From acc216da27141fd26be6eb2a6ea19543ec5f9590 Mon Sep 17 00:00:00 2001 From: Matthew Date: Wed, 16 Jul 2025 10:32:30 +0100 Subject: [PATCH] SonarCloud - VJA - 1.0 --- .github/workflows/build.yml | 36 +++++++++++++++++++++++++++++++ .github/workflows/docker.yml | 41 ------------------------------------ build.gradle | 11 +++++++++- 3 files changed, 46 insertions(+), 42 deletions(-) create mode 100644 .github/workflows/build.yml delete mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..f02281a --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,36 @@ +name: SonarQube +on: + push: + branches: + - main + pull_request: + types: [opened, synchronize, reopened] +jobs: + build: + name: Build and analyze + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: 17 + distribution: 'zulu' # Alternative distribution options are available + - name: Cache SonarQube packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} + restore-keys: ${{ runner.os }}-gradle + - name: Build and analyze + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: ./gradlew build sonar --info \ No newline at end of file diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 40d3b50..0000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: docker - -on: - push: - branches: - - main - paths-ignore: - - 'README.md' - -permissions: - contents: read - packages: write - -env: - REGISTRY: ghcr.io - IMAGE_NAME: datadog/vulnerable-java-application - -jobs: - docker-build-push: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: | - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }} - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest diff --git a/build.gradle b/build.gradle index 95c2748..36e88a6 100644 --- a/build.gradle +++ b/build.gradle @@ -2,13 +2,14 @@ plugins { id 'java' id 'org.springframework.boot' version '3.2.5' id 'io.spring.dependency-management' version '1.1.4' + id "org.sonarqube" version "6.2.0.5505" } group = 'com.datadoghq.workshops' version = '0.0.1-SNAPSHOT' java { - sourceCompatibility = '21' + sourceCompatibility = '17' } repositories { @@ -27,4 +28,12 @@ dependencies { tasks.named('test') { useJUnitPlatform() +} + +sonar { + properties { + property "sonar.projectKey", "mtech-software-solutions_vulnerable-java-application" + property "sonar.organization", "mtech-software-solutions" + property "sonar.host.url", "https://sonarcloud.io" + } } \ No newline at end of file