Bump org.sonarqube from 6.1.0.5360 to 6.2.0.5505 #41
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| pull_request: | |
| branches: | |
| - 'main' | |
| - 'hotfix/v*.*.*' | |
| schedule: | |
| - cron: '0 5 * * 1' | |
| jobs: | |
| build-jar: | |
| name: Build JAR | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout project | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | |
| restore-keys: ${{ runner.os }}-gradle | |
| - name: Lint | |
| run: ./gradlew spotlessCheck | |
| - name: Build | |
| run: ./gradlew build --info | |
| - name: Publish test report | |
| if: always() | |
| uses: mikepenz/action-junit-report@v5 | |
| with: | |
| report_paths: '**/build/test-results/test/TEST-*.xml' | |
| - name: Grype source code | |
| id: grype_source_code | |
| uses: anchore/scan-action@v6 | |
| with: | |
| path: . | |
| fail-build: true | |
| severity-cutoff: high | |
| only-fixed: true | |
| - name: Upload Grype source code report | |
| if: always() && steps.grype_source_code.outputs.sarif != '' | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: ${{ steps.grype_source_code.outputs.sarif }} | |
| category: 'source-code' | |
| - name: Metadata | |
| id: metadata | |
| run: echo current_version=$(echo $(./gradlew properties --no-daemon --console=plain -q | grep "^version:" | awk '{printf $2}')) >> $GITHUB_OUTPUT | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: kafkactl-jar | |
| path: ${{ github.workspace }}/build/libs/kafkactl-${{ steps.metadata.outputs.current_version }}.jar | |
| - name: Sonar | |
| if: github.event.pull_request.head.repo.fork == false | |
| run: ./gradlew jacocoTestReport sonar | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| - name: Docker build | |
| run: ./gradlew dockerBuild | |
| - name: Grype Docker image | |
| id: grype_docker_image | |
| uses: anchore/scan-action@v6 | |
| with: | |
| image: michelin/kafkactl:${{ steps.metadata.outputs.current_version }} | |
| fail-build: true | |
| severity-cutoff: high | |
| only-fixed: true | |
| - name: Upload Grype Docker image report | |
| if: always() && steps.grype_docker_image.outputs.sarif != '' | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: ${{ steps.grype_docker_image.outputs.sarif }} | |
| category: 'docker-image' | |
| - name: Docker login | |
| if: github.ref == 'refs/heads/main' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.MICHELIN_DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.MICHELIN_DOCKER_HUB_PASSWD }} | |
| - name: Docker push | |
| if: github.ref == 'refs/heads/main' | |
| run: ./gradlew dockerBuild dockerPush | |
| build-native: | |
| name: Build Native Image ${{ matrix.platform }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ 'ubuntu-latest', 'windows-latest', 'macos-latest' ] | |
| include: | |
| - os: 'ubuntu-latest' | |
| platform: 'linux-amd64' | |
| extension: '' | |
| - os: 'macos-latest' | |
| platform: 'darwin-arm64' | |
| extension: '' | |
| - os: 'windows-latest' | |
| platform: 'windows-amd64' | |
| extension: '.exe' | |
| steps: | |
| - name: Checkout project | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up GraalVM | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| distribution: 'graalvm' | |
| java-version: '21' | |
| native-image-musl: ${{ matrix.os == 'ubuntu-latest' }} | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | |
| restore-keys: ${{ runner.os }}-gradle | |
| - name: Lint | |
| run: ./gradlew spotlessCheck | |
| - name: Build | |
| run: ./gradlew nativeCompile ${{ matrix.os == 'ubuntu-latest' && '-Pmusl' || '' }} | |
| - name: Metadata | |
| id: metadata | |
| run: echo current_version=$(echo $(./gradlew properties --no-daemon --console=plain -q | grep "^version:" | awk '{printf $2}')) >> $GITHUB_OUTPUT | |
| shell: bash | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: kafkactl-${{ matrix.platform }} | |
| path: ${{ github.workspace }}/build/native/nativeCompile/kafkactl-${{ steps.metadata.outputs.current_version }}${{ matrix.extension }} | |
| - name: Docker build | |
| if: matrix.os == 'ubuntu-latest' | |
| run: ./gradlew dockerBuildNative | |
| - name: Grype Docker image | |
| if: matrix.os == 'ubuntu-latest' | |
| id: grype_docker_image | |
| uses: anchore/scan-action@v6 | |
| with: | |
| image: michelin/kafkactl:${{ steps.metadata.outputs.current_version }}-native | |
| fail-build: true | |
| severity-cutoff: high | |
| only-fixed: true | |
| - name: Upload Grype Docker image report | |
| if: always() && steps.grype_docker_image.outputs.sarif != '' | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: ${{ steps.grype_docker_image.outputs.sarif }} | |
| category: 'docker-image' | |
| - name: Docker login | |
| if: matrix.os == 'ubuntu-latest' && github.ref == 'refs/heads/main' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.MICHELIN_DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.MICHELIN_DOCKER_HUB_PASSWD }} | |
| - name: Docker push | |
| if: matrix.os == 'ubuntu-latest' && github.ref == 'refs/heads/main' | |
| run: ./gradlew dockerBuildNative dockerPushNative |