Skip to content

Bump commons-io:commons-io from 2.11.0 to 2.14.0 #540

Bump commons-io:commons-io from 2.11.0 to 2.14.0

Bump commons-io:commons-io from 2.11.0 to 2.14.0 #540

Workflow file for this run

#
# This workflow contains all necessary steps to build, test and release the cxx plugin
#
name: cxx plugin CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
defaults:
run:
# use bash only, makes it easier to write steps for Windows & Linux
shell: bash
jobs:
# -----------------------------------------------------------------------------------------------------------
# Verify SonarQube rule definition files with HTML Tidy
# - Do they contain valid HTML?
# -----------------------------------------------------------------------------------------------------------
verify-rules:
strategy:
matrix:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
# checkout code
#
- name: Checkout repository
uses: actions/checkout@v3
# setup Python
#
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.7'
# setup Tidy
#
- name: Install xmllint
run: |
sudo apt-get update -y
sudo apt-get install -y libxml2-utils
- name: Install HTML Tidy
run: |
wget -nv --timeout=10 https://github.com/htacg/tidy-html5/releases/download/5.8.0/tidy-5.8.0-Linux-64bit.deb
sudo dpkg -i tidy-5.8.0-Linux-64bit.deb
# verify SonarQube rule definition files with HTML Tidy
#
- name: Verify rule files
run: bash ./cxx-sensors/src/tools/check_rules.sh
# -----------------------------------------------------------------------------------------------------------
# Going through the Maven cycles 'validate', 'compile', 'test', 'package' in all combinations to be supported
# The result of 'package' is uploaded as artifact for Ubuntu Linux Java 11 Temurin
# -----------------------------------------------------------------------------------------------------------
build-linux:
strategy:
matrix:
os: [ubuntu-latest]
java: [ '11' ]
distribution: [ 'temurin' ]
runs-on: ${{ matrix.os }}
steps:
# context information
#
- name: Dump GitHub Context
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Dump Matrix Context
env:
MATRIX_CONTEXT: ${{ toJSON(matrix) }}
run: echo "$MATRIX_CONTEXT"
# checkout code
# - to provide complete SCM information to the sonar scanner,
# all historical data for all branches and tags must be retrieved (fetch-depth: 0)
#
- name: Checkout repository
uses: actions/checkout@v3
with:
fetch-depth: 0
# setup Java
#
- name: Set up JDK Java ${{ matrix.java }} | ${{ matrix.distribution }} | ${{ matrix.os }}
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: maven
# read version number from POM
#
- name: get-pom-version
id: pom-version
uses: andreacomo/maven-gav-extractor@v2
# remove -SNAPSHOT from POM version (major.minor.patch-SNAPSHOT)
#
- run: echo "CXX_POM_VERSION=${{ steps.pom-version.outputs.version }}" >> $GITHUB_ENV
- run: echo "CXX_VERSION=${CXX_POM_VERSION%-*}" >> $GITHUB_ENV
# set version number of plugin JAR
# - 'major.minor.patch' and 'build' number from actions run number
#
- name: Sets the current project's version
run: mvn versions:set -DartifactId='cxx' -DnewVersion='${{ env.CXX_VERSION }}.${{ github.run_number }}'
