pom/dependencies
pom/dependencies
4
0
Fork 0
Code Issues 1 Pull requests Projects Releases 15 Packages Wiki Activity Actions

ci: add maven settings.xml
Some checks failed
SonarQube Scan / SonarQube Trigger (push) Failing after 19s
Details
release / Release (push) Failing after 22s
Details

Browse source
This commit is contained in:
Oliver Weyhmüller 2025-01-05 17:59:25 +01:00
parent f598927653
commit 7f981d55e2
Signed by: oliver
GPG key ID: 5286794099F934A3
3 changed files with 215 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
.gitea/workflows/release.yaml → .forgejo/workflows/release.yaml
View file

@ -25,6 +25,80 @@ jobs:
mkdir -p /root/.jreleaser mkdir -p /root/.jreleaser
touch /root/.jreleaser/config.properties touch /root/.jreleaser/config.properties
- name: maven-settings-xml-action
uses: https://github.com/whelk-io/maven-settings-xml-action@v22
with:
repositories: >
[
{
"id": "maven-releases",
"name": "Releases",
"url": "https://nexus.w9r.dev/repository/maven-releases",
"releases": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "fail"
}
},
{
"id": "maven-snapshots",
"name": "Snapshots",
"url": "https://nexus.w9r.dev/repository/maven-snapshots",
"releases": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
}
}
]
servers: >
[
{
"id": "maven-group",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "maven-snapshots",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "maven-releases",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "vulnz",
"username": "${{ secrets.VULNZ_USERNAME }}",
"password": "${{ secrets.VULNZ_PASSWORD }}",
}
]
mirrors: >
[
{
"id": "maven-group",
"name": ""central",
"mirrorOf": "*",
"url": "https://nexus.w9r.dev/repository/maven-group/"
}
]
plugin_groups: >
[
"org.sonarsource.scanner.maven"
]
output_file: .m2/settings.xml
- name: Determine next version - name: Determine next version
uses: https://github.com/obfu5c8/action-svu@v1 uses: https://github.com/obfu5c8/action-svu@v1
id: generate_next_version id: generate_next_version

141
.forgejo/workflows/sonarqube.yaml Normal file
View file

@ -0,0 +1,141 @@
---
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Trigger
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Environment
run: |
apt update
apt install -y zip
mkdir -p /root/.jreleaser
touch /root/.jreleaser/config.properties
- name: Install syft
uses: https://github.com/anchore/sbom-action/download-syft@v0
id: install_syft
with:
syft-version: v1.18.1
- name: maven-settings-xml-action
uses: https://github.com/whelk-io/maven-settings-xml-action@v22
with:
repositories: >
[
{
"id": "maven-releases",
"name": "Releases",
"url": "https://nexus.w9r.dev/repository/maven-releasesl",
"releases": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "fail"
}
},
{
"id": "maven-snapshots",
"name": "Snapshots",
"url": "https://nexus.w9r.dev/repository/maven-snapshots",
"releases": {
"enabled": "false",
"updatePolicy": "always",
"checksumPolicy": "warn"
},
"snapshots": {
"enabled": "true",
"updatePolicy": "always",
"checksumPolicy": "warn"
}
}
]
servers: >
[
{
"id": "maven-group",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "maven-snapshots",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "maven-releases",
"username": "${{ secrets.NEXUS_USERNAME }}",
"password": "${{ secrets.NEXUS_PASSWORD }}",
},
{
"id": "vulnz",
"username": "${{ secrets.VULNZ_USERNAME }}",
"password": "${{ secrets.VULNZ_PASSWORD }}",
}
]
mirrors: >
[
{
"id": "maven-group",
"name": ""central",
"mirrorOf": "*",
"url": "https://nexus.w9r.dev/repository/maven-group/"
}
]
plugin_groups: >
[
"org.sonarsource.scanner.maven"
]
output_file: .m2/settings.xml
- name: Cache Java and Maven software
uses: https://github.com/actions/cache@v4
with:
path: ~/.sdkman
key: ${{ runner.os }}-sdkman
restore-keys: |
${{ runner.os }}-sdkman
env:
ACTIONS_STEP_DEBUG: true
- name: Cache SonarQube packages
uses: https://github.com/actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache local Maven repository
uses: https://github.com/actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven
restore-keys: |
${{ runner.os }}-maven
env:
ACTIONS_STEP_DEBUG: true
- name: Install Java & Maven
uses: https://github.com/sdkman/sdkman-action@main
id: sdkman
- name: SonarQube Scan
env:
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONAR_HOST_URL: ${{ vars.SONARQUBE_HOST }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar

67
.gitea/workflows/sonarqube.yaml
View file

@ -1,67 +0,0 @@
---
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Trigger
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Environment
run: |
apt update
apt install -y zip
mkdir -p /root/.jreleaser
touch /root/.jreleaser/config.properties
- name: Install syft
uses: https://github.com/anchore/sbom-action/download-syft@v0
id: install_syft
with:
syft-version: v1.18.1
- name: Cache Java and Maven software
uses: https://github.com/actions/cache@v4
with:
path: ~/.sdkman
key: ${{ runner.os }}-sdkman
restore-keys: |
${{ runner.os }}-sdkman
env:
ACTIONS_STEP_DEBUG: true
- name: Cache SonarQube packages
uses: https://github.com/actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache local Maven repository
uses: https://github.com/actions/cache@v4
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven
restore-keys: |
${{ runner.os }}-maven
env:
ACTIONS_STEP_DEBUG: true
- name: Install Java & Maven
uses: https://github.com/sdkman/sdkman-action@main
id: sdkman
- name: SonarQube Scan
env:
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONAR_HOST_URL: ${{ vars.SONARQUBE_HOST }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar