From 63a3ab6b2ae9d3e9229774a206da139392eb5cb5 Mon Sep 17 00:00:00 2001 From: Oliver Weyhmueller Date: Sun, 5 Jan 2025 19:32:52 +0100 Subject: [PATCH 1/3] fix: wait for qualitygate when running sonarqube pipeline --- .forgejo/workflows/sonarqube.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.forgejo/workflows/sonarqube.yaml b/.forgejo/workflows/sonarqube.yaml index 318936f..958a67c 100644 --- a/.forgejo/workflows/sonarqube.yaml +++ b/.forgejo/workflows/sonarqube.yaml @@ -139,4 +139,6 @@ jobs: env: SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} SONAR_HOST_URL: ${{ vars.SONARQUBE_HOST }} - run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + run: > + mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar + -Dsonar.qualitygate.wait=true -- 2.45.3 From ad68c4c5415d9316519f385e24483d9ea54824ff Mon Sep 17 00:00:00 2001 From: Oliver Weyhmueller Date: Sun, 5 Jan 2025 20:02:23 +0100 Subject: [PATCH 2/3] chore: add dependency-check-suppressions and resolve sonar issues --- dependency-check-suppressions.xml | 3 +++ pom.xml | 6 ++++-- 2 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 dependency-check-suppressions.xml diff --git a/dependency-check-suppressions.xml b/dependency-check-suppressions.xml new file mode 100644 index 0000000..fbf9371 --- /dev/null +++ b/dependency-check-suppressions.xml @@ -0,0 +1,3 @@ + + + diff --git a/pom.xml b/pom.xml index 7f33d85..769e806 100644 --- a/pom.xml +++ b/pom.xml @@ -341,7 +341,6 @@ - cr.w9r.dev/spring-boot/${project.artifactId}:${project.version} true @@ -398,6 +397,10 @@ https://vulnz.w9r.de/nvd/nvdcve-{0}.json.gz vulnz HTML,XML,CSV,JSON,JUNIT,GITLAB + + dependency-check-suppressions.xml + https://w9r.dev/w9r.dev/dependency-check-suppressions/raw/branch/main/dependency-check-suppressions.xml + @@ -515,7 +518,6 @@ spring-boot-maven-plugin - dashaun/builder:tiny true -- 2.45.3 From c67b964d5ec3759b7eda2f5498a046f67f99c077 Mon Sep 17 00:00:00 2001 From: Oliver Weyhmueller Date: Sun, 5 Jan 2025 20:21:55 +0100 Subject: [PATCH 3/3] chore: fix caching in pipeline --- .forgejo/workflows/release.yaml | 8 ++++---- .forgejo/workflows/sonarqube.yaml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.forgejo/workflows/release.yaml b/.forgejo/workflows/release.yaml index a9c21f7..2d080b9 100644 --- a/.forgejo/workflows/release.yaml +++ b/.forgejo/workflows/release.yaml @@ -129,9 +129,9 @@ jobs: uses: https://github.com/actions/cache@v4 with: path: ~/.sdkman - key: ${{ runner.os }}-sdkman + key: ${{ runner.os }}-sdkman-${{ hashFiles('**/.sdkmanrc') }} restore-keys: | - ${{ runner.os }}-sdkman + ${{ runner.os }}-sdkman- env: ACTIONS_STEP_DEBUG: true @@ -139,9 +139,9 @@ jobs: uses: https://github.com/actions/cache@v4 with: path: ~/.m2/repository - key: ${{ runner.os }}-maven + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} restore-keys: | - ${{ runner.os }}-maven + ${{ runner.os }}-maven- env: ACTIONS_STEP_DEBUG: true diff --git a/.forgejo/workflows/sonarqube.yaml b/.forgejo/workflows/sonarqube.yaml index 958a67c..fc84e61 100644 --- a/.forgejo/workflows/sonarqube.yaml +++ b/.forgejo/workflows/sonarqube.yaml @@ -108,9 +108,9 @@ jobs: uses: https://github.com/actions/cache@v4 with: path: ~/.sdkman - key: ${{ runner.os }}-sdkman + key: ${{ runner.os }}-sdkman-${{ hashFiles('**/.sdkmanrc') }} restore-keys: | - ${{ runner.os }}-sdkman + ${{ runner.os }}-sdkman- env: ACTIONS_STEP_DEBUG: true @@ -125,9 +125,9 @@ jobs: uses: https://github.com/actions/cache@v4 with: path: ~/.m2/repository - key: ${{ runner.os }}-maven + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} restore-keys: | - ${{ runner.os }}-maven + ${{ runner.os }}-maven- env: ACTIONS_STEP_DEBUG: true -- 2.45.3