- name: Dump environment variables
run: env
# Build and test with with Maven
# - use phase 'verify' to aggregate coverage results (part of integration-tests)
# - use phase 'install' to resolve dependencies (necessary for sonar-scanner)
#
- name: Build and test with Maven
run: mvn -B -e -V install --file pom.xml
# Update SonarCloud results
# - Secrets are not passed to the runner when a workflow is triggered from a forked repository!
#
- name: Update SonarCloud results
if: github.event_name == 'push'
run: mvn sonar:sonar -B -e -V -Dsonar.organization=sonaropencommunity -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN -Dsonar.python.version=3.8
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# create artifacts from Linux, Java 11 Temurin
#
- name: Collect JAR files
if: matrix.os == 'ubuntu-latest' && matrix.java == '11' && matrix.distribution == 'temurin'
run: |
mkdir staging
cp sonar-cxx-plugin/target/*.jar staging
cp cxx-sslr-toolkit/target/*.jar staging
rm -f staging/original-*.jar
rm -f staging/*-sources.jar
# upload JARs as artifact
#
- name: Packaging workflow data as artifacts
if: hashFiles('staging') != ''
uses: actions/upload-artifact@v3
with:
name: JAR_Files
path: staging
# -----------------------------------------------------------------------------------------------------------
# Going through the Maven cycles 'validate', 'compile', 'test', 'package' in all combinations to be supported
# The result of 'package' is uploaded as artifact for Ubuntu Linux Java 11 Temurin
# -----------------------------------------------------------------------------------------------------------
build-windows:
strategy:
matrix:
os: [windows-latest]
java: [ '11' ]
distribution: [ 'temurin' ]
runs-on: ${{ matrix.os }}
steps:
# context information
#
- name: Dump GitHub Context
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Dump Matrix Context
env:
MATRIX_CONTEXT: ${{ toJSON(matrix) }}
run: echo "$MATRIX_CONTEXT"
# checkout code
#
- name: Checkout repository
uses: actions/checkout@v3
# setup Java
#
- name: Set up JDK Java ${{ matrix.java }} | ${{ matrix.distribution }} | ${{ matrix.os }}
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: maven
# for tests on Windows we need a valid TMP folder
# - necessary for org.junit.rules.TemporaryFolder
#
- name: Adapt TMP folder on Windows OS
run: |
echo "TMP=$USERPROFILE\AppData\Local\Temp" >> $GITHUB_ENV
echo "TEMP=$USERPROFILE\AppData\Local\Temp" >> $GITHUB_ENV
- name: Dump environment variables
run: env
# Build and test with with Maven
# - use phase 'verify' to aggregate coverage results (part of integration-tests)
#
- name: Build and test with with Maven
run: mvn -B -e -V verify --file pom.xml
# -----------------------------------------------------------------------------------------------------------
# test cxx plugin with SonarQube (Linux)
# -----------------------------------------------------------------------------------------------------------
integration-linux:
strategy:
matrix:
os: [ubuntu-latest]
java: [ '11', '17' ]
distribution: [ 'temurin' ]
sonarqube: [ '8.9.10.61524', '9.9.1.69595' ]
sonarscanner: [ '4.8.0.2856' ]
exclude:
- sonarqube: '8.9.10.61524'
java: '17'
- sonarqube: '9.9.1.69595'
java: '11'
runs-on: ${{ matrix.os }}
needs: [build-linux, verify-rules]
steps:
# context information
#
- name: Dump Matrix context
run: echo '${{ toJSON(matrix) }}'
# checkout code
#
- name: Checkout repository
uses: actions/checkout@v3
# setup Java
#
- name: Set up JDK Java ${{ matrix.java }} | ${{ matrix.distribution }} | ${{ matrix.os }}
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: maven
# setup Python
#
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.7'
