From c162a7c3dd30af0f2683708f7a0854e5e95734be Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:12:51 -0500 Subject: [PATCH 01/16] chore: add coverage report config --- .github/workflows/build.yml | 50 +++++++++++++++++++++++++++++++++++++ sonar-project.properties | 10 ++++++++ 2 files changed, 60 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..6ec8cfaf --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,50 @@ +name: Java CI + +on: + pull_request: + types: [synchronize, opened, reopened] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: '8' + distribution: 'temurin' + + - name: Build with Maven + run: mvn clean install --no-transfer-progress + + sonar-cloud-check: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: '8' + distribution: 'temurin' + + - name: Cache SonarCloud packages + uses: actions/cache@v3 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: Build and analyze with Maven + run: mvn verify sonar:sonar --no-transfer-progress + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 00000000..e07d882d --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,10 @@ +sonar.organization=transbankdevelopers +sonar.projectKey=TransbankDevelopers_transbank-sdk-java +sonar.language=java +sonar.projectVersion=1.0.0 +sonar.sourceEncoding=UTF-8 +sonar.sources=src/main/java +sonar.tests=src/test/java +sonar.java.binaries=target/classes +sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml +sonar.exclusions=**/model/**,**/requests/**,**/responses/** From 94e3d0c946bbcc74b047aa3bc09cdb33f94ce4e7 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:26:26 -0500 Subject: [PATCH 02/16] chore: skip sign artifacts --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6ec8cfaf..523188de 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: distribution: 'temurin' - name: Build with Maven - run: mvn clean install --no-transfer-progress + run: mvn clean install --no-transfer-progress -DskipGpg=true sonar-cloud-check: runs-on: ubuntu-latest @@ -44,7 +44,7 @@ jobs: restore-keys: ${{ runner.os }}-sonar - name: Build and analyze with Maven - run: mvn verify sonar:sonar --no-transfer-progress + run: mvn verify sonar:sonar --no-transfer-progress -DskipGpg=true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From bfb91038a210749698622fa1e47db1691d01dba9 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:34:10 -0500 Subject: [PATCH 03/16] chore: add pass --- .github/workflows/build.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 523188de..5d20ec82 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: distribution: 'temurin' - name: Build with Maven - run: mvn clean install --no-transfer-progress -DskipGpg=true + run: mvn clean install --no-transfer-progress sonar-cloud-check: runs-on: ubuntu-latest @@ -35,6 +35,8 @@ jobs: with: java-version: '8' distribution: 'temurin' + gpg-private-key: ${{ secrets.GPG_SIGNING_KEY }} + gpg-passphrase: ${{ secrets.GPG_SIGNING_KEY_PASSWORD }} - name: Cache SonarCloud packages uses: actions/cache@v3 @@ -44,7 +46,7 @@ jobs: restore-keys: ${{ runner.os }}-sonar - name: Build and analyze with Maven - run: mvn verify sonar:sonar --no-transfer-progress -DskipGpg=true + run: mvn verify sonar:sonar --no-transfer-progress env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} From 97990dba8437d90267689a6695e3bfbf5d189fd3 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:40:22 -0500 Subject: [PATCH 04/16] chore: skip sign --- .github/workflows/build.yml | 6 ++---- pom.xml | 23 +++++++++++++++++++++++ 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5d20ec82..7709907f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: distribution: 'temurin' - name: Build with Maven - run: mvn clean install --no-transfer-progress + run: mvn clean install -P no-gpg --no-transfer-progress sonar-cloud-check: runs-on: ubuntu-latest @@ -35,8 +35,6 @@ jobs: with: java-version: '8' distribution: 'temurin' - gpg-private-key: ${{ secrets.GPG_SIGNING_KEY }} - gpg-passphrase: ${{ secrets.GPG_SIGNING_KEY_PASSWORD }} - name: Cache SonarCloud packages uses: actions/cache@v3 @@ -46,7 +44,7 @@ jobs: restore-keys: ${{ runner.os }}-sonar - name: Build and analyze with Maven - run: mvn verify sonar:sonar --no-transfer-progress + run: mvn verify sonar:sonar -P no-gpg --no-transfer-progress env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/pom.xml b/pom.xml index 12889f15..44e31df3 100644 --- a/pom.xml +++ b/pom.xml @@ -267,6 +267,29 @@ + + no-gpg + + + skipGpg + true + + + + + + org.apache.maven.plugins + maven-gpg-plugin + + + sign-artifacts + none + + + + + + release From 1a54454fb62227a13ac22bf49c0fe4d75eb38d9e Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:46:23 -0500 Subject: [PATCH 05/16] chore: update