Update sslr.version to v1.25.1.3886 (#291) #73
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - branch-* | |
| - dogfood-* | |
| pull_request: | |
| merge_group: | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: github-ubuntu-latest-s | |
| permissions: | |
| id-token: write | |
| contents: write | |
| pull-requests: read | |
| steps: | |
| - &checkout | |
| name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - &mise | |
| name: Setup mise | |
| uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3.5.1 | |
| with: | |
| version: 2025.7.12 | |
| - name: Build with Maven | |
| uses: SonarSource/ci-github-actions/build-maven@v1 | |
| with: | |
| deploy-pull-request: true | |
| maven-args: -Pcoverage-report -Dcommercial -T1C | |
| sonar-platform: next | |
| artifactory-reader-role: private-reader | |
| artifactory-deployer-role: qa-deployer | |
| - name: Upload plugin JAR | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: sonar-flex-plugin | |
| path: sonar-flex-plugin/target/sonar-flex-plugin-*.jar | |
| if-no-files-found: error | |
| retention-days: 1 | |
| windows: | |
| name: Windows Build | |
| needs: [build] | |
| runs-on: windows-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - *checkout | |
| - *mise | |
| - name: Build Maven (no deploy) | |
| uses: SonarSource/ci-github-actions/build-maven@master | |
| with: | |
| deploy: false | |
| artifactory-reader-role: private-reader | |
| artifactory-deployer-role: qa-deployer | |
| sonar-platform: none | |
| maven-args: '-T1C' | |
| plugin_qa: | |
| name: Plugin QA (${{ matrix.sq_version }}) | |
| runs-on: github-ubuntu-latest-s | |
| needs: [build] | |
| if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/branch-') || startsWith(github.ref, 'refs/heads/dogfood-') | |
| permissions: | |
| id-token: write | |
| contents: read | |
| strategy: | |
| matrix: | |
| sq_version: | |
| - LATEST_RELEASE | |
| - DEV | |
| steps: | |
| - *checkout | |
| - &mise_no_cache | |
| name: Setup mise | |
| uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3.5.1 | |
| with: | |
| version: 2025.7.12 | |
| cache_save: false | |
| - &download_jar | |
| name: Download plugin JAR | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 | |
| with: | |
| name: sonar-flex-plugin | |
| path: sonar-flex-plugin/target | |
| - &secrets | |
| name: Get secrets from Vault | |
| id: secrets | |
| uses: SonarSource/vault-action-wrapper@v3 | |
| with: | |
| secrets: | | |
| development/github/token/licenses-ro token | GITHUB_TOKEN; | |
| development/kv/data/repox url | ARTIFACTORY_URL; | |
| development/artifactory/token/SonarSource-sonar-flex-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN; | |
| - name: Run Plugin QA | |
| env: &qa_env | |
| GITHUB_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).GITHUB_TOKEN }} | |
| ARTIFACTORY_URL: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_URL }} | |
| ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }} | |
| run: | | |
| cd its/plugin | |
| mvn verify -Pit-plugin -Dsonar.runtimeVersion=${{ matrix.sq_version }} -Dmaven.test.redirectTestOutputToFile=false -B -e -V | |
| ruling: | |
| name: Ruling | |
| runs-on: github-ubuntu-latest-s | |
| needs: [build] | |
| if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/branch-') || startsWith(github.ref, 'refs/heads/dogfood-') | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| submodules: true | |
| - *mise_no_cache | |
| - *download_jar | |
| - *secrets | |
| - name: Run Ruling | |
| env: *qa_env | |
| run: | | |
| cd its/ruling | |
| mvn verify -Pit-ruling -Dsonar.runtimeVersion=LATEST_RELEASE -Dmaven.test.redirectTestOutputToFile=false -B -e -V | |
| promote: | |
| name: Promote | |
| runs-on: github-ubuntu-latest-s | |
| needs: [build, ruling, plugin_qa] | |
| if: | | |
| needs.build.result == 'success' && | |
| (github.event_name == 'pull_request' || github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/branch-') || startsWith(github.ref, 'refs/heads/dogfood-')) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - *checkout | |
| - *mise_no_cache | |
| - name: Promote Maven artifacts | |
| uses: SonarSource/ci-github-actions/promote@v1 | |
| with: | |
| promote-pull-request: true |