck-build:
name: Pre Check Build
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read

if: ${{ (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]') || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0

- name: Cache SonarCloud packages
uses: actions/cache@v4
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@v4
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Set up JDK 17
uses: actions/setup-java@v4
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
with:
distribution: 'zulu'
java-version: '17'
cache: 'maven'

- name: Create custom Maven Settings.xml
uses: whelk-io/maven-settings-xml-action@v22
uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d # v22
with:
output_file: custom_maven_settings.xml
servers: '[{ "id": "github-packages-compas", "username": "OWNER", "password": "${{ secrets.GITHUB_TOKEN }}" }]'
- name: Build and analyze (Pull Request)
if: ${{ github.event_name == 'pull_request' || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}

- name: Build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
./mvnw -B -s custom_maven_settings.xml clean verify
- name: Build and analyze (Push)
if: ${{ github.event_name == 'push' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
./mvnw -B -s custom_maven_settings.xml clean verify
./mvnw -B -s custom_maven_settings.xml -Psonar clean verify
- name: Upload build artifacts
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: build-artifacts
path: |
commons/src/
commons/target/
rest-commons/src/
rest-commons/target/
scl-extension/src/
scl-extension/target/
scl2003/src/
scl2003/target/
scl2007b/src/
scl2007b/target/
scl2007b4/src/
scl2007b4/target/
websocket-commons/src/
websocket-commons/target/
retention-days: 1
- name: Save PR number to file
if: github.event_name == 'pull_request'
run: echo ${{ github.event.number }} > PR_NUMBER.txt
run: echo ${{ github.event.pull_request.number }} > PR_NUMBER.txt
- name: Archive PR number
if: github.event_name == 'pull_request'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: PR_NUMBER
path: PR_NUMBER.txt
Loading