Add client ID to ROR request and switch to APIv2 #1052
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SonarCloud Analysis | |
| # Run this workflow on commits to the development branch | |
| on: | |
| push: | |
| branches: | |
| - development | |
| - main | |
| pull_request: | |
| branches: | |
| - development | |
| - main | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| contents: read # This is required for actions/checkout | |
| jobs: | |
| sonarcloud: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| - name: Debug OIDC (get a token) | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const token = await core.getIDToken('sigstore'); // audience example | |
| core.setSecret(token); | |
| console.log('OIDC token acquired. Length:', token.length); | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '21' | |
| - name: Load local Maven repository cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven- | |
| # Build the project using Maven | |
| - name: Build with Maven | |
| run: mvn clean install | |
| # Run SonarCloud analysis | |
| - name: SonarCloud Scan | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Use the token stored in GitHub secrets | |
| run: mvn sonar:sonar |