Bump sonarpython.version from 5.20.0.32295 to 5.21.0.32726 #493
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - '*.md' | |
| tags: | |
| - '[0-9]+.[0-9]+.[0-9]+' | |
| pull_request: | |
| types: [ opened, synchronize, reopened ] | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: Build job | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: read # allows SonarCloud to decorate PRs with analysis results | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| cache: maven # enable maven cache shared by all github actions builds | |
| # to be able to use "sonar:sonar" instead of "org.sonarsource.scanner.maven:sonar-maven-plugin:sonar" | |
| # inside this build but also when the test project analysis is launched with sonar:sonar | |
| - name: Configure Maven for Sonar | |
| run: | | |
| mkdir -p ~/.m2 | |
| echo "<settings><pluginGroups><pluginGroup>org.sonarsource.scanner.maven</pluginGroup></pluginGroups></settings>" > ~/.m2/settings.xml | |
| - name: Cache SonarQube packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Verify | |
| run: ./mvnw -e -B verify | |
| - name: SonarQube Scan | |
| if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| if [ -z "$SONAR_TOKEN" ]; then | |
| echo "⚠️ SONAR_TOKEN is not set (Dependabot PR or external fork). Skipping SonarQube scan." | |
| else | |
| ./mvnw -e -B sonar:sonar -Dsonar.projectKey=green-code-initiative_creedengo-python -Dsonar.organization=green-code-initiative | |
| fi |