# cache not working with 2.7?
#cache: 'pip'
- run: pip install -r "$GITHUB_WORKSPACE/integration-tests/requirements.txt"
# target folder
#
- name: Create root folder
run: mkdir test
# Download & install SonarQube
#
#- name: Set up SonarQube (Cache)
# id: sonar-qube
# uses: actions/cache@v3
# with:
# path: test/sonarqube-${{ matrix.sonarqube }}
# key: install-sonarqube-${{ matrix.sonarqube }}-${{ runner.os }}
- name: Set up SonarQube (Download)
#if: steps.sonar-qube.outputs.cache-hit != 'true'
run: |
pushd test
wget -nv --timeout=10 https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${{ matrix.sonarqube }}.zip
unzip -qq sonarqube-${{ matrix.sonarqube }}.zip
popd
# Download & install SonarScanner
#
#- name: Set up SonarScanner (Cache)
# id: sonar-scanner
# uses: actions/cache@v3
# with:
# path: test/sonar-scanner-${{ matrix.sonarscanner }}
# key: install-sonar-scanner-cli-${{ matrix.sonarscanner }}-${{ runner.os }}
- name: Set up SonarScanner (Download)
#if: steps.sonar-scanner.outputs.cache-hit != 'true'
run: |
pushd test
wget -nv --timeout=10 https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ matrix.sonarscanner }}.zip
unzip -qq sonar-scanner-cli-${{ matrix.sonarscanner }}.zip
popd
# download & install cxx plugin
# - copy it to target folder, behave script expect it there
#
- name: Download cxx plugin
uses: actions/download-artifact@v3
with:
name: JAR_Files
- name: restore cxx plugin
run: |
mkdir -p $GITHUB_WORKSPACE/sonar-cxx-plugin/target
cp sonar-cxx-plugin*.jar $GITHUB_WORKSPACE/sonar-cxx-plugin/target
# setup test environment
# - for the tests it is important that path seperator are correct for the OS
#
- name: Set test environment (Linux)
run: |
echo "SONAR_JAVA_PATH=$JAVA_HOME/bin/java" >> $GITHUB_ENV
echo "SONARHOME=$GITHUB_WORKSPACE/test/sonarqube-${{ matrix.sonarqube }}" >> $GITHUB_ENV
echo "SONARLOG=$GITHUB_WORKSPACE/test/sonarqube-${{ matrix.sonarqube }}/logs" >> $GITHUB_ENV
echo "$GITHUB_WORKSPACE/test/sonar-scanner-${{ matrix.sonarscanner }}/bin" >> $GITHUB_PATH
echo "TestDataFolder=$GITHUB_WORKSPACE/integration-tests/testdata" >> $GITHUB_ENV
- name: Dump environment variables
run: env
# prepare test data
# - tests with absolute paths must be aligend with CI workspace
#
- name: Prepare test data (Linux)
run: |
find "$TestDataFolder" -name '*.xml' -exec sed -i "s|/home/travis/build/SonarOpenCommunity/sonar-cxx|$GITHUB_WORKSPACE|g" '{}' \;
# run integration tests
# - use OS specific shell to start behave
#
- name: Run integration tests (Linux)
shell: bash
run: behave --no-capture --tags=SqApi79
# collect and upload LOG files
#
- name: Collect LOG files
if: always()
run: cp -v *.log "$SONARLOG"
- name: Upload LOG files as artifact
if: always()
uses: actions/upload-artifact@v3
with:
name: "LOG_sonarqube_${{ matrix.sonarqube }}_java_${{ matrix.java }}_os_${{ matrix.os }}"
path: "${{ env.SONARLOG }}"
# -----------------------------------------------------------------------------------------------------------
# test cxx plugin with SonarQube (Windows)
# -----------------------------------------------------------------------------------------------------------
integration-windows:
strategy:
matrix:
os: [windows-latest]
java: [ '11', '17' ]
distribution: [ 'temurin' ]
sonarqube: [ '8.9.10.61524', '9.9.1.69595' ]
sonarscanner: [ '4.8.0.2856' ]
exclude:
- sonarqube: '8.9.10.61524'
java: '17'
- sonarqube: '9.9.1.69595'
java: '11'
runs-on: ${{ matrix.os }}
# needs build-linux because of JAR artifacts
needs: [build-linux, build-windows, verify-rules]
steps:
# context information
#
- name: Dump Matrix context
run: echo '${{ toJSON(matrix) }}'
# checkout code
#
- name: Checkout repository
uses: actions/checkout@v3
# setup Java
#
- name: Set up JDK Java ${{ matrix.java }} | ${{ matrix.distribution }} | ${{ matrix.os }}
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: ${{ matrix.distribution }}
cache: maven
# setup Python
#
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.7'
