From a0245701a0fdbd003c9c414862e47a1602036901 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 16:56:54 +0530 Subject: [PATCH 01/13] Update SonarCloud project key and organization --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3962e45..a6bb2de 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -40,7 +40,7 @@ jobs: - name: build java code run: mvn clean package - name: Code Coverage using sonarcloud - run: mvn -B verify sonar:sonar -Dsonar.projectKey=sonar-demo-org-nov-2025_sonar-demo-org-nov-2025-project -Dsonar.organization=sonar-demo-org-nov-2025 -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=$SONAR_TOKEN + run: mvn -B verify sonar:sonar -Dsonar.projectKey=sonar-qube-org-demo-nov_sonar-demo-org-nov-2025-project -Dsonar.organization=sonar-qube-org-demo-nov -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=$SONAR_TOKEN env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). From aa397840de93df9496d145e425c767e8880fb0f7 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:06:17 +0530 Subject: [PATCH 02/13] Refactor SonarCloud step and add artifact upload Updated environment variable formatting and added artifact upload step. --- .github/workflows/main.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a6bb2de..afd0a45 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -41,8 +41,13 @@ jobs: run: mvn clean package - name: Code Coverage using sonarcloud run: mvn -B verify sonar:sonar -Dsonar.projectKey=sonar-qube-org-demo-nov_sonar-demo-org-nov-2025-project -Dsonar.organization=sonar-qube-org-demo-nov -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=$SONAR_TOKEN - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN}} + - name: Upload artifact to github repo + uses: actions/upload-artifact@v4 # Use the latest version + with: + - name: myjava-build-artifact + path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar From 1172d0eca52422611e27f53439a64b22b9788131 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:07:55 +0530 Subject: [PATCH 03/13] Fix artifact upload path in GitHub Actions workflow --- .github/workflows/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index afd0a45..a5583cd 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -50,4 +50,3 @@ jobs: with: - name: myjava-build-artifact path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar - From ef41b4eafcea7e773f825de20f9da5b138aa9430 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:17:46 +0530 Subject: [PATCH 04/13] Fix indentation in GitHub Actions workflow --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a5583cd..37cf401 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,4 +49,4 @@ jobs: uses: actions/upload-artifact@v4 # Use the latest version with: - name: myjava-build-artifact - path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar + path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar From c42ba14603b543bba4a765390ac52ffb90027561 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:23:53 +0530 Subject: [PATCH 05/13] Update GitHub Actions workflow for Java build --- .github/workflows/main.yml | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 37cf401..ff29d69 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,6 +1,7 @@ -name: build JAVA application -on: # multiple triggers when this workflow can run - workflow_dispatch: # also select which job to run +name: build JAVA with artifact application +on: + push: # multiple triggers when this workflow can run + workflow_dispatch: # also select which job to run inputs: # user to select the jobname job_name: # can be any name like a variable name description: "Select the Job to run" # desciption visible to user @@ -41,12 +42,12 @@ jobs: run: mvn clean package - name: Code Coverage using sonarcloud run: mvn -B verify sonar:sonar -Dsonar.projectKey=sonar-qube-org-demo-nov_sonar-demo-org-nov-2025-project -Dsonar.organization=sonar-qube-org-demo-nov -Dsonar.host.url=https://sonarcloud.io -Dsonar.token=$SONAR_TOKEN - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN}} - name: Upload artifact to github repo - uses: actions/upload-artifact@v4 # Use the latest version - with: - - name: myjava-build-artifact - path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar + uses: actions/upload-artifact@v4 # Use the latest version + with: + name: myjava-build-artifact + path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar From 6adce0932f18faec0ac3073345e3a41c0e34aaee Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:30:55 +0530 Subject: [PATCH 06/13] Remove workflow_dispatch trigger from main.yml --- .github/workflows/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ff29d69..076b049 