Skip to content

Commit 31c99ee

Browse files
uhafneruhafner
committed
Synchronize CI pipelines
1 parent 9a63930 commit 31c99ee

File tree

4 files changed

+66
-65
lines changed

4 files changed

+66
-65
lines changed

.github/workflows/ci.yml

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ on:
44
push:
55
branches:
66
- main
7-
pull_request_target:
7+
pull_request:
88

99
jobs:
1010
build:
@@ -19,11 +19,6 @@ jobs:
1919

2020
steps:
2121
- uses: actions/checkout@v4
22-
if: github.event_name == 'push'
23-
- uses: actions/checkout@v4
24-
with:
25-
ref: "${{ github.event.pull_request.merge_commit_sha }}"
26-
if: github.event_name == 'pull_request_target'
2722
- name: Set up JDK ${{ matrix.jdk }}
2823
uses: actions/setup-java@v4
2924
with:

.github/workflows/codeql.yml

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ on:
44
push:
55
branches:
66
- main
7-
pull_request_target:
7+
pull_request:
88
schedule:
99
- cron: "32 3 * * 0"
1010

@@ -24,11 +24,6 @@ jobs:
2424

2525
steps:
2626
- uses: actions/checkout@v4
27-
if: github.event_name == 'push'
28-
- uses: actions/checkout@v4
29-
with:
30-
ref: "${{ github.event.pull_request.merge_commit_sha }}"
31-
if: github.event_name == 'pull_request_target'
3227

3328
- name: Setup Java
3429
uses: actions/setup-java@v4

.github/workflows/coverage.yml

Lines changed: 2 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ on:
44
push:
55
branches:
66
- main
7-
pull_request_target:
7+
pull_request:
88

99
jobs:
1010
coverage:
@@ -14,11 +14,6 @@ jobs:
1414

1515
steps:
1616
- uses: actions/checkout@v4
17-
if: github.event_name == 'push'
18-
- uses: actions/checkout@v4
19-
with:
20-
ref: "${{ github.event.pull_request.merge_commit_sha }}"
21-
if: github.event_name == 'pull_request_target'
2217
- name: Set up JDK 21
2318
uses: actions/setup-java@v4
2419
with:
@@ -33,7 +28,7 @@ jobs:
3328
- name: Generate coverage with JaCoCo
3429
run: mvn -V --color always -ntp clean verify -Pci
3530
- name: Upload coverage to Codecov
36-
uses: codecov/codecov-action@v5.3.1
31+
uses: codecov/codecov-action@v5.0.7
3732
with:
3833
file: 'target/site/jacoco/jacoco.xml'
3934
disable_search: true

.github/workflows/quality-monitor.yml

Lines changed: 62 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
name: 'Quality Monitor PR'
22