# cache not working with 2.7?
#cache: 'pip'
- run: pip install -r "$GITHUB_WORKSPACE/integration-tests/requirements.txt"
# target folder
#
- name: Create root folder
run: mkdir test
# Download & install SonarQube
#
#- name: Set up SonarQube (Cache)
# id: sonar-qube
# uses: actions/cache@v3
# with:
# path: test/sonarqube-${{ matrix.sonarqube }}
# key: install-sonarqube-${{ matrix.sonarqube }}-${{ runner.os }}
- name: Set up SonarQube (Download)
#if: steps.sonar-qube.outputs.cache-hit != 'true'
shell: cmd
run: |
pushd test
C:\msys64\usr\bin\wget.exe -nv --timeout=10 https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-${{ matrix.sonarqube }}.zip
unzip -qq sonarqube-${{ matrix.sonarqube }}.zip
popd
# Download & install SonarScanner
#
#- name: Set up SonarScanner (Cache)
# id: sonar-scanner
# uses: actions/cache@v3
# with:
# path: test/sonar-scanner-${{ matrix.sonarscanner }}
# key: install-sonar-scanner-cli-${{ matrix.sonarscanner }}-${{ runner.os }}
- name: Set up SonarScanner for Windows (Download)
#if: steps.sonar-scanner.outputs.cache-hit != 'true'
shell: cmd
run: |
pushd test
C:\msys64\usr\bin\wget -nv --timeout=10 https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ matrix.sonarscanner }}.zip
unzip -qq sonar-scanner-cli-${{ matrix.sonarscanner }}.zip
popd
# download & install cxx plugin
# - copy it to target folder, behave script expect it there
#
- name: Download cxx plugin
uses: actions/download-artifact@v3
with:
name: JAR_Files
- name: restore cxx plugin
run: |
mkdir -p $GITHUB_WORKSPACE/sonar-cxx-plugin/target
cp sonar-cxx-plugin*.jar $GITHUB_WORKSPACE/sonar-cxx-plugin/target
# setup test environment
# - for the tests it is important that path seperator are correct for the OS
#
- name: Set Up SonarQube environment (Windows)
run: |
echo "SONAR_JAVA_PATH=$JAVA_HOME\bin\java.exe" >> $GITHUB_ENV
echo "SONARHOME=$GITHUB_WORKSPACE\test\sonarqube-${{ matrix.sonarqube }}" >> $GITHUB_ENV
echo "SONARLOG=$GITHUB_WORKSPACE\test\sonarqube-${{ matrix.sonarqube }}\logs" >> $GITHUB_ENV
echo "$GITHUB_WORKSPACE\test\sonar-scanner-${{ matrix.sonarscanner }}\bin" >> $GITHUB_PATH
echo "TestDataFolder=$GITHUB_WORKSPACE\integration-tests\testdata" >> $GITHUB_ENV
echo "TMP=$USERPROFILE\AppData\Local\Temp" >> $GITHUB_ENV
echo "TEMP=$USERPROFILE\AppData\Local\Temp" >> $GITHUB_ENV
- name: Dump environment variables
run: env
# prepare test data
# - tests with absolute paths must be aligend with CI workspace
#
- name: Prepare test data (Windows)
shell: pwsh
run: |
Get-ChildItem "$env:TestDataFolder\*.log" -Recurse | ForEach { (Get-Content $_).Replace('C:\projects\sonar-cxx', "$env:GITHUB_WORKSPACE") | Set-Content $_ }
# run integration tests
# - use OS specific shell to start behave
#
- name: Run integration tests (Windows)
shell: cmd
run: behave --no-capture --tags=SqApi79
# collect and upload LOG files
#
- name: Collect LOG files
if: always()
run: cp -v *.log "$SONARLOG"
- name: Upload LOG files as artifact
if: always()
uses: actions/upload-artifact@v3
with:
name: "LOG_sonarqube_${{ matrix.sonarqube }}_java_${{ matrix.java }}_os_${{ matrix.os }}"
path: "${{ env.SONARLOG }}"
# -----------------------------------------------------------------------------------------------------------
# success
# -----------------------------------------------------------------------------------------------------------
successfully-finished:
strategy:
matrix:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
needs: [integration-windows, integration-linux]
steps:
# download JAR files
#
- name: Download JAR files
if: github.event_name == 'push'
uses: actions/download-artifact@v3
with:
name: JAR_Files
# create pre-release
#
- uses: "marvinpinto/action-automatic-releases@latest"
if: github.event_name == 'push'
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
automatic_release_tag: "latest-snapshot"
prerelease: true
title: "Latest Snapshot"
files: |
./*.jar
- run: echo SUCCESS