Skip to content

Connection equality added for relational database connections - legen… #4

Connection equality added for relational database connections - legen…

Connection equality added for relational database connections - legen… #4

Workflow file for this run

# Copyright 2022 Goldman Sachs
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Code Quality Check
on:
# Analysis done to check for security and quality are often taken care of by vendor tools, such as SonarCloud, CodeQL, etc.
# We will not run these in PR pipelins for the following reasons:
# 1. In terms of quality checks, these analysis are often already covered by code checks (e.g. eslint) already set to run
# for PRs
# 2. Security checks are included meaning that these checks will have to go through a huge libraries of vulnerability checks
# from vendor, which could take up huge amount of time to run, which is not suitable to have in PR unless absolutely necessary.
# However, most of the problems detected by these checks are often security warnings and some other niche problems that we might
# or might not necessarily have to deal with (false positive, or belongs to test-only codepath)
push:
branches:
- master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
MAVEN_OPTS: "-Xmx6g"
# Cancel running jobs from previous pipelines of the same workflow on PR to save resource when commits are pushed quickly
# NOTE: we don't want this behavior on default branch
# See https://stackoverflow.com/a/68422069
concurrency:
group: ${{ github.ref == 'refs/heads/master' && format('ci-default-branch-{0}-{1}', github.sha, github.workflow) || format('ci-pr-{0}-{1}', github.ref, github.workflow) }}
cancel-in-progress: true
jobs:
sonar-code-check:
name: Sonar Code Quality Check
# NOTE: we cannot run this action in PR anyway because secrets are not accessible from forks
# See https://portal.productboard.com/sonarsource/1-sonarcloud/c/50-sonarcloud-analyzes-external-pull-request
# See https://community.sonarsource.com/t/github-action-ci-build-fail-with-set-the-sonar-token-env-variable/38997
if: github.repository == 'finos/legend-engine'
# NOTE: larger runner is required to run this build
runs-on: ubuntu-latest-4-cores
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Cache Maven dependencies
uses: actions/cache@v3
env:
cache-name: cache-mvn-deps
with:
path: ~/.m2/repository
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 11
- name: Check Java version
run: java -version
- name: Download deps and plugins
run: mvn de.qaware.maven:go-offline-maven-plugin:resolve-dependencies
- name: Check Code Quality
run: |
mvn -B -e -DskipTests=true install -P sonar