Update maven-build.yml

Add SonarQube setting
2025-07-16 20:45:50 +00:00 · 2024-11-28 14:37:13 +09:00 · 2024-11-28 14:37:13 +09:00 · 1c5d679cc6
commit 1c5d679cc6
parent 21873b4a97
1 changed files with 21 additions and 1 deletions
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@ -8,10 +8,11 @@ on:
    branches: [ main ]
  pull_request:
    branches: [ main ]
+    types: [opened, synchronize, reopened]

 jobs:
  build:
-
+    name: Build and analyze
    runs-on: ubuntu-latest
    strategy:
      matrix:
@ -19,6 +20,8 @@ jobs:

    steps:
      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Set up JDK ${{matrix.java}}
        uses: actions/setup-java@v4
        with:
@ -27,3 +30,20 @@ jobs:
          cache: maven
      - name: Build with Maven Wrapper
        run: ./mvnw -B verify
+      - name: Cache SonarQube Cloud packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2   
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=BH-YU_BH-YU