This is an automated email from the ASF dual-hosted git repository. Pearl1594 pushed a commit to branch dedup-sonar-workflows in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit de6776b0675c7afbfdb8df94328dc1714a45a5f7 Author: Pearl Dsilva <[email protected]> AuthorDate: Tue Jun 2 15:04:50 2026 -0400 Deduplicate sonal CI github workflow --- .github/workflows/main-sonar-check.yml | 49 ++++-------------- .github/workflows/sonar-check.yml | 53 ++++--------------- .../{sonar-check.yml => sonar-reusable.yml} | 59 ++++++++++++++++------ 3 files changed, 61 insertions(+), 100 deletions(-) diff --git a/.github/workflows/main-sonar-check.yml b/.github/workflows/main-sonar-check.yml index 7ccd6600ab9..5aa3b7c0f49 100644 --- a/.github/workflows/main-sonar-check.yml +++ b/.github/workflows/main-sonar-check.yml @@ -23,46 +23,15 @@ on: - main permissions: - contents: read # to fetch code (actions/checkout) - pull-requests: write # for sonar to comment on pull-request + contents: read + pull-requests: write jobs: - build: + sonar: if: github.repository == 'apache/cloudstack' - name: Main Sonar JaCoCo Build - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - - name: Set up JDK17 - uses: actions/setup-java@v5 - with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Cache SonarCloud packages - uses: actions/cache@v5 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - - name: Cache local Maven repository - uses: actions/cache@v5 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }} - restore-keys: | - ${{ runner.os }}-m2 - - - name: Run Tests with Coverage - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack + uses: ./.github/workflows/sonar-reusable.yml + with: + is_pr: false + secrets: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml index 9f5c3a194bc..673c15ecad4 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-check.yml @@ -20,54 +20,19 @@ name: Sonar Quality Check on: [pull_request] permissions: - contents: read # to fetch code (actions/checkout) - pull-requests: write # for sonar to comment on pull-request + contents: read + pull-requests: write concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true jobs: - build: + sonar: if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository - name: Sonar JaCoCo Coverage - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v6 - with: - ref: "refs/pull/${{ github.event.number }}/merge" - fetch-depth: 0 - - - name: Set up JDK17 - uses: actions/setup-java@v5 - with: - distribution: 'temurin' - java-version: '17' - cache: 'maven' - - - name: Cache SonarCloud packages - uses: actions/cache@v5 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - - name: Cache local Maven repository - uses: actions/cache@v5 - with: - path: ~/.m2/repository - key: ${{ runner.os }}-m2-${{ hashFiles('pom.xml', '*/pom.xml', '*/*/pom.xml', '*/*/*/pom.xml') }} - restore-keys: | - ${{ runner.os }}-m2 - - - name: Run Build and Tests with Coverage - id: coverage - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - PR_ID: ${{ github.event.pull_request.number }} - HEADREF: ${{ github.event.pull_request.head.ref }} - run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + uses: ./.github/workflows/sonar-reusable.yml + with: + is_pr: true + secrets: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-reusable.yml similarity index 59% copy from .github/workflows/sonar-check.yml copy to .github/workflows/sonar-reusable.yml index 9f5c3a194bc..5dd806ce260 100644 --- a/.github/workflows/sonar-check.yml +++ b/.github/workflows/sonar-reusable.yml @@ -15,27 +15,34 @@ # specific language governing permissions and limitations # under the License. -name: Sonar Quality Check +name: Sonar Quality Check (Reusable) -on: [pull_request] +on: + workflow_call: + inputs: + is_pr: + description: 'true when called from a pull_request trigger' + type: boolean + required: true + secrets: + GITHUB_TOKEN: + required: true + SONAR_TOKEN: + required: false permissions: - contents: read # to fetch code (actions/checkout) - pull-requests: write # for sonar to comment on pull-request - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true + contents: read + pull-requests: write jobs: build: - if: github.repository == 'apache/cloudstack' && github.event.pull_request.head.repo.full_name == github.repository name: Sonar JaCoCo Coverage runs-on: ubuntu-22.04 steps: + # PR callers check out the merge commit; branch callers use the pushed SHA. - uses: actions/checkout@v6 with: - ref: "refs/pull/${{ github.event.number }}/merge" + ref: ${{ inputs.is_pr && format('refs/pull/{0}/merge', github.event.number) || github.sha }} fetch-depth: 0 - name: Set up JDK17 @@ -60,14 +67,34 @@ jobs: restore-keys: | ${{ runner.os }}-m2 - - name: Run Build and Tests with Coverage - id: coverage + - name: Install Non-OSS + run: | + git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss + cd nonoss && bash -x install-non-oss.sh && cd .. + + - name: Run Build and Tests with Coverage (PR) + if: inputs.is_pr env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} PR_ID: ${{ github.event.pull_request.number }} HEADREF: ${{ github.event.pull_request.head.ref }} - run: | - git clone https://github.com/shapeblue/cloudstack-nonoss.git nonoss - cd nonoss && bash -x install-non-oss.sh && cd .. - mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=apache_cloudstack -Dsonar.pullrequest.key="$PR_ID" -Dsonar.pullrequest.branch="$HEADREF" -Dsonar.pullrequest.github.repository=apache/cloudstack -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.summary_comment=true + run: > + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install + org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + -Dsonar.projectKey=apache_cloudstack + -Dsonar.pullrequest.key="$PR_ID" + -Dsonar.pullrequest.branch="$HEADREF" + -Dsonar.pullrequest.github.repository=apache/cloudstack + -Dsonar.pullrequest.provider=GitHub + -Dsonar.pullrequest.github.summary_comment=true + + - name: Run Tests with Coverage (Main) + if: "!inputs.is_pr" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: > + mvn -T$(nproc) -P quality -Dsimulator -Dnoredist clean install + org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + -Dsonar.projectKey=apache_cloudstack