actions --- .github/workflows/build.yml | 4 +- .github/workflows/codeql-analysis.yml | 71 +++++++++++---------------- 2 files changed, 32 insertions(+), 43 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7709907f..9855956a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,7 +14,7 @@ jobs: fetch-depth: 0 - name: Set up JDK 8 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '8' distribution: 'temurin' @@ -31,7 +31,7 @@ jobs: fetch-depth: 0 - name: Set up JDK 8 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '8' distribution: 'temurin' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4e07c8dc..496da3fe 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,50 +1,39 @@ -name: "Code scanning - action" +name: CodeQL Analysis + on: push: pull_request: schedule: - - cron: '0 10 1,15 * *' + - cron: '0 10 1,15 * *' # Días 1 y 15 de cada mes a las 10:00 UTC jobs: - CodeQL-Build: - + codeql: + name: Analyze with CodeQL runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write steps: - - name: Checkout repository - uses: actions/checkout@v2 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - # Override language selection by uncommenting this and choosing your languages - # with: - # languages: go, javascript, csharp, python, cpp, java - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹ️ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDK 8 + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: '8' + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: java + + - name: Build the project + run: mvn clean install -DskipTests --no-transfer-progress + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 From 7b5457261e6760eda52e907dab086cdb3c78ba2b Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 12:57:13 -0500 Subject: [PATCH 06/16] chore: update actions --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 496da3fe..88c3f224 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -21,18 +21,18 @@ jobs: with: fetch-depth: 0 - - name: Set up JDK 8 + - name: Set up JDK 11 uses: actions/setup-java@v4 with: distribution: temurin - java-version: '8' + java-version: '11' - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: java - - name: Build the project + - name: Build the project with Maven run: mvn clean install -DskipTests --no-transfer-progress - name: Perform CodeQL Analysis From 58d52ef66844be45991de1abfc475277a12f40d2 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 13:12:16 -0500 Subject: [PATCH 07/16] chore: update java version --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9855956a..de80e329 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,10 +30,10 @@ jobs: with: fetch-depth: 0 - - name: Set up JDK 8 + - name: Set up JDK 11 uses: actions/setup-java@v4 with: - java-version: '8' + java-version: '11' distribution: 'temurin' - name: Cache SonarCloud packages From 091eada6d41ada8c42b19eb7ab902fdd61f57ac7 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 13:15:52 -0500 Subject: [PATCH 08/16] chore: use sonar cloud --- sonar-project.properties | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sonar-project.properties b/sonar-project.properties index e07d882d..9ba3e5cb 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -8,3 +8,5 @@ sonar.tests=src/test/java sonar.java.binaries=target/classes sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml sonar.exclusions=**/model/**,**/requests/**,**/responses/** +sonar.host.url=https://sonarcloud.io +sonar.login=${env.SONAR_TOKEN} \ No newline at end of file From 7d93cce9600e4afcb88f4f5543ff4cce9779a2f2 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 13:23:35 -0500 Subject: [PATCH 09/16] chore: add end line --- sonar-project.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sonar-project.properties b/sonar-project.properties index 9ba3e5cb..510cdb02 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -9,4 +9,4 @@ sonar.java.binaries=target/classes sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml sonar.exclusions=**/model/**,**/requests/**,**/responses/** sonar.host.url=https://sonarcloud.io -sonar.login=${env.SONAR_TOKEN} \ No newline at end of file +sonar.login=${env.SONAR_TOKEN} From 9d76c32aab378074c784237cf9ab8221cf155607 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 14:06:23 -0500 Subject: [PATCH 10/16] chore: add sonar-maven-plugin --- pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pom.xml b/pom.xml index 44e31df3..b75c8928 100644 --- a/pom.xml +++ b/pom.xml @@ -263,6 +263,11 @@ + + org.sonarsource.scanner.maven + sonar-maven-plugin + 3.9.1.2184 + From 07f232020e033f71bb61451226206fd3919c721a Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 14:18:33 -0500 Subject: [PATCH 11/16] chore: update actions --- .github/workflows/build.