BUILD-10699: test fallback-to-default-branch cache behaviour (v2) #1470
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - branch-* | |
| - dogfood-* | |
| pull_request: | |
| merge_group: | |
| workflow_dispatch: | |
| concurrency: | |
| group: >- | |
| ${{ github.workflow }}- | |
| ${{ github.event.pull_request.base.ref || 'push' }}- | |
| ${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| CACHE_BACKEND: s3 | |
| jobs: | |
| build-number: | |
| outputs: | |
| BUILD_NUMBER: ${{ steps.build-number.outputs.BUILD_NUMBER }} | |
| runs-on: github-ubuntu-latest-m | |
| name: Get build number | |
| permissions: | |
| id-token: write | |
| steps: | |
| - uses: SonarSource/ci-github-actions/get-build-number@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| id: build-number | |
| build: | |
| runs-on: github-ubuntu-latest-m | |
| needs: build-number | |
| name: Build | |
| permissions: | |
| id-token: write | |
| contents: write | |
| env: | |
| BUILD_NUMBER: ${{ needs.build-number.outputs.BUILD_NUMBER }} | |
| outputs: | |
| build_number: ${{ steps.build.outputs.build_number }} | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: jdx/mise-action@c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4 # v4.0.0 | |
| with: | |
| version: 2026.3.9 | |
| - uses: SonarSource/ci-github-actions/build-maven@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| id: build | |
| with: | |
| sonar-platform: none | |
| deploy-pull-request: true | |
| artifactory-reader-role: private-reader | |
| artifactory-deployer-role: qa-deployer | |
| maven-args: -T 1C -P dist-no-arch,dist-windows_x64,dist-linux_x64,dist-linux_aarch64,dist-macosx_x64,dist-macosx_aarch64 -Dmaven.test.skip=true -Dsonar.skip=true | |
| - name: Config Maven (cache setup) | |
| run: | | |
| mvn -B -e -V -Pits dependency:go-offline # populate cache including ITs deps too | |
| test-linux: | |
| needs: [ build-number, build ] | |
| runs-on: github-ubuntu-latest-m | |
| name: Test (Linux, Sonar Next) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| env: | |
| BUILD_NUMBER: ${{ needs.build-number.outputs.BUILD_NUMBER }} | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - uses: jdx/mise-action@c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4 # v4.0.0 | |
| with: | |
| version: 2026.3.9 | |
| - name: Vault | |
| id: secrets | |
| uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 | |
| with: | |
| secrets: | | |
| development/kv/data/next url | NEXT_URL; | |
| development/kv/data/next token | NEXT_TOKEN; | |
| - name: Cache Sonar Scanner artifacts | |
| id: sonar-scanner-cache | |
| uses: SonarSource/gh-action_cache@5f49da54a5f21fe9cc2e461d3a63c215613496ca # BUILD-10699 test: fallback-to-default-branch v2 | |
| with: | |
| path: ~/.sonar/cache | |
| key: sonar-scanner-${{ runner.os }} | |
| - uses: SonarSource/ci-github-actions/config-maven@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| id: config | |
| with: | |
| artifactory-reader-role: private-reader | |
| - name: Run tests | |
| env: | |
| SONAR_HOST_URL: ${{ fromJSON(steps.secrets.outputs.vault).NEXT_URL }} | |
| SONAR_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).NEXT_TOKEN }} | |
| PROJECT_VERSION: ${{ steps.config.outputs.project-version }} | |
| SCANNER_VERSION: 5.1.0.4751 | |
| PULL_REQUEST: ${{ github.event.pull_request.number || '' }} | |
| run: | | |
| mvn -B -Pcoverage -Dcommercial verify | |
| maven_goals=("org.sonarsource.scanner.maven:sonar-maven-plugin:${SCANNER_VERSION}:sonar") | |
| sonar_props=("-Dsonar.host.url=${SONAR_HOST_URL}" "-Dsonar.token=${SONAR_TOKEN}") | |
| sonar_props+=("-Dsonar.projectVersion=${CURRENT_VERSION}") | |
| sonar_props+=("-Dsonar.coverage.jacoco.aggregateXmlReportPaths=${{ github.workspace }}/report-aggregate/target/site/jacoco-aggregate/jacoco.xml") | |
| echo "Maven command: mvn ${maven_goals[*]} ${sonar_props[*]}" | |
