build: Github actions based sonar analysis (#2387)

* gh actions based sonar analysis

* trigger build

.circleci/config.yml

@@ -1,54 +0,0 @@
-#
-# The MIT License
-# Copyright © 2014-2021 Ilkka Seppälä
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to deal
-# in the Software without restriction, including without limitation the rights
-# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-# copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-# THE SOFTWARE.
-#
-
-version: 2
-
-jobs:
-  sonar-pr:
-    docker:
-      - image: cimg/openjdk:17.0-node
-    steps:
-    - checkout
-    - restore_cache:
-        key: jdp-sonar-pr-{{ checksum "pom.xml" }}
-    - run: |
-        sudo apt-get update
-        sudo apt-get install -y openjdk-17-jdk xvfb
-        if [ -n "${CIRCLE_PR_NUMBER}" ]; then
-          MAVEN_OPTS="-Xmx3000m" xvfb-run ./mvnw -B clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-             -Dsonar.pullrequest.key=${CIRCLE_PR_NUMBER} \
-             -Dsonar.pullrequest.branch=${CIRCLE_BRANCH} \
-             -Dsonar.pullrequest.base=master
-        else
-          echo "No Sonar PR analysis as this is not a pull request"
-        fi
-    - save_cache:
-        key: jdp-sonar-pr-{{ checksum "pom.xml" }}
-        paths:
-        - ~/.m2
-
-workflows:
-  version: 2
-  all:
-    jobs:
-    - sonar-pr

.github/workflows/maven-ci.yml

@@ -33,7 +33,6 @@ on:
   push:
     branches: [ master ]
 
-
 jobs:
 
   build-and-analyze:

.github/workflows/maven-pr-builder.yml

@@ -32,7 +32,7 @@ on:
     types: [ opened, reopened, synchronize ]
 
 jobs:
-  build:
+  build-and-analyze:
 
     name: Build on JDK 17
     runs-on: ubuntu-20.04
@@ -47,10 +47,22 @@ jobs:
         java-version: '17'
         distribution: 'temurin'
         cache: 'maven'
-    
+
+    # Cache Sonar packages which as used to run analysis and collect metrics
+    - name: Cache SonarCloud packages
+      uses: actions/cache@v3
+      with:
+        path: ~/.sonar/cache
+        key: ${{ runner.os }}-sonar
+        restore-keys: ${{ runner.os }}-sonar
+
     # Some tests need screen access
     - name: Install xvfb
       run: sudo apt-get install -y xvfb
-    
-    - name: Build with Maven
-      run: xvfb-run ./mvnw clean verify
+
+    - name: Build with Maven and run SonarQube analysis
+      run: xvfb-run ./mvnw clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+      env:
+        # These two env variables are needed for sonar analysis
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}