Skip to content

Merge pull request #5327 from eXist-db/dependabot/maven/org.apache.ma… #26

Merge pull request #5327 from eXist-db/dependabot/maven/org.apache.ma…

Merge pull request #5327 from eXist-db/dependabot/maven/org.apache.ma… #26

Workflow file for this run

name: SonarCloud
on:
push:
branches:
- develop
- master
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: SonarCloud Analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 17
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: sonarcloud-${{ runner.os }}-cache-${{ hashFiles('**/pom.xml') }}
restore-keys: sonarcloud-${{ runner.os }}-cache
- name: Cache Maven packages
uses: actions/cache@v4
with:
path: ~/.m2
key: sonarcloud-${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: sonarcloud-${{ runner.os }}-maven
- name: Analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -V -B -Dsurefire.useFile=false -DtrimStackTrace=false -Ddependency-check.skip=true -Ddocker=false -P \!mac-dmg-on-mac,\!codesign-mac-dmg,\!mac-dmg-on-unix,\!installer,\!concurrency-stress-tests,\!micro-benchmarks,\!build-dist-archives verify site org.sonarsource.scanner.maven:sonar-maven-plugin:sonar