-
Notifications
You must be signed in to change notification settings - Fork 185
121 lines (117 loc) · 3.58 KB
/
quality-monitor.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: 'Quality Monitor PR'
on:
pull_request_target:
jobs:
build:
runs-on: [ubuntu-latest]
name: Build, test and monitor quality on Ubuntu
steps:
- uses: actions/checkout@v4
with:
ref: "refs/pull/${{ github.event.number }}/merge"
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 21
check-latest: true
cache: 'maven'
- name: Set up Maven
uses: stCarolas/setup-maven@v5
with:
maven-version: 3.9.9
- name: Cache the NVD database
uses: actions/cache@v4
with:
path: ~/.m2/repository/org/owasp/dependency-check-data
key: dependency-check
- name: Build with Maven
env:
BROWSER: chrome-container
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: mvn -V --color always -ntp clean verify -Pci -Powasp | tee maven.log
- name: Extract pull request number
uses: jwalton/gh-find-current-pr@v1
id: pr
- name: Run Quality Monitor
uses: uhafner/quality-monitor@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
pr-number: ${{ steps.pr.outputs.number }}
config: >
{
"tests": {
"tools": [
{
"id": "test",
"name": "Tests",
"pattern": "**/target/*-reports/TEST*.xml"
}
],
"name": "Tests"
},
"analysis": [
{
"name": "Style",
"id": "style",
"tools": [
{
"id": "checkstyle",
"pattern": "**/target/checkstyle-*/checkstyle-result.xml"
},
{
"id": "pmd",
"pattern": "**/target/pmd-*/pmd.xml"
}
]
},
{
"name": "Bugs",
"id": "bugs",
"icon": "bug",
"tools": [
{
"id": "spotbugs",
"sourcePath": "src/main/java",
"pattern": "**/target/spotbugsXml.xml"
},
{
"id": "error-prone",
"pattern": "**/maven.log"
}
]
},
{
"name": "Vulnerabilities",
"id": "vulnerabilities",
"icon": "shield",
"tools": [
{
"id": "owasp-dependency-check",
"pattern": "**/target/dependency-check-report.json"
}
]
}
],
"coverage": [
{
"name": "Code Coverage",
"tools": [
{
"id": "jacoco",
"name": "Line Coverage",
"metric": "line",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
},
{
"id": "jacoco",
"name": "Branch Coverage",
"metric": "branch",
"sourcePath": "src/main/java",
"pattern": "**/target/site/jacoco/jacoco.xml"
}
]
}
]
}