33
on:
4-
pull_request_target:
4+
pull_request:
55

66
jobs:
77
build:
@@ -11,8 +11,6 @@ jobs:
1111

1212
steps:
1313
- uses: actions/checkout@v4
14-
with:
15-
ref: "refs/pull/${{ github.event.number }}/merge"
1614
- name: Set up JDK 21
1715
uses: actions/setup-java@v4
1816
with:
@@ -24,29 +22,36 @@ jobs:
2422
uses: stCarolas/setup-maven@v5
2523
with:
2624
maven-version: 3.9.9
25+
- name: Cache the NVD database
26+
uses: actions/cache@v4
27+
with:
28+
path: ~/.m2/repository/org/owasp/dependency-check-data
29+
key: dependency-check
2730
- name: Build with Maven
2831
env:
2932
BROWSER: chrome-container
30-
run: mvn -V --color always -ntp clean verify -Ppit -Pci | tee maven.log
33+
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
34+
run: mvn -V --color always -ntp clean verify -Ppit -Pci -Powasp | tee maven.log
3135
- name: Extract pull request number
3236
uses: jwalton/gh-find-current-pr@v1
3337
id: pr
3438
- name: Run Quality Monitor
35-
uses: uhafner/quality-monitor@v1
39+
uses: uhafner/quality-monitor@v2
3640
with:
3741
github-token: ${{ secrets.GITHUB_TOKEN }}
3842
pr-number: ${{ steps.pr.outputs.number }}
43+
show-headers: true
3944
config: >
4045
{
4146
"tests": {
47+
"name": "Tests",
4248
"tools": [
4349
{
44-
"id": "test",
45-
"name": "Tests",
50+
"id": "junit",
51+
"name": "JUnit Tests",
4652
"pattern": "**/target/*-reports/TEST*.xml"
4753
}
48-
],
49-
"name": "Tests"
54+
]
5055
},
5156
"analysis": [
5257
{
@@ -72,6 +77,33 @@ jobs:
7277
"id": "spotbugs",
7378
"sourcePath": "src/main/java",
7479
"pattern": "**/target/spotbugsXml.xml"
80+
},
81+
{
82+
"id": "error-prone",
83+
"pattern": "**/maven.log"
84+
}
85+
]
86+
},
87+
{
88+
"name": "API Problems",
89+
"id": "api",
90+
"icon": "no_entry_sign",
91+
"tools": [
92+
{
93+
"id": "revapi",
94+
"sourcePath": "src/main/java",
95+
"pattern": "**/target/revapi-result.json"
96+
}
97+
]
98+
},
99+
{
100+
"name": "Vulnerabilities",
101+
"id": "vulnerabilities",
102+
"icon": "shield",
103+
"tools": [
104+
{
105+
"id": "owasp-dependency-check",
106+
"pattern": "**/target/dependency-check-report.json"
75107
}
76108
]
77109
}
@@ -82,90 +114,74 @@ jobs:
82114
"tools": [
83115
{
84116
"id": "jacoco",
85-
"name": "Line Coverage",
86117
"metric": "line",
87118
"sourcePath": "src/main/java",
88119
"pattern": "**/target/site/jacoco/jacoco.xml"
89120
},
90121
{
91122
"id": "jacoco",
92-
"name": "Branch Coverage",
93123
"metric": "branch",
94124
"sourcePath": "src/main/java",
95125
"pattern": "**/target/site/jacoco/jacoco.xml"
96126
}
97127
]
128+
},
129+
{
130+
"name": "Mutation Coverage",
131+
"tools": [
132+
{
133+
"id": "pit",
134+
"metric": "mutation",
135+
"sourcePath": "src/main/java",
136+
"pattern": "**/target/pit-reports/mutations.xml"
137+
},
138+
{
139+
"id": "pit",
140+
"metric": "test-strength",
141+
"sourcePath": "src/main/java",
142+
"pattern": "**/target/pit-reports/mutations.xml"
143+
}
144+
]
98145
}
99146
],
100147
"metrics":
101148
{
102-
"name": "Toplevel Metrics",
149+
"name": "Software Metrics",
103150
"tools": [
104151
{
105-
"name": "Cyclomatic Complexity",
106152
"id": "metrics",
107153
"pattern": "**/metrics/pmd.xml",
108154
"metric": "CYCLOMATIC_COMPLEXITY"
109155
},
110156
{
111-
"name": "Cognitive Complexity",
112157
"id": "metrics",
113158
"pattern": "**/metrics/pmd.xml",
114159
"metric": "COGNITIVE_COMPLEXITY"
115160
},
116161
{
117-
"name": "Lines of Code",
118162
"id": "metrics",
119163
"pattern": "**/metrics/pmd.xml",
120-
"metric": "LOC"
164+
"metric": "NPATH_COMPLEXITY"
121165
},
122166
{
123-
"name": "Non Commenting Source Statements",
124167
"id": "metrics",
125168
"pattern": "**/metrics/pmd.xml",
126-
"metric": "NCSS"
169+
"metric": "LOC"
127170
},
128171
{
129-
"name": "Access to foreign data",
130172
"id": "metrics",
131173
"pattern": "**/metrics/pmd.xml",
132-
"metric": "ACCESS_TO_FOREIGN_DATA"
174+
"metric": "NCSS"
133175
},
134176
{
135-
"name": "Class cohesion",
136177
"id": "metrics",
137178
"pattern": "**/metrics/pmd.xml",
138179
"metric": "COHESION"
139180
},
140181
{
141-
"name": "Fan out",
142-
"id": "metrics",
143-
"pattern": "**/metrics/pmd.xml",
144-
"metric": "FAN_OUT"
145-
},
146-
{
147-
"name": "Number of accessors",
148-
"id": "metrics",
149-
"pattern": "**/metrics/pmd.xml",
150-
"metric": "NUMBER_OF_ACCESSORS"
151-
},
152-
{
153-
"name": "Weight of a class",
154182
"id": "metrics",
155183
"pattern": "**/metrics/pmd.xml",
156184
"metric": "WEIGHT_OF_CLASS"
157-
},
158-
{
159-
"name": "Weighted method count",
160-
"id": "metrics",
161-
"pattern": "**/metrics/pmd.xml",
162-
"metric": "WEIGHED_METHOD_COUNT"
163-
},
164-
{
165-
"name": "N-Path Complexity",
166-
"id": "metrics",
167-
"pattern": "**/metrics/pmd.xml",
168-
"metric": "NPATH_COMPLEXITY"
169185
}
170186
]
171187
}

0 commit comments

Comments
 (0)