Configure Sonar

.github/workflows/maven master pull request.yml

@@ -1,10 +1,6 @@
 # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
 
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
 
 name: Java CI with Maven
 
@@ -15,11 +11,8 @@ on:
 jobs:
   build:
     services:
-      # Label used to access the service container
       postgres:
-        # Docker Hub image
         image: postgres:13.14-bullseye
-        # Provide the password for postgres
         env:
           POSTGRES_PASSWORD: password
           POSTGRES_DB: labelle_gen
@@ -30,7 +23,6 @@ jobs:
           --health-timeout 5s
           --health-retries 5
         ports:
-          # Maps tcp port 5432 on service container to the host
           - 5432:5432
 
     runs-on: ubuntu-latest
@@ -44,4 +36,8 @@ jobs:
         distribution: 'temurin'
         cache: maven
     - name: Build with Maven
-      run: xvfb-run mvn -Pcoverage -B package --file pom.xml
+      run: xvfb-run mvn -Pcoverage -B package --file pom.xml sonar:sonar \
+        -Dsonar.projectKey=labelle \
+        -Dsonar.organization=kamil-sita \
+        -Dsonar.host.url=https://sonarcloud.io \
+        -Dsonar.maven.scanAll=true

.github/workflows/maven on master.yml

@@ -1,12 +1,9 @@
 # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
 
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
 name: Java CI with Maven + Dependabot
+env:
+  SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_TOKEN }}
 
 on:
   push:
@@ -15,11 +12,8 @@ on:
 jobs:
   build:
     services:
-      # Label used to access the service container
       postgres:
-        # Docker Hub image
         image: postgres:13.14-bullseye
-        # Provide the password for postgres
         env:
           POSTGRES_PASSWORD: password
           POSTGRES_DB: labelle_gen
@@ -30,7 +24,6 @@ jobs:
           --health-timeout 5s
           --health-retries 5
         ports:
-          # Maps tcp port 5432 on service container to the host
           - 5432:5432
 
     runs-on: ubuntu-latest
@@ -43,7 +36,11 @@ jobs:
         java-version: '17'
         distribution: 'temurin'
         cache: maven
-    - name: Build with Maven
-      run: xvfb-run mvn -Pcoverage -B package --file pom.xml
+    - name: Build with Maven, analyze
+      run: xvfb-run mvn -Pcoverage -B package --file pom.xml sonar:sonar \
+        -Dsonar.projectKey=labelle \
+        -Dsonar.organization=kamil-sita \
+        -Dsonar.host.url=https://sonarcloud.io \
+        -Dsonar.maven.scanAll=true
     - name: Update dependency graph
       uses: advanced-security/maven-dependency-submission-action@v3

db-codegen/pom.xml

@@ -15,6 +15,7 @@
         <maven.compiler.source>17</maven.compiler.source>
         <maven.compiler.target>17</maven.compiler.target>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <sonar.skip>true</sonar.skip>
     </properties>
 
     <dependencies>