I am trying to perform analysis on the new code however the sonarCloud seems to analyze everything. I am not sure what's missing.
I am using 2 Github workflows, one during pull request
name: Application CI
on:
pull_request:
branches:
- development
- staging
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
validation:
name: 'Gradle Wrapper Validation'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: gradle/wrapper-validation-action@v1
pipeline:
name: something Pipeline
runs-on: ubuntu-latest
timeout-minutes: 40
env:
NODE_VERSION: 16.14.0
SPRING_OUTPUT_ANSI_ENABLED: DETECT
SPRING_JPA_SHOW_SQL: false
JHI_DISABLE_WEBPACK_LOGS: true
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16.14.0
- uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 11
- name: Cache SonarCloud packages
uses: actions/cache@v1
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Gradle packages
uses: actions/cache@v1
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: ./gradlew test jacocoTestReport sonarqube --info -x integrationTest
while the other one during merge
name: Application CI
on:
push:
branches:
- development
- staging
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: '11'
- name: Build with Gradle
run: ./gradlew -Pprod -Pwar clean bootWar
- name: Upload WAR
uses: actions/upload-artifact@v2
with:
name: artifact
path: build/libs/something-0.0.1-SNAPSHOT.war
- name: Download WAR
uses: actions/download-artifact@v2
with:
name: artifact
#Deploy the artifact (JAR) into AWS Beanstalk
- name: Deploy to EB
uses: einaregilsson/beanstalk-deploy@v20
with:
aws_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
#aws_session_token: ${{ secrets.AWS_SESSION_TOKEN }}
use_existing_version_if_available: true
application_name: something-stg
environment_name: staging
version_label: ${{github.SHA}}
region: ap-southeast-1
deployment_package: something-0.0.1-SNAPSHOT.war
wait_for_environment_recovery: 600
buid.gradle
...
apply from: "gradle/sonar.gradle"
...
sonarqube {
properties {
property "sonar.projectKey", "somethingapp_something"
property "sonar.organization", "somethingapp"
property "sonar.host.url", "https://sonarcloud.io"
}
}
sonar.gradle
jacoco {
toolVersion = "0.8.7"
}
jacocoTestReport {
executionData tasks.withType(Test)
classDirectories.from = files(sourceSets.main.output.classesDirs)
sourceDirectories.from = files(sourceSets.main.java.srcDirs)
reports {
xml.enabled true
}
}
plugins.withType(JacocoPlugin) {
tasks["test"].finalizedBy 'jacocoTestReport'
}
file("sonar-project.properties").withReader {
Properties sonarProperties = new Properties()
sonarProperties.load(it)
sonarProperties.each { key, value ->
sonarqube {
properties {
property key, value
}
}
}
}
test.dependsOn webapp_test
compileJava.dependsOn processResources
processResources.dependsOn bootBuildInfo
Any idea why my simple PR keeps on giving me the same analysis information?
PR listed in SonarCloud