| mvn -B "${maven_goals[@]}" "${sonar_props[@]}" | |
| - name: Generate test report on failure | |
| if: failure() | |
| uses: dorny/test-reporter@3d76b34a4535afbd0600d347b09a6ee5deb3ed7f # v2.6.0 | |
| with: | |
| name: QA Linux Test Report | |
| reporter: java-junit | |
| path: '**/target/surefire-reports/TEST-*.xml,**/target/failsafe-reports/*.xml' | |
| list-suites: failed | |
| list-tests: failed | |
| fail-on-empty: false | |
| - name: Upload failure diagnostics | |
| if: failure() | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: linux-test-report | |
| path: | | |
| **/target/surefire-reports/** | |
| **/target/failsafe-reports/** | |
| test-windows: | |
| needs: [ build-number, build ] | |
| runs-on: github-windows-latest-m | |
| name: Test (Windows) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| env: | |
| BUILD_NUMBER: ${{ needs.build-number.outputs.BUILD_NUMBER }} | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: jdx/mise-action@c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4 # v4.0.0 | |
| with: | |
| version: 2026.3.9 | |
| - uses: SonarSource/ci-github-actions/config-maven@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| id: config | |
| with: | |
| artifactory-reader-role: private-reader | |
| - name: Run tests | |
| env: | |
| MAVEN_OPTS: -Xmx4g | |
| PROJECT_VERSION: ${{ steps.config.outputs.project-version }} | |
| run: | | |
| mvn -B -Dcommercial verify | |
| - name: Generate test report on failure | |
| if: failure() | |
| uses: dorny/test-reporter@3d76b34a4535afbd0600d347b09a6ee5deb3ed7f # v2.6.0 | |
| with: | |
| name: QA Windows Test Report | |
| reporter: java-junit | |
| path: '**/target/surefire-reports/TEST-*.xml,**/target/failsafe-reports/*.xml' | |
| list-suites: failed | |
| list-tests: failed | |
| fail-on-empty: false | |
| - name: Upload failure diagnostics | |
| if: failure() | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: windows-test-report | |
| path: | | |
| **/target/surefire-reports/** | |
| **/target/failsafe-reports/** | |
| qa: | |
| needs: [ build-number, build ] | |
| runs-on: github-ubuntu-latest-m | |
| name: QA (${{ matrix.name }}) | |
| permissions: | |
| id-token: write | |
| contents: write | |
| env: | |
| BUILD_NUMBER: ${{ needs.build-number.outputs.BUILD_NUMBER }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - name: SonarCloudEU | |
| sq_version: SonarCloudEU | |
| category: "-Dgroups=SonarCloud" | |
| sc: true | |
| sc_token_path: sonarcloud-it | |
| region: EU | |
| java: 17 | |
| - name: SonarCloudUS | |
| sq_version: SonarCloudUS | |
| category: "-Dgroups=SonarCloud" | |
| sc: true | |
| sc_token_path: sonarcloud-it-US | |
| region: US | |
| java: 17 | |
| - name: SQDogfood | |
| sq_version: DEV | |
| category: "-DexcludedGroups=SonarCloud" | |
| java: 21 | |
| - name: SQLatest | |
| sq_version: LATEST_RELEASE | |
| category: "-DexcludedGroups=SonarCloud" | |
| java: 21 | |
| - name: SQLts99 | |
| sq_version: "LATEST_RELEASE[9.9]" | |
| category: "-DexcludedGroups=SonarCloud" | |
| java: 17 | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: jdx/mise-action@c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4 # v4.0.0 | |
| with: | |
| version: 2026.3.9 | |
| - name: Select Java ${{ matrix.java }} | |
| run: mise use java@${{ matrix.java }} | |
| - name: Compute month key | |
| #Avoid caching for DEV since it is frequently changing | |
| if: ${{ matrix.sc != true && matrix.sq_version != 'DEV' }} | |
| id: month | |
| shell: bash | |
| run: | | |
| THIS_MONTH="$(date +%Y-%m)" | |
| echo "month=${THIS_MONTH}" >> "$GITHUB_OUTPUT" | |
| ORCHESTRATOR_HOME="${GITHUB_WORKSPACE}/orchestrator/${THIS_MONTH}" | |
| echo "ORCHESTRATOR_HOME=${ORCHESTRATOR_HOME}" >> "$GITHUB_ENV" | |
| echo "Create dir ${ORCHESTRATOR_HOME} if needed" | |
| mkdir -p "${ORCHESTRATOR_HOME}" | |
