Skip to content

Commit ae48f4b

Browse files
committed
Add Sonar and Grype
# Conflicts: # pom.xml
1 parent 6751cd2 commit ae48f4b

File tree

2 files changed

+40
-0
lines changed

2 files changed

+40
-0
lines changed

.github/workflows/build.yml

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,29 @@ jobs:
5353
with:
5454
report_paths: '**/target/surefire-reports/TEST-*.xml'
5555

56+
- name: Grype source code
57+
id: grype_source_code
58+
uses: anchore/scan-action@v6
59+
with:
60+
path: .
61+
fail-build: true
62+
severity-cutoff: high
63+
only-fixed: true
64+
65+
- name: Upload Grype source code report
66+
if: always() && steps.grype_source_code.outputs.sarif != ''
67+
uses: github/codeql-action/upload-sarif@v3
68+
with:
69+
sarif_file: ${{ steps.grype_source_code.outputs.sarif }}
70+
category: 'source-code'
71+
72+
- name: Sonar
73+
if: github.event.pull_request.head.repo.fork == false
74+
run: mvn verify sonar:sonar
75+
env:
76+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
77+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
78+
5679
- name: Docker
5780
if: github.ref == 'refs/heads/main'
5881
run: mvn -B -DskipTests package jib:build -Djib.to.auth.username=$DOCKER_USER -Djib.to.auth.password=$DOCKER_TOKEN

pom.xml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,9 @@
2323
<palantir.version>2.58.0</palantir.version>
2424
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
2525
<slf4j-api.version>2.0.17</slf4j-api.version>
26+
<sonar.host.url>https://sonarcloud.io</sonar.host.url>
27+
<sonar.organization>michelin</sonar.organization>
28+
<sonar.projectKey>michelin_kafka-streams-processing-error-handling</sonar.projectKey>
2629
<spotless-maven-plugin.version>2.44.5</spotless-maven-plugin.version>
2730
</properties>
2831

@@ -117,6 +120,20 @@
117120
<endWithNewline />
118121
</sortPom>
119122
</pom>
123+
<yaml>
124+
<includes>
125+
<include>src/main/resources/*.yml</include>
126+
<include>src/test/resources/*.yml</include>
127+
</includes>
128+
<jackson>
129+
<features>
130+
<ORDER_MAP_ENTRIES_BY_KEYS>true</ORDER_MAP_ENTRIES_BY_KEYS>
131+
</features>
132+
<yamlFeatures>
133+
<WRITE_DOC_START_MARKER>false</WRITE_DOC_START_MARKER>
134+
</yamlFeatures>
135+
</jackson>
136+
</yaml>
120137
</configuration>
121138
<executions>
122139
<execution>

0 commit comments

Comments
 (0)