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,7 +1,6 @@ name: build JAVA with artifact application on: push: # multiple triggers when this workflow can run - workflow_dispatch: # also select which job to run inputs: # user to select the jobname job_name: # can be any name like a variable name description: "Select the Job to run" # desciption visible to user From de11f1f6b6ca60b620f03c1fa2a6d88fef3da023 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:35:04 +0530 Subject: [PATCH 07/13] Rename artifact upload in GitHub Actions workflow --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 076b049..a476e41 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -48,5 +48,5 @@ jobs: - name: Upload artifact to github repo uses: actions/upload-artifact@v4 # Use the latest version with: - name: myjava-build-artifact + name: myjava-sonarqube-build-artifact path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar From 6c77b01b2643fedd27e620fc3ac38cf7105a08fe Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:39:23 +0530 Subject: [PATCH 08/13] Fix artifact upload step name and artifact name --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a476e41..86ea331 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,8 +45,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # GITHUB_TOKEN: Automatically generated token for GitHub API authentication (with limited scope). SONAR_TOKEN: ${{ secrets.SONAR_TOKEN}} - - name: Upload artifact to github repo + - name: upload artifact to github repo uses: actions/upload-artifact@v4 # Use the latest version with: - name: myjava-sonarqube-build-artifact + name: myjava-build-artifact path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar From e21606aff7f82e912e548c19f928018a39b8b5dd Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:41:51 +0530 Subject: [PATCH 09/13] Change trigger from push to workflow_dispatch --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 86ea331..c6d538f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,6 +1,6 @@ name: build JAVA with artifact application on: - push: # multiple triggers when this workflow can run + workflow_dispatch: # multiple triggers when this workflow can run inputs: # user to select the jobname job_name: # can be any name like a variable name description: "Select the Job to run" # desciption visible to user From a616e10ebffe61b9698558d1cf593d9c9f2bca06 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:46:39 +0530 Subject: [PATCH 10/13] Restore job dependency for code coverage Re-enable dependency on job1_build for code coverage. --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c6d538f..e8b4e68 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: run: mvn clean package job2_codeCoverage: if: ${{ github.event.inputs.job_name == 'job2_codeCoverage' }} - #needs: job1_build # creating dependency between 2 jobs. + needs: job1_build # creating dependency between 2 jobs. # first build job will be completed and then code coverage will start runs-on: ubuntu-latest steps: From 108904a3c869cc67ba921af0b36949cceb499f27 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 22:50:58 +0530 Subject: [PATCH 11/13] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e8b4e68..c6d538f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,7 +26,7 @@ jobs: run: mvn clean package job2_codeCoverage: if: ${{ github.event.inputs.job_name == 'job2_codeCoverage' }} - needs: job1_build # creating dependency between 2 jobs. + #needs: job1_build # creating dependency between 2 jobs. # first build job will be completed and then code coverage will start runs-on: ubuntu-latest steps: From e85722fc736b7a6a9338ef66378d88c3ddd4a234 Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Wed, 10 Dec 2025 23:13:12 +0530 Subject: [PATCH 12/13] Update artifact upload path in workflow --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c6d538f..b71c1c8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,4 +49,4 @@ jobs: uses: actions/upload-artifact@v4 # Use the latest version with: name: myjava-build-artifact - path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar + path: dist/ From f9a65a95524a95cac16812b67797c113013696ad Mon Sep 17 00:00:00 2001 From: devops-saibaba Date: Thu, 11 Dec 2025 08:53:50 +0530 Subject: [PATCH 13/13] Update artifact path for upload in workflow --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b71c1c8..c6d538f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,4 +49,4 @@ jobs: uses: actions/upload-artifact@v4 # Use the latest version with: name: myjava-build-artifact - path: dist/ + path: /home/runner/work/SonarQubeCoverageJava/SonarQubeCoverageJava/target/wicket-pwnedpasswords-validator-2.0.1-SNAPSHOT.jar