🔧 chore(Project): Configure Sonar validation without modifying the code. #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SonarCloud | |
| on: | |
| push: | |
| branches: | |
| - aiccra-feature-A2-821-sonar | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| jobs: | |
| build: | |
| name: Build and analyze | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Paso 1: Clonar el repositorio completamente para el análisis | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 # Clonar repositorio completamente para el análisis | |
| # Paso 2: Configurar JDK 8 para la compilación | |
| - name: Set up JDK 8 for build | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: 8 | |
| distribution: "temurin" | |
| # Paso 3: Eliminar Maven predeterminado y agregar Maven 3.8.1 | |
| - name: Install Maven 3.8.1 | |
| run: | | |
| # Eliminar Maven si está instalado | |
| sudo apt-get remove -y maven | |
| # Descargar Maven 3.8.1 | |
| wget https://archive.apache.org/dist/maven/maven-3/3.8.1/binaries/apache-maven-3.8.1-bin.tar.gz | |
| # Extraer el archivo | |
| sudo tar -xvzf apache-maven-3.8.1-bin.tar.gz -C /opt | |
| # Eliminar el archivo existente en /usr/bin/mvn si ya existe | |
| sudo rm -f /usr/bin/mvn | |
| # Crear el enlace simbólico correctamente | |
| sudo ln -s /opt/apache-maven-3.8.1/bin/mvn /usr/bin/mvn | |
| # Paso 4: Limpiar el caché de Maven | |
| - name: Clean Maven cache | |
| run: rm -rf ~/.m2/repository # Limpiar caché local de Maven | |
| # Paso 5: Forzar la actualización de las dependencias de Maven y mostrar detalles | |
| - name: Clean and install dependencies | |
| run: mvn clean install -U -X # Forzar la actualización de dependencias y mostrar detalles del error | |
| # Paso 6: Configurar JDK 11 para el análisis de SonarQube | |
| - name: Set up JDK 11 for SonarQube analysis | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: 11 | |
| distribution: "temurin" | |
| # Paso 7: Verificar que el token de SonarCloud está configurado | |
| - name: Verify SONAR_TOKEN | |
| run: | | |
| if [ -z "${{ secrets.SONAR_TOKEN }}" ]; then | |
| echo "SONAR_TOKEN is not set or empty" | |
| exit 1 | |
| else | |
| echo "SONAR_TOKEN is set" | |
| fi | |
| # Paso 8: Construir y analizar con SonarCloud | |
| - name: Build and analyze with SonarCloud | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=CCAFS_MARLO -Dsonar.organization=ccafs -Dsonar.java.binaries=target/classes |