Add basic CI github actions script

Note: this commit includes fixing an issue in pom.xml: renaming groupId
firasrg · Aug 10, 2024 · 9a2d62c · 9a2d62c
1 parent a0c38bc
commit 9a2d62c
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 3 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -0,0 +1,64 @@
+name: CI Verification, SonarCloud Analysis, and CodeQL
+
+on:
+  push:
+    branches: [main, develop]
+
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  verify-and-test:
+    name: Code Format and Tests Verification
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK ${{ vars.JAVA_VERSION }}
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ vars.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: Verify code and apply tests
+        run: ./mvnw verify
+
+  sonarcloud:
+    name: SonarCloud Code Analysis
+    runs-on: ubuntu-latest
+    needs: verify-and-test
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK ${{ vars.JAVA_VERSION }}
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ vars.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: SonarCloud Scan
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: ./mvnw sonar:sonar -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} -Dsonar.host.url=https://sonarcloud.io
+
+  codeql:
+    name: CodeQL Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: java
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: 'security'
diff --git a/configs/git-hooks/pre-commit b/configs/git-hooks/pre-commit
@@ -4,7 +4,7 @@
 #
 
 # Run the Maven verify command
-./mvnw verify --offline
+./mvnw  spotless:apply verify --offline
 
 # Capture exit status of Maven command
 RESULT=$?

diff --git a/mvnw b/mvnw
diff --git a/pom.xml b/pom.xml
@@ -8,7 +8,7 @@
 		<version>3.2.8</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
-	<groupId>com.example</groupId>
+	<groupId>com.frg</groupId>
 	<artifactId>car-service-rest-api</artifactId>
 	<version>0.0.1-SNAPSHOT</version>
 	<packaging>jar</packaging>
@@ -121,7 +121,7 @@
 						<id>spotless-validate</id>
 						<phase>validate</phase>
 						<goals>
-							<goal>apply</goal>
+							<goal>check</goal>
 						</goals>
 					</execution>
 				</executions>
@@ -163,6 +163,11 @@
 					</execution>
 				</executions>
 			</plugin>
+			<plugin>
+				<groupId>org.sonarsource.scanner.maven</groupId>
+				<artifactId>sonar-maven-plugin</artifactId>
+				<version>4.0.0.4121</version>
+			</plugin>
 		</plugins>
 	</build>
 </project>