Update maven.yml

zteric · Jan 25, 2024 · e05cbec · e05cbec
1 parent bad624f
commit e05cbec
Showing 1 changed file with 50 additions and 9 deletions.
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -13,23 +13,64 @@ on:
     branches: [ "main" ]
   pull_request:
     branches: [ "main" ]
+    types: [opened, synchronize, reopened]
 
 jobs:
-  build:
-
+  test:
     runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up JDK 21
+      uses: actions/setup-java@v3 
+      with:
+        java-version: '21' 
+        distribution: 'temurin' 
+        cache: maven
+    - name: Run Test with Maven 
+      run: mvn -B test
 
+  sonar:
+    needs: test
+    runs-on: ubuntu-latest 
     steps:
     - uses: actions/checkout@v3
     - name: Set up JDK 21
       uses: actions/setup-java@v3
       with:
-        java-version: '21'
-        distribution: 'temurin'
+        java-version: '21' 
+        distribution: 'temurin' 
         cache: maven
-    - name: Build with Maven
-      run: mvn -B package --file pom.xml
+    - name: Cache SonarCloud packages 
+      uses: actions/cache@v3
+      with:
+        path: ~/.sonar/cache
+        key: ${{ runner.os }}-sonar 
+        restore-keys: ${{ runner.os }}-sonar
+    - name: Cache Maven packages 
+      uses: actions/cache@v3 
+      with:
+        path: ~/.m2
+        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} 
+        restore-keys: ${{ runner.os }}-m2
+    - name: Build and analyze on SonarCloud
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=zteric_cicd-demo
+
+  # build:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #   - uses: actions/checkout@v3
+  #   - name: Set up JDK 21
+  #     uses: actions/setup-java@v3
+  #     with:
+  #       java-version: '21'
+  #       distribution: 'temurin'
+  #       cache: maven
+  #   - name: Build with Maven
+  #     run: mvn -B package --file pom.xml
 
-    # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
-    - name: Update dependency graph
-      uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
+  #   # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
+  #   - name: Update dependency graph
+  #     uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6