Move example project workflow to parent, add build scripts and sonar

svenzik · svenzik · commit e16d72236330 · 2025-05-06T14:12:21.000+03:00
WE2-932

Signed-off-by: Sven Mitt &lt;svenzik@users.noreply.github.com&gt;
diff --git a/.github/workflows/maven-build-example.yml b/.github/workflows/maven-build-example.yml
@@ -0,0 +1,41 @@
+name: Maven build example
+
+on:
+  push:
+    paths:
+      - 'example/**'
+      - '.github/workflows/*example*'
+  pull_request:
+    paths:
+      - 'example/**'
+      - '.github/workflows/*example*'
+
+defaults:
+  run:
+    working-directory: ./example
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-java@v3
+        with:
+          distribution: zulu
+          java-version: 11
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-v8-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2-v8
+
+      - name: Build
+        run: mvn --batch-mode compile
+
+      - name: Test and package
+        run: mvn --batch-mode package
+
diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
@@ -1,6 +1,14 @@
 name: Maven build
 
-on: [ push, pull_request ]
+on:
+  push:
+    paths-ignore:
+      - 'example/**'
+      - '.github/workflows/*example*'
+  pull_request:
+    paths-ignore:
+      - 'example/**'
+      - '.github/workflows/*example*'
 
 jobs:
   build:
diff --git a/.github/workflows/sonarcloud-analysis-example.yml b/.github/workflows/sonarcloud-analysis-example.yml
@@ -0,0 +1,48 @@
+name: SonarCloud code analysis of example
+
+on:
+  push:
+    paths:
+      - 'example/**'
+      - '.github/workflows/*example*'
+  pull_request:
+    paths:
+      - 'example/**'
+      - '.github/workflows/*example*'
+
+defaults:
+  run:
+    working-directory: ./example
+
+jobs:
+  analyze:
+    name: Analyze
+    if: github.repository == 'web-eid/web-eid-authtoken-validation-java'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: zulu
+          java-version: 17
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-v11-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2-v17
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml
@@ -1,6 +1,14 @@
 name: SonarCloud code analysis
 
-on: [push, pull_request]
+on:
+  push:
+    paths-ignore:
+      - 'example/**'
+      - '.github/workflows/*example*'
+  pull_request:
+    paths-ignore:
+      - 'example/**'
+      - '.github/workflows/*example*'
 
 jobs:
   analyze:
diff --git a/example/.github/workflows/maven-build.yml b/example/.github/workflows/maven-build.yml