| - uses: SonarSource/gh-action_cache@5f49da54a5f21fe9cc2e461d3a63c215613496ca # BUILD-10699 test: fallback-to-default-branch v2 | |
| if: ${{ matrix.sc != true && matrix.sq_version != 'DEV' }} | |
| with: | |
| path: ${{ github.workspace }}/orchestrator/${{ steps.month.outputs.month }} | |
| key: cache-${{ runner.os }}-${{ steps.month.outputs.month }}-${{ matrix.name }} # Use matrix name to differentiate caches | |
| - name: Vault (SonarCloud IT token) | |
| if: ${{ matrix.sc == true }} | |
| id: secrets-sc | |
| uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 | |
| with: | |
| secrets: | | |
| development/team/sonarlint/kv/data/${{ matrix.sc_token_path }} token | SONARCLOUD_IT_TOKEN; | |
| - name: Vault (GITHUB Token) | |
| id: secrets-gh | |
| uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 | |
| with: | |
| secrets: | | |
| development/github/token/licenses-ro token | GITHUB_TOKEN; | |
| - uses: SonarSource/ci-github-actions/config-maven@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| with: | |
| artifactory-reader-role: private-reader | |
| - name: Run QA | |
| if: ${{ github.event_name == 'pull_request' || github.ref_name == github.event.repository.default_branch || startsWith(github.ref_name, 'branch-') || startsWith(github.ref_name, 'dogfood-on-') }} | |
| env: | |
| MAVEN_OPTS: -Xmx4g | |
| SONARCLOUD_IT_TOKEN: ${{ steps.secrets-sc.outputs.vault && fromJSON(steps.secrets-sc.outputs.vault).SONARCLOUD_IT_TOKEN || '' }} | |
| SONARCLOUD_REGION: ${{ matrix.sc && matrix.region || '' }} | |
| GITHUB_TOKEN: ${{ fromJSON(steps.secrets-gh.outputs.vault).GITHUB_TOKEN }} | |
| SONAR_SEARCH_JAVAADDITIONALOPTS: -XX:-UseContainerSupport | |
| SONAR_WEB_JAVAADDITIONALOPTS: -XX:-UseContainerSupport | |
| SONAR_CE_JAVAADDITIONALOPTS: -XX:-UseContainerSupport | |
| run: | | |
| mvn -f its/pom.xml -Dsonar.runtimeVersion=${{ matrix.sq_version }} ${{ matrix.category }} verify surefire-report:report | |
| - name: Generate QA test report on failure | |
| if: failure() | |
| uses: dorny/test-reporter@3b635e8e7b844df7a28b859c64db3e064e2dfcdb | |
| with: | |
| name: QA ${{ matrix.name }} Test Report | |
| reporter: java-junit | |
| path: '**/target/surefire-reports/TEST-*.xml,**/target/failsafe-reports/*.xml' | |
| list-suites: failed | |
| list-tests: failed | |
| fail-on-empty: false | |
| - name: Upload failure diagnostics | |
| if: failure() | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: qa-test-report ${{ matrix.name }} | |
| path: | | |
| **/target/surefire-reports/** | |
| **/target/failsafe-reports/** | |
| - name: debug | |
| if: failure() | |
| shell: bash | |
| run: | | |
| echo "=== Listing surefire-reports contents ===" | |
| find ./its/tests/target/surefire-reports -type f || true | |
| echo "=== Checking if directory is empty ===" | |
| [ -d ./its/tests/target/surefire-reports ] && ls -la ./its/tests/target/surefire-reports/ || echo "Directory doesn't exist" | |
| - name: Inspect Orchestrator Cache | |
| if: always() | |
| shell: bash | |
| run: | | |
| echo "=== Listing orchestrator cache contents ===" | |
| CACHE_DIR="${{ github.workspace }}/orchestrator/${{ steps.month.outputs.month }}" | |
| if [ -d "${CACHE_DIR}" ]; then | |
| echo "Directory exists: ${CACHE_DIR}" | |
| ls -lah "${CACHE_DIR}" | |
| echo "" | |
| echo "=== Detailed file tree ===" | |
| find "${CACHE_DIR}" -type f -ls || true | |
| else | |
| echo "Directory does not exist: ${CACHE_DIR}" | |
| fi | |
| promote: | |
| needs: [ build-number, build, qa, test-linux, test-windows ] | |
| runs-on: github-ubuntu-latest-s | |
| name: Promote | |
| permissions: | |
| id-token: write | |
| contents: write | |
| env: | |
| BUILD_NUMBER: ${{ needs.build-number.outputs.BUILD_NUMBER }} | |
| steps: | |
| - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 | |
| - uses: SonarSource/ci-github-actions/promote@94416c84682255b8f6e189d54d323d5d41195278 # 1.3.26 | |
| with: | |
| promote-pull-request: true |