Merge pull request #77 from ADORSYS-GIS/54-setup-sonarqube-for-the-on…

…line-banking-servicee5 setup-sonarqube-for-the-online-banking-service
ADORSYS-GIS · Nov 18, 2024 · c2d47e8 · c2d47e8
2 parents a1e17e8 + 914ce0a
commit c2d47e8
Show file tree

Hide file tree

Showing 7 changed files with 83 additions and 41 deletions.
diff --git a/.github/workflows/develop.yaml b/.github/workflows/develop.yaml
@@ -119,3 +119,47 @@ jobs:
               name: Dependency-Check Report
               path: ${{ github.workspace }}/reports
 
+  Sonarqube:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: 17
+          distribution: 'zulu' # Alternative distribution options are available.
+      - name: Cache SonarQube packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven packages
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Set up Maven settings.xml
+        run: |
+          mkdir -p ~/.m2
+          echo "<settings>
+                  <servers>
+                    <server>
+                      <id>github-webank</id>
+                      <username>${{ github.actor }}</username>
+                      <password>${{ secrets.WEBANK_ACCESS_TOKEN }}</password>
+                    </server>
+                  </servers>
+                </settings>" > ~/.m2/settings.xml
+
+      - name: Build and analyze
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=webank-online-banking -Dsonar.projectName='webank-online-banking'
diff --git a/.../adorsys/webank/obs/Config/WebConfig.java → .../adorsys/webank/obs/Config/WebConfig.java b/.../adorsys/webank/obs/Config/WebConfig.java → .../adorsys/webank/obs/Config/WebConfig.java
diff --git a/...src/test/resources/application.properties → ...src/test/resources/application.properties b/...src/test/resources/application.properties → ...src/test/resources/application.properties
@@ -13,3 +13,4 @@ spring.datasource.password=
 
 # Hibernate DDL auto (update, create-drop, validate, etc.)
 spring.jpa.hibernate.ddl-auto=update
+spring.cloud.compatibility-verifier.enabled=false
diff --git a/...k/obs/resource/mockbank/aspsps-config.yml → ...k/obs/resource/mockbank/aspsps-config.yml b/...k/obs/resource/mockbank/aspsps-config.yml → ...k/obs/resource/mockbank/aspsps-config.yml
diff --git a/.../resource/mockbank/sample_coa_banking.yml → .../resource/mockbank/sample_coa_banking.yml b/.../resource/mockbank/sample_coa_banking.yml → .../resource/mockbank/sample_coa_banking.yml
diff --git a/obs/obs-service-impl/pom.xml b/obs/obs-service-impl/pom.xml
@@ -82,15 +82,4 @@
 
     </dependencies>
 
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>3.3.5</version>
-            </plugin>
-        </plugins>
-    </build>
-
-
 </project>
diff --git a/pom.xml b/pom.xml
@@ -57,7 +57,7 @@
         <org.mapstruct.version>1.5.5.Final</org.mapstruct.version>
         <lombok-mapstruct-binding.version>0.2.0</lombok-mapstruct-binding.version>
         <javatar-commons.version>0.7</javatar-commons.version>
-        <h2database.version>2.2.220</h2database.version>
+        <h2database.version>2.3.232</h2database.version>
         <postgresql.version>42.3.10</postgresql.version>
         <datecalc-common.version>1.4.0</datecalc-common.version>
         <datecalc-jdk8.version>1.4.0</datecalc-jdk8.version>
@@ -95,35 +95,12 @@
         <!--Sonar -->
         <sonar.core.coveragePlugin>jacoco</sonar.core.coveragePlugin>
         <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
-        <sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
-        <sonar.jacoco.reportPath>${project.basedir}/../target/jacoco.exec</sonar.jacoco.reportPath>
+        <sonar.coverage.jacoco.xmlReportPaths>${project.build.directory}/site/jacoco/jacoco.xml</sonar.coverage.jacoco.xmlReportPaths>
         <sonar.language>java</sonar.language>
         <sonar.coverage.exclusions>
-            **/*Entity.java,**/*TO.java,
-            **/*BO.java,**/*PO.java,
-            **/*Application.java,
-            **/*Exception.java,
-            **/*Config*.java,
             **/*.xml,
-            **/ledgers-user-management-service-api/**/*,
-            **/ledgers-sca-service-api/**/*,
-            **/ledgers-postings-service-api/**/*,
-            **/ledgers-middleware-service-api/**/*,
-            **/ledgers-deposit-account-service-api/**/*,
-            **/ledgers-jaxb-api/**/*,
-            **/ledgers-middleware-rest-api/**/*,
-            **/ledgers-security/**/*,
-            **/ledgers-app/**/*,
-            **/ledgers-middleware-rest-server/**/*,
-            **/ledgers-deposit-account-repository/**/*,
-            **/ledgers-postings-repository/**/*,
-            **/ledgers-sca-repository/**/*,
-            **/ledgers-user-management-repository/**/*,
-            **/ledgers-utils/**/*,
-            **/*Provider*.java,
-            **/*Test*.java,
-            **/api/**/*,
-            **/keycloak/client/model/**/*,
+            **/obs-service-api/**/*,
+            **/obs-rest-api/**/*,
             **/*Properties*.java
         </sonar.coverage.exclusions>
         <sonar.moduleName>${project.artifactId}</sonar.moduleName>
@@ -348,6 +325,12 @@
                 <version>${commons-io.version}</version>
             </dependency>
 
+            <dependency>
+                <groupId>org.sonarsource.scanner.maven</groupId>
+                <artifactId>sonar-maven-plugin</artifactId>
+                <version>5.0.0.4389</version>
+            </dependency>
+
             <!-- test dependencies -->
 
             <dependency>
@@ -426,6 +409,31 @@
 
     <build>
         <plugins>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <version>${jacoco-maven-plugin.version}</version>
+                <executions>
+                    <execution>
+                        <id>prepare-agent</id>
+                        <goals>
+                            <goal>prepare-agent</goal>
+                        </goals>
+                    </execution>
+                    <execution>
+                        <id>report</id>
+                        <goals>
+                            <goal>report</goal>
+                        </goals>
+                        <configuration>
+                            <formats>
+                                <format>XML</format>
+                            </formats>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
@@ -437,9 +445,9 @@
                         </goals>
                     </execution>
                 </executions>
-                <configuration>
-                    <failOnCVSS>5</failOnCVSS>
-                </configuration>
+<!--                <configuration>-->
+<!--                    <failBuildOnCVSS>5</failBuildOnCVSS>-->
+<!--                </configuration>-->
             </plugin>
         </plugins>
     </build>