@@ -13,49 +13,87 @@ jobs:
1313 runs-on : ubuntu-latest
1414 steps :
1515 - name : Git Clone
16- uses : actions/checkout@v4
16+ uses : actions/checkout@v6
1717 - name : Set up JDK 21
18- uses : actions/setup-java@v4
18+ uses : actions/setup-java@v5
1919 with :
2020 distribution : ' temurin'
2121 java-version : 21
2222 # generate settings.xml with the correct values
2323 server-id : sonatype-central-portal # Value of the distributionManagement/repository/id field of the pom.xml
24- server-username : MAVEN_USERNAME # env variable for username in deploy
25- server-password : MAVEN_PASSWORD # env variable for token in deploy
24+ server-username : MAVEN_CENTRAL_PORTAL_USERNAME # env variable for username in deploy
25+ server-password : MAVEN_CENTRAL_PORTAL_PASSWORD # env variable for token in deploy
2626 - name : Adjust Git Config
2727 run : |
2828 git config --global user.email "[email protected] " 2929 git config --global user.name "GitHub Action"
30- name : Build and Analyse Reactor with Maven
31- if : github.ref != 'refs/heads/master'
32- run : ./mvnw -B clean install org.sonarsource.scanner.maven:sonar-maven-plugin:5.2.0.4988:sonar -Dsonar.projectKey=Netcentric_aem-classification -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -Dsonar.scanner.skipJreProvisioning=true -Pcoverage-report
33- env :
34- # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
35- SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
36- # Needed to get some information about the pull request, if any
37- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
38- - name : Build Site for Maven Plugin
39- if : github.ref != 'refs/heads/master'
40- run : ./mvnw -B clean site --file aem-classification-maven-plugin/pom.xml
41- - name : Build, Analyse and Deploy Reactor with Maven
42- if : github.ref == 'refs/heads/master'
43- run : ./mvnw -B clean deploy org.sonarsource.scanner.maven:sonar-maven-plugin:5.2.0.4988:sonar -Dsonar.projectKey=Netcentric_aem-classification -Dsonar.organization=netcentric -Dsonar.host.url=https://sonarcloud.io -Dsonar.scanner.skipJreProvisioning=true -Pcoverage-report
44- env :
45- MAVEN_USERNAME : ${{ secrets.SONATYPE_CENTRAL_TOKEN_USER }}
46- MAVEN_PASSWORD : ${{ secrets.SONATYPE_CENTRAL_TOKEN_PASSWORD }}
47- # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
48- SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
49- # Needed to get some information about the pull request, if any
50- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
30+ # sets environment variables to be used in subsequent steps: https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
31+ - name : Set environment variables
32+ shell : bash
33+ run : |
34+ if [ "${{github.ref}}" = "refs/heads/master" ] && [ "${{github.event_name}}" = "push" ] && [ "${{github.repository_owner}}" = "Netcentric" ]; then
35+ echo 'Running on main branch of the canonical repo'
36+ echo "MVN_ADDITIONAL_OPTS=-DdeployAtEnd=true" >> $GITHUB_ENV
37+ echo "MVN_GOAL=deploy" >> $GITHUB_ENV
38+ echo "MAVEN_CENTRAL_PORTAL_USERNAME=${{ secrets.SONATYPE_CENTRAL_TOKEN_USER }}" >> $GITHUB_ENV
39+ echo "MAVEN_CENTRAL_PORTAL_PASSWORD=${{ secrets.SONATYPE_CENTRAL_TOKEN_PASSWORD }}" >> $GITHUB_ENV
40+ else
41+ echo 'Running outside main branch/canonical repo'
42+ echo "MVN_ADDITIONAL_OPTS=" >> $GITHUB_ENV
43+ echo "MVN_GOAL=install" >> $GITHUB_ENV
44+ fi
45+ name : Build
46+ run : ./mvnw -B clean deploy -Pcoverage-report
47+ - name : Upload build result for subsequent sonarqube job
48+ # not supported on forks, https://portal.productboard.com/sonarsource/1-sonarqube-cloud/c/50-sonarcloud-analyzes-external-pull-request
49+ if : ${{ github.repository == 'Netcentric/aem-classification' }}
50+ uses : actions/upload-artifact@v4
51+ with :
52+ name : compiled-classes-and-coverage
53+ # compare with https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/languages/java/#java-analysis-and-bytecode
54+ path : |
55+ **/target/**/*.class
56+ **/target/site/jacoco*/*.xml
5157name : Build Site for Maven Plugin
5258 if : github.ref == 'refs/heads/master'
5359 run : ./mvnw -B clean site --file aem-classification-maven-plugin/pom.xml
5460 - name : Upload Site for Maven Plugin
5561 if : github.ref == 'refs/heads/master'
56- uses : actions/upload-pages-artifact@v3
62+ uses : actions/upload-pages-artifact@v4
5763 with :
5864 path : aem-classification-maven-plugin/target/site/
65+ # execute analysis in a separate job for better visualization and usage of matrix builds
66+ # https://docs.sonarsource.com/sonarcloud/advanced-setup/ci-based-analysis/sonarscanner-for-maven/#invoking-the-goal
67+ sonarqube :
68+ name : SonarQube Analysis
69+ runs-on : ubuntu-latest
70+ needs : build
71+ # not supported on forks, https://portal.productboard.com/sonarsource/1-sonarqube-cloud/c/50-sonarcloud-analyzes-external-pull-request
72+ if : github.repository == 'Netcentric/aem-classification'
73+ steps :
74+ - uses : actions/checkout@v4
75+ with :
76+ fetch-depth : 0 # Shallow clones should be disabled for a better relevancy of analysis
77+ - name : Set up JDK 21
78+ uses : actions/setup-java@v5
79+ with :
80+ java-version : 21
81+ distribution : temurin
82+ cache : maven
83+ - name : Download compiled classes
84+ uses : actions/download-artifact@v4
85+ with :
86+ name : compiled-classes-and-coverage
87+ - name : Cache SonarQube packages
88+ uses : actions/cache@v4
89+ with :
90+ path : ~/.sonar/cache
91+ key : ${{ runner.os }}-sonar
92+ restore-keys : ${{ runner.os }}-sonar
93+ - name : Analyze with SonarQube
94+ env :
95+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
96+ SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
5997 deploy :
6098 if : github.ref == 'refs/heads/master'
6199 # Add a dependency to the build job
0 commit comments