sonar & release flows

Author: ComputerDaddyGuy

.github/workflows/release.yml

@@ -0,0 +1,72 @@
+name: Publish RELEASE to Maven Central
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+          server-id: central
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
+      - name: Verify tag matches pom.xml version
+        run: |
+          TAG_NAME=${GITHUB_REF_NAME}         # e.g., v1.2.3
+          RELEASE_VERSION=${TAG_NAME#v}       # remove leading 'v'
+          POM_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
+          echo "Git tag: $RELEASE_VERSION"
+          echo "Pom version: $POM_VERSION"
+
+          if [ "$RELEASE_VERSION" != "$POM_VERSION" ]; then
+            echo "Error: Git tag ($RELEASE_VERSION) does not match pom.xml version ($POM_VERSION)"
+            exit 1
+          fi
+        shell: bash
+
+      - name: Set up Git
+        run: |
+          git config --global user.name "GitHub Actions"
+          git config --global user.email "[email protected]"
+
+      - name: Extract release version
+        run: |
+          TAG_NAME=${GITHUB_REF_NAME}
+          VERSION=${TAG_NAME#v}
+          echo "RELEASE_VERSION=$VERSION" >> $GITHUB_ENV
+        shell: bash
+
+      - name: Update pom.xml to release version
+        run: |
+          mvn versions:set -DnewVersion=${{ env.RELEASE_VERSION }} -B -q
+          git commit -am "Set version to ${{ env.RELEASE_VERSION }}" || echo "No changes"
+          git push origin HEAD
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Run tests
+        run: mvn clean verify -B
+
+      - name: Publish RELEASE to Maven Central
+        run: mvn deploy -P release -B -DskipTests
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

.github/workflows/sonar.yml

@@ -2,9 +2,11 @@ name: SonarQube Analysis
 
 on:
   pull_request:
+    branches: [ main, develop ]
   push:
     branches:
       - main
+      - develop
 
 jobs:
   sonar:
@@ -13,14 +15,24 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
+	    with:
+	      fetch-depth: 0
 
       - name: Set up JDK
         uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
           java-version: '21'
 
+	  - name: Cache Maven packages
+	    uses: actions/cache@v4
+	    with:
+	      path: ~/.m2
+	      key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+	      restore-keys: ${{ runner.os }}-m2
+			  
       - name: Run SonarQube
-        run: mvn clean verify sonar:sonar -Dsonar.projectKey=ComputerDaddyGuy_JFileTreePrettyPrinter 
+        run: mvn -B clean verify sonar:sonar -Dsonar.projectKey=ComputerDaddyGuy_JFileTreePrettyPrinter -Dsonar.organization=computerdaddyguy
         env:
+		  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}