deps: upgrade SpotBugs to 4.8.1 (#853) #614
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
branches: | |
- master | |
- sq-10 | |
paths-ignore: | |
- '.github/actions/**' | |
pull_request: | |
branches: | |
- master | |
paths-ignore: | |
- '.github/actions/**' | |
release: | |
types: | |
- published | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
# previous LTS version | |
- SONAR_SERVER_VERSION: 7.9 | |
SONAR_PLUGIN_API_VERSION: 7.9 | |
SONAR_PLUGIN_API_GROUPID: org.sonarsource.sonarqube | |
SONAR_JAVA_VERSION: 5.13.1.18282 | |
SONAR_SERVER_JAVA_VERSION: 11 | |
# current LTS version | |
- SONAR_SERVER_VERSION: 8.9.9.56886 | |
SONAR_PLUGIN_API_VERSION: 8.9.9.56886 | |
SONAR_PLUGIN_API_GROUPID: org.sonarsource.sonarqube | |
SONAR_JAVA_VERSION: 6.15.1.26025 | |
SONAR_SERVER_JAVA_VERSION: 11 | |
- SONAR_SERVER_VERSION: 9.7.0.61563 | |
SONAR_PLUGIN_API_VERSION: 9.11.0.290 | |
SONAR_PLUGIN_API_GROUPID: org.sonarsource.api.plugin | |
SONAR_JAVA_VERSION: 7.14.0.30229 | |
SONAR_SERVER_JAVA_VERSION: 11 | |
# 9.9 LTS | |
- SONAR_SERVER_VERSION: 9.9.0.65466 | |
SONAR_PLUGIN_API_VERSION: 9.14.0.375 | |
SONAR_PLUGIN_API_GROUPID: org.sonarsource.api.plugin | |
SONAR_JAVA_VERSION: 7.16.0.30901 | |
SONAR_SERVER_JAVA_VERSION: 17 | |
# 10.x | |
- SONAR_SERVER_VERSION: 10.2.1.78527 | |
SONAR_PLUGIN_API_VERSION: 10.1.0.809 | |
SONAR_PLUGIN_API_GROUPID: org.sonarsource.api.plugin | |
SONAR_JAVA_VERSION: 7.24.0.32100 | |
SONAR_SERVER_JAVA_VERSION: 17 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: ${{ matrix.SONAR_SERVER_JAVA_VERSION }} | |
distribution: temurin | |
cache: 'maven' | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.sonar/cache | |
~/.sonar/orchestrator/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Build | |
run: | | |
mvn verify -B -e -V \ | |
-Dsonar.server.version=${{ matrix.SONAR_SERVER_VERSION }} \ | |
-Dsonar-plugin-api.version=${{ matrix.SONAR_PLUGIN_API_VERSION }} \ | |
-Dsonar-plugin-api.groupId=${{ matrix.SONAR_PLUGIN_API_GROUPID }} \ | |
-Dsonar-java.version=${{ matrix.SONAR_JAVA_VERSION }} | |
deploy: | |
runs-on: ubuntu-latest | |
needs: build | |
# Forked repos do not have the secrets to deploy so this would fail | |
if: ( github.event_name == 'release' || ( github.event_name == 'push' && github.ref == 'refs/heads/master' )) && github.repository == 'spotbugs/sonar-findbugs' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 11 | |
distribution: temurin | |
cache: 'maven' | |
server-id: ossrh | |
server-username: OSSRH_JIRA_USERNAME | |
server-password: OSSRH_JIRA_PASSWORD | |
gpg-private-key: ${{ secrets.SIGNING_KEY }} | |
gpg-passphrase: GPG_PASSPHRASE | |
- name: Deploy artifacts to Maven Central | |
run: | | |
mvn clean deploy -B -e -P deploy -DskipTests | |
env: | |
OSSRH_JIRA_USERNAME: eller86 | |
OSSRH_JIRA_PASSWORD: ${{ secrets.OSSRH_JIRA_PASSWORD }} | |
GPG_PASSPHRASE: ${{ secrets.SIGNING_PASSWORD }} | |
CI: true | |
- name: Get release URL | |
if: github.event_name == 'release' | |
id: get_release | |
uses: bruceadams/[email protected] | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: Upload .jar file to GitHub Release | |
if: github.event_name == 'release' | |
uses: actions/upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.get_release.outputs.upload_url }} | |
asset_path: ./target/sonar-findbugs-plugin.jar | |
asset_name: sonar-findbugs-plugin-${{ github.event.release.tag_name }}.jar | |
asset_content_type: application/zip | |
- name: Request SonarSource to release the plugin to marketplace | |
if: github.event_name == 'release' && github.event.release.prerelease == false | |
uses: ./.github/actions/sonar-update-center | |
with: | |
prop-file: findbugs.properties | |
description: Use SpotBugs 4.8.1, sb-contrib 7.6.0, and findsecbugs 1.12.0 | |
minimal-supported-sq-version: 8.9 | |
latest-supported-sq-version: LATEST | |
changelog-url: https://github.com/spotbugs/sonar-findbugs/releases/tag/${{ github.event.release.tag_name }} | |
download-url: https://repo.maven.apache.org/maven2/com/github/spotbugs/sonar-findbugs-plugin/${{ github.event.release.tag_name }}/sonar-findbugs-plugin-${{ github.event.release.tag_name }}.jar # The URL to download your plugin | |
public-version: ${{ github.event.release.tag_name }} | |
sonar-cloud-url: https://sonarcloud.io/summary/new_code?id=com.github.spotbugs:sonar-findbugs-plugin | |
github-token: ${{ secrets.PAT_TO_FORK }} | |
discourse-api-key: ${{ secrets.DISCOURSE_API_KEY }} | |
skip-creating-pull-request: false | |
skip-announcing: true |