Update actions for sonar analysis and releases.

opendcs · Dec 17, 2024 · c9a8da3 · c9a8da3
1 parent 0df15be
commit c9a8da3
Show file tree

Hide file tree

Showing 4 changed files with 125 additions and 7 deletions.
diff --git a/.github/workflows/default.yml b/.github/workflows/default.yml
@@ -7,10 +7,10 @@ on:
     branches:
       - main
 permissions:
-  contents: write
+  contents: read
 jobs:
   build:
-    name: Build, Test, and Analyze
+    name: Build and Test
     runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
@@ -33,8 +33,9 @@ jobs:
           dependency-graph: generate-and-submit
       - name: Build
         run: ./gradlew build
-      - name: Analyze
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: ./gradlew sonar
+      - name: Upload Coverage
+        if: matrix.platform == 'ubuntu-latest' && matrix.jdk == 17
+        uses: actions/[email protected]
+        with:
+          name: coverage
+          path: ./**/build/**/jacoco*.xml
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,43 @@
+---
+name: Release
+on:
+  workflow_call:
+    inputs:
+      branch:
+       type: string
+       required: true
+    secrets:
+      token:
+       required: false
+  workflow_dispatch:
+    inputs:
+      branch:
+        type: choice
+        required: true
+        description: Which Branch to make the build from
+        options:
+          - develop
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+        id-token: write
+        contents: read
+    steps:
+      - name: checkout code
+        uses: actions/[email protected]
+        with:
+          ref: ${{inputs.branch}}
+      - name: setup java
+        uses: actions/[email protected]
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'gradle'
+      - name: Set version
+        run: echo "VERSION=${{inputs.branch}}" >> $GITHUB_ENV
+      - name: show version
+        run: echo ${VERSION}
+      - name: Push to central
+        run: ./gradlew publish --info  -PversionOverride=$VERSION
diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
@@ -0,0 +1,57 @@
+name: SonarCloud Scan
+on:
+  workflow_run:
+    workflows: ["Build and Test"]
+    type: [completed]
+
+jobs:
+  Sonar:
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run && github.event.workflow_run.conclusion == 'success'
+    steps:
+      - name: Set up JDK
+        uses: actions/[email protected]
+        with:
+          java-version: 17
+          distribution: temurin
+      - uses: actions/[email protected]
+        with:
+          python-version: "3.8"
+      - name: Setup Gradle
+        uses: gradle/actions/[email protected]
+      - name: Checkout PR
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ github.event.workflow_run.head_repository.full_name }}
+          ref: ${{ github.event.workflow_run.head_branch }}
+          fetch-depth: 0
+    # perform the analaysis now
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Gradle packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: Download Coverage
+        uses: actions/[email protected]
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
+          path: ./
+          merge-multiple: true
+      - name: Analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+         ./gradlew sonar --info -Dorg.gradle.jvmargs=-Xmx4096M \
+            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
+            -Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }} \
+            -Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }} \
+            -Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }}
diff --git a/.github/workflows/tagged-release.yml b/.github/workflows/tagged-release.yml
@@ -0,0 +1,17 @@
+---
+name: Tagged Release
+on:
+  push:
+    tags:
+      - '[0-9][0-9][0-9][0-9].[0-9][0-9].[0-9][0-9]'
+      - '[0-9][0-9][0-9][0-9].[0-9][0-9].[0-9][0-9]-M[0-9]*'
+jobs:
+  release:
+    permissions:
+      id-token: write
+      contents: read
+    uses: ./.github/workflows/release.yml
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
+    with:
+      branch: ${{github.ref_name}}