From 65c37b2200f11d8c36ff3adc978be380a7b7bad4 Mon Sep 17 00:00:00 2001 From: Matthew Watkins Date: Mon, 3 Nov 2025 13:41:24 +0000 Subject: [PATCH] CI: Add maven-build-action call before SonarQube scan Issue-ID: CIMAN-33 Change-Id: I6e76c2d078ab3db2c4f6967d3410a66a9a70217b Signed-off-by: Matthew Watkins --- .github/workflows/security-scans.yaml | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/.github/workflows/security-scans.yaml b/.github/workflows/security-scans.yaml index 68825b2..1278c7a 100644 --- a/.github/workflows/security-scans.yaml +++ b/.github/workflows/security-scans.yaml @@ -36,8 +36,7 @@ jobs: # Scan results are found at: https://sonarcloud.io/login sonarqube-cloud: name: "SonarQube Cloud" - # yamllint disable-line rule:line-length - uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonarqube-cloud.yaml@8c3cf221da0e47955647647c9a254c1f807081ce # v0.2.18 + runs-on: ubuntu-latest permissions: # Needed to upload the results to code-scanning dashboard. security-events: write @@ -46,5 +45,21 @@ jobs: # Uncomment the permissions below if installing in a private repository. # contents: read # actions: read - secrets: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + steps: + - name: 'Check for file: pom.xml' + id: maven-project + # yamllint disable-line rule:line-length + uses: lfreleng-actions/path-check-action@aa7dabfa92e50e31a0f091dd3e2741692e8dde07 # v0.1.5 + with: + path: "pom.xml" + + - name: "Build Maven project" + if: steps.maven-project.outputs.exists == 'true' + # yamllint disable-line rule:line-length + uses: lfreleng-actions/maven-build-action@766c383c4d1103778a5c166c3a84d081555895e2 # v0.1.0 + + - name: "SonarQube Cloud Scan" + # yamllint disable-line rule:line-length + uses: lfreleng-actions/sonarqube-cloud-scan-action@a5fb959e36b1e7957b7cae5f4a12bf14b5c66875 # v0.1.3 + with: + sonar_token: ${{ secrets.SONAR_TOKEN }} -- 2.16.6