GitHub Actions setup for maven and ts

SonarCloud
1

So I am pretty new to CI and was wondering if I could please get some help with the script I need to run an analysis on SonarCloud.

  • ALM used GitHub
  • CI system used GitHub actions
  • Languages are Java and TypeScript

I have two projects on sonar cloud to analyse my code:

  • The first is to run the maven build which works but I get a 0.0% coverage so I am not sure if it is running my unit tests or not.
name: SonarCloud Backend
on:
  push:
    branches: [ master, development ]
  pull_request:
    types: [opened, synchronize, reopened]
jobs:
  build:
    name: SonarCloud Build & Test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 11
      - name: Cache SonarCloud packages
        uses: actions/cache@v1
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Cache Maven packages
        uses: actions/cache@v1
        with:
          path: ~/.m2
          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
          restore-keys: ${{ runner.os }}-m2
      - name: Build and analyze SonarCloud
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        run: |
          cd backend
          mvn --batch-mode --update-snapshots verify -B verify sonar:sonar -Dsonar.projectKey=<proj_key> -Dsonar.organization=<org_key> -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONARCLOUD_TOKEN -Dsonar.tests=src/test/java/tech/app/name
  • The second to run the typescript which should be done through Automatic Analysis which it does not seem to find the code as no analysis is done.
name: SonarCloud Frontend
on:
  push:
    branches: [ master, development ]
  pull_request:
      types: [opened, synchronize, reopened]
jobs:
  sonarcloud:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
      with:
        fetch-depth: 0
    - name: SonarCloud Frontend Scan
      uses: sonarsource/sonarcloud-github-action@master
      env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      with:
        projectBaseDir: frontend
        args: >
          -Dsonar.login=${{ secrets.SONAR_TOKEN }}
          -Dsonar.organization=<org_key>
          -Dsonar.projectKey=<proj_key>
          -Dsonar.language=typescript
          -Dsonar.tests=src/test.ts

Both run the same code as after some research it seems as if you can’t analyse both ts and java in the same project. If someone can help me or offer some sort of documentation I would be appreciative as I have spent hours trying to google the issue.

5

Alright I see multiple issues, and some confusion, let’s crack them one by one.

Test coverage from a Maven build

The verify goal of Maven implies the execution of test, by Maven, so it does look like tests are executed. However, that’s just a small part of seeing coverage data. You also need to:

  • configure your build to actually produce a coverage report
  • configure your SonarCloud analysis so it can find and import the coverage reports

We have a dedicated guide to help you with the above steps. That should resolve this.

Using Automatic Analysis

You wrote that:

I think there’s a confusion here. Automatic Analysis is not compatible with GitHub Actions. You use one or the other, not both together.

When you import your project on SonarCloud, we try to detect if it’s eligible for Automatic Analysis (eligible = most of the code is non-compiled languages). If the answer is yes, we activate Automatic Analysis. You can also force the activation manually. When Automatic Analysis is active, the project will be scanned automatically on every commit (ignoring compiled code, for now), no CI setup (GitHub Action) is needed, in fact any analyses coming from CI builds would be rejected while Automatic Analysis is active.

In any case, since it seems you want to run multiple analyses for different parts of the same repo (Java ↔ TS), I think Automatic Analysis is not a good fit for you, see the next section.

Running multiple analyses for different parts of the same repo

This is what we call a “monorepo setup”. This announcement describes the feature, with a link to the documentation which I hope will help.