diff --git a/.github/workflows/basic.yaml b/.github/workflows/basic.yaml
new file mode 100644
index 0000000..1b4ba4e
--- /dev/null
+++ b/.github/workflows/basic.yaml
@@ -0,0 +1,26 @@
+name: Basic Verifications
+
+on:
+ push:
+ branches: [main, develop]
+
+ pull_request:
+ types: [opened, synchronize, reopened]
+
+jobs:
+ basic-verifications:
+ name: Verify code format and run tests
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up JDK ${{ vars.JAVA_VERSION }}
+ uses: actions/setup-java@v4
+ with:
+ java-version: ${{ vars.JAVA_VERSION }}
+ distribution: 'temurin'
+ cache: 'maven'
+
+ - name: Verify code and apply tests
+ run: ./mvnw verify
diff --git a/.github/workflows/code-analysis.yaml b/.github/workflows/code-analysis.yaml
new file mode 100644
index 0000000..0107267
--- /dev/null
+++ b/.github/workflows/code-analysis.yaml
@@ -0,0 +1,64 @@
+name: Code Analysis
+
+on:
+ push:
+ branches: [main, develop]
+
+ pull_request:
+ types: [opened, synchronize, reopened]
+
+jobs:
+ sonarcloud:
+ name: SonarCloud Analysis
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up JDK ${{ vars.JAVA_VERSION }}
+ uses: actions/setup-java@v4
+ with:
+ java-version: ${{ vars.JAVA_VERSION }}
+ distribution: 'temurin'
+ cache: 'maven'
+
+ - name: Perform the scan
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: ./mvnw verify -B sonar:sonar -Dsonar.organization=${{ secrets.SONAR_ORGANIZATION }} -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }}
+
+ code-ql:
+ name: CodeQL Analysis
+ runs-on: ubuntu-latest
+
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: ['java']
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Set up JDK ${{ vars.JAVA_VERSION }}
+ uses: actions/setup-java@v4
+ with:
+ java-version: ${{ vars.JAVA_VERSION }}
+ distribution: 'temurin'
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: ${{ matrix.language }}
+
+ - name: Build with Maven
+ run: ./mvnw compile
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
diff --git a/README.md b/README.md
index 41c809a..f6831a8 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,13 @@
# Car Service REST API sample
+[](https://github.com/firasrg/car-service-rest-api/actions/workflows/code-analysis.yaml)
+[](https://img.shields.io/badge/Java-17-f0fc03)
+
+[](https://sonarcloud.io/summary/new_code?id=firasrg_car-service-rest-api)
+[](https://sonarcloud.io/summary/new_code?id=firasrg_car-service-rest-api)
+[](https://sonarcloud.io/summary/new_code?id=firasrg_car-service-rest-api)
+[](https://sonarcloud.io/summary/new_code?id=firasrg_car-service-rest-api)
+
## Overview
The **Car Service REST API** 🚗🧑🔧 offers a comprehensive solution for managing car service systems. This developer-friendly project is designed to enhance proficiency with modern Spring applications, providing hands-on experience with real-world scenarios and best practices for backend development.
diff --git a/configs/git-hooks/pre-commit b/configs/git-hooks/pre-commit
index cafcba1..df75c96 100644
--- a/configs/git-hooks/pre-commit
+++ b/configs/git-hooks/pre-commit
@@ -4,7 +4,7 @@
#
# Run the Maven verify command
-./mvnw verify --offline
+./mvnw spotless:apply verify --offline
# Capture exit status of Maven command
RESULT=$?
diff --git a/mvnw b/mvnw
old mode 100644
new mode 100755
diff --git a/pom.xml b/pom.xml
index 7286724..f095a56 100644
--- a/pom.xml
+++ b/pom.xml
@@ -8,7 +8,7 @@
3.2.8
- com.example
+ com.frg
car-service-rest-api
0.0.1-SNAPSHOT
jar
@@ -29,6 +29,7 @@
17
+ https://sonarcloud.io
@@ -121,7 +122,7 @@
spotless-validate
validate
- apply
+ check
@@ -163,6 +164,11 @@
+
+ org.sonarsource.scanner.maven
+ sonar-maven-plugin
+ 4.0.0.4121
+