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index de80e329..385c3594 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,10 +30,10 @@ jobs: with: fetch-depth: 0 - - name: Set up JDK 11 + - name: Set up JDK 8 uses: actions/setup-java@v4 with: - java-version: '11' + java-version: '8' distribution: 'temurin' - name: Cache SonarCloud packages @@ -43,8 +43,10 @@ jobs: key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - - name: Build and analyze with Maven - run: mvn verify sonar:sonar -P no-gpg --no-transfer-progress + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: . env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From bd44327c5643fd526508e0e7d2a099ea35bad911 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 14:32:42 -0500 Subject: [PATCH 12/16] chore: update actions --- .github/workflows/build.yml | 26 ++++++-------------------- sonar-project.properties | 2 -- 2 files changed, 6 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 385c3594..a347766c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,28 +1,11 @@ -name: Java CI +name: Java CI + SonarCloud on: pull_request: types: [synchronize, opened, reopened] jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up JDK 8 - uses: actions/setup-java@v4 - with: - java-version: '8' - distribution: 'temurin' - - - name: Build with Maven - run: mvn clean install -P no-gpg --no-transfer-progress - - sonar-cloud-check: + sonar-cloud: runs-on: ubuntu-latest steps: @@ -43,7 +26,10 @@ jobs: key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - - name: SonarCloud Scan + - name: Build with Maven + run: mvn clean install -P no-gpg --no-transfer-progress + + - name: Run SonarCloud Analysis uses: SonarSource/sonarcloud-github-action@master with: projectBaseDir: . diff --git a/sonar-project.properties b/sonar-project.properties index 510cdb02..e07d882d 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -8,5 +8,3 @@ sonar.tests=src/test/java sonar.java.binaries=target/classes sonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml sonar.exclusions=**/model/**,**/requests/**,**/responses/** -sonar.host.url=https://sonarcloud.io -sonar.login=${env.SONAR_TOKEN} From c333efbf95133e024a6bf97f9a58912dbbc1a06d Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 14:39:37 -0500 Subject: [PATCH 13/16] chore: update actions --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a347766c..ab6808e8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,7 +30,7 @@ jobs: run: mvn clean install -P no-gpg --no-transfer-progress - name: Run SonarCloud Analysis - uses: SonarSource/sonarcloud-github-action@master + uses: SonarSource/sonarqube-scan-action@master with: projectBaseDir: . env: From 134f0c07a9d2654a97c63770f369dc47092a9c3c Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 14:50:44 -0500 Subject: [PATCH 14/16] chore: update jacoco --- pom.xml | 37 ++++++------------------------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/pom.xml b/pom.xml index b75c8928..d087179c 100644 --- a/pom.xml +++ b/pom.xml @@ -221,53 +221,28 @@ - + org.jacoco jacoco-maven-plugin - 0.8.2 + 0.8.11 + prepare-agent prepare-agent jacoco-report - test + verify report - - - jacoco-check - - check - - - - - PACKAGE - - - LINE - COVEREDRATIO - 0.0 - - - - - - - - - org.sonarsource.scanner.maven - sonar-maven-plugin - 3.9.1.2184 - + @@ -288,7 +263,7 @@ sign-artifacts - none + none From a6e8c424529c2662e7b95377469f2bc875b075f0 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 15:11:13 -0500 Subject: [PATCH 15/16] chore: delete codeql --- .github/workflows/codeql-analysis.yml | 39 --------------------------- 1 file changed, 39 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 88c3f224..00000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: CodeQL Analysis - -on: - push: - pull_request: - schedule: - - cron: '0 10 1,15 * *' # Días 1 y 15 de cada mes a las 10:00 UTC - -jobs: - codeql: - name: Analyze with CodeQL - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up JDK 11 - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: '11' - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: java - - - name: Build the project with Maven - run: mvn clean install -DskipTests --no-transfer-progress - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 From 037d0aca93c87f2cb3b048645b4007b88afcac07 Mon Sep 17 00:00:00 2001 From: mvarlic Date: Tue, 24 Jun 2025 15:26:09 -0500 Subject: [PATCH 16/16] chore: update trigger --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ab6808e8..ee995b88 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,11 @@ name: Java CI + SonarCloud on: + push: + branches: + - main + - master + - develop pull_request: types: [synchronize, opened, reopened]