diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml index 5b76470a5f..93f1ba5b3e 100644 --- a/.github/workflows/pr-check.yml +++ b/.github/workflows/pr-check.yml @@ -93,9 +93,86 @@ jobs: core.info('PR lint passed.'); } + sonar-check: + name: SonarCloud Analysis + needs: pr-lint + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }} + restore-keys: ${{ runner.os }}-gradle- + + - name: Build and analyze + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: | + ./gradlew clean classes testClasses sonar --info -PskipJdkCheck \ + -Dsonar.host.url=https://sonarcloud.io \ +# -Dsonar.organization=${{ github.repository_owner }} \ + -Dsonar.organization=tron-zhaohong \ +# -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} + -Dsonar.projectKey=java-tron + + checkstyle: + name: Checkstyle + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }} + restore-keys: ${{ runner.os }}-gradle- + + - name: Run Checkstyle + run: ./gradlew :framework:checkstyleMain :framework:checkstyleTest :plugins:checkstyleMain + + - name: Upload Checkstyle reports + if: failure() + uses: actions/upload-artifact@v4 + with: + name: checkstyle-reports + path: | + framework/build/reports/checkstyle/ + plugins/build/reports/checkstyle/ + build: name: Build ${{ matrix.os-name }}(JDK ${{ matrix.java }} / ${{ matrix.arch }}) - needs: pr-lint + needs: [pr-lint, checkstyle, sonar-check] runs-on: ${{ matrix.runner }} strategy: fail-fast: false @@ -141,7 +218,7 @@ jobs: docker-build-rockylinux: name: Build rockylinux (JDK 8 / x86_64) - needs: pr-lint + needs: [pr-lint, checkstyle, sonar-check] runs-on: ubuntu-latest container: @@ -207,7 +284,7 @@ jobs: docker-build-debian11: name: Build debian11 (JDK 8 / x86_64) - needs: pr-lint + needs: [pr-lint, checkstyle, sonar-check] runs-on: ubuntu-latest container: @@ -412,39 +489,4 @@ jobs: echo "All coverage gates passed!" echo " Current commit : ${self_cov}%" echo " Base branch : ${base_branch_cov}%" - echo " Patch coverage : ${patch_cov}%" - - checkstyle: - name: Checkstyle - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - - - name: Set up JDK 8 - uses: actions/setup-java@v4 - with: - java-version: '8' - distribution: 'temurin' - - - name: Cache Gradle packages - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }} - restore-keys: ${{ runner.os }}-gradle- - - - name: Run Checkstyle - run: ./gradlew :framework:checkstyleMain :framework:checkstyleTest :plugins:checkstyleMain - - - name: Upload Checkstyle reports - if: failure() - uses: actions/upload-artifact@v4 - with: - name: checkstyle-reports - path: | - framework/build/reports/checkstyle/ - plugins/build/reports/checkstyle/ - + echo " Patch coverage : ${patch_cov}%" \ No newline at end of file diff --git a/build.gradle b/build.gradle index 12a0622db9..9c8a533b33 100644 --- a/build.gradle +++ b/build.gradle @@ -1,5 +1,18 @@ import org.gradle.nativeplatform.platform.internal.Architectures import org.gradle.internal.os.OperatingSystem + +// SonarQube plugin: only resolve on JDK 17+ to avoid verification-metadata issues on JDK 8 +if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) { + buildscript { + repositories { + maven { url 'https://plugins.gradle.org/m2/' } + } + dependencies { + classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882' + } + } +} + allprojects { version = "1.0.0" apply plugin: "java-library" @@ -40,7 +53,7 @@ ext.archInfo = [ VMOptions: isArm64 ? "${rootDir}/gradle/jdk17/java-tron.vmoptions" : "${rootDir}/gradle/java-tron.vmoptions" ] -if (!archInfo.java.is(archInfo.requires.JavaVersion)) { +if (!archInfo.java.is(archInfo.requires.JavaVersion) && !project.hasProperty('skipJdkCheck')) { throw new GradleException("Java ${archInfo.requires.JavaVersion} is required for ${archInfo.name}. Detected version ${archInfo.java}") } @@ -165,3 +178,28 @@ gradle.buildFinished { } } } + +// Apply SonarQube plugin only when running with JDK 17+ (sonar analysis requires JDK 17) +if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) { + apply plugin: "org.sonarqube" + + sonar { + properties { + property "sonar.sourceEncoding", "UTF-8" + } + } + + // Only analyze these modules; skip the rest + ["protocol", "platform", "example:actuator-example"].each { name -> + project(":${name}").sonar.skipProject = true + } + + // Only analyze main sources, exclude test sources + subprojects { + sonar { + properties { + property "sonar.tests", "" + } + } + } +} diff --git a/framework/build.gradle b/framework/build.gradle index 59d070e066..42e905fda6 100644 --- a/framework/build.gradle +++ b/framework/build.gradle @@ -1,6 +1,6 @@ plugins { id "org.gradle.test-retry" version "1.5.9" - id "org.sonarqube" version "2.6" + id "com.gorylenko.gradle-git-properties" version "2.4.1" } diff --git a/plugins/build.gradle b/plugins/build.gradle index e03e9a7c49..6f18f2b9d4 100644 --- a/plugins/build.gradle +++ b/plugins/build.gradle @@ -1,5 +1,4 @@ plugins { - id "org.sonarqube" version "2.6" } apply plugin: 'application'