From 4d2520efbd89668f702aca2464d73d1cb569d8eb Mon Sep 17 00:00:00 2001
From: ariwk <adam.ruberti@sbb.ch>
Date: Tue, 29 Oct 2024 13:10:44 +0100
Subject: [PATCH] ci: add sonar code coverage

---
 .github/workflows/maven-build.yml | 26 +++++++++++++++++---------
 .github/workflows/pr.yml          |  2 +-
 CONTRIBUTING.md                   |  4 ++--
 LICENSES/SBB.txt                  |  1 +
 README.md                         | 11 +++++++++++
 5 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index df76903..1600e73 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -3,6 +3,9 @@ name: maven-build
 on:
   push:
     branches: ['**/**']
+  pull_request:
+    branches: [main]
+    types: [opened, synchronize, reopened, ready_for_review]
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -10,8 +13,9 @@ jobs:
       S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_ACCESS_KEY }}
       S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY: ${{ secrets.S3_SBB_POLARION_MAVEN_REPO_RW_SECRET_ACCESS_KEY }}
       GITHUB_TOKEN: ${{ github.token }}
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
     steps:
-      - name: 📄 Checkout
+      - name: 📄 Checkout the repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4
         with:
           fetch-depth: 0
@@ -21,13 +25,13 @@ jobs:
           distribution: adopt
           java-version: 17
           gpg-private-key: ${{ secrets.COM_SONATYPE_CENTRAL_POLARION_OPENSOURCE_GPG_PRIVATE_KEY }}
-      - name: 📝 Store project version
+      - name: 📝 Get the project version
         id: project_version
         run: echo "project_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT
       - name: 📝 Store cache key
         id: cache_key
         run: echo "cache_key=${{ runner.os }}-mvn-${{ hashFiles('**/pom.xml') }}-${{ github.sha }}" >> $GITHUB_OUTPUT
-      - name: 💾 Prepare Cache
+      - name: 💾 Prepare cache using cache key
         id: prepare-cache
         uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a  # v4
         with:
@@ -35,7 +39,7 @@ jobs:
             /home/runner/.m2
             /home/runner/work
           key: ${{ steps.cache_key.outputs.cache_key }}
-      - name: 🔘 Generate settings.xml
+      - name: 🔘 Generate settings.xml for Maven
         uses: whelk-io/maven-settings-xml-action@9dc09b23833fa9aa7f27b63db287951856f3433d  # v22
         with:
           repositories: >
@@ -75,8 +79,12 @@ jobs:
             ]
       - name: 🔘 Print settings.xml
         run: cat /home/runner/.m2/settings.xml
-      - name: 📦 Build with Maven
-        run: mvn --batch-mode clean package
+      - name: 📦 Build with Maven for Pushes
+        if: github.event_name == 'push'
+        run: mvn --batch-mode clean package sonar:sonar -Dsonar.branch.name=${{ github.head_ref }}
+      - name: 📦 Build with Maven for PRs
+        if: github.event_name == 'pull_request'
+        run: mvn --batch-mode clean package sonar:sonar -Dsonar.pullrequest.base=${{ github.base_ref }} -Dsonar.pullrequest.branch=${{ github.head_ref }} -Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
     outputs:
       project_version: ${{ steps.project_version.outputs.project_version }}
       cache_key: ${{ steps.cache_key.outputs.cache_key }}
@@ -99,7 +107,7 @@ jobs:
         with:
           distribution: adopt
           java-version: 17
-      - name: 💾 Restore Cache
+      - name: 💾 Restore cache using cache key
         id: restore-cache
         uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a  # v4
         with:
@@ -107,8 +115,8 @@ jobs:
             /home/runner/.m2
             /home/runner/work
           key: ${{ needs.build.outputs.cache_key }}
-      - name: 📦 Publish to GitHub Packages
+      - name: 📦 Deploy artifacts to GitHub Packages
         run: mvn --batch-mode -Dmaven.test.skip=true -Dmaven.javadoc.skip=true -Dmaven.source.skip=true deploy -P deploy-github-packages
-      - name: 📦 Upload assets
+      - name: 📦 Upload assets to GitHub Release
         run: |-
           gh release upload v${{ needs.build.outputs.project_version }} **/target/*-${{ needs.build.outputs.project_version }}.jar
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 8fd1c40..841ba18 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -17,7 +17,7 @@ jobs:
           fetch-depth: 0
       - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b  # v5
         with:
-          cache: pip  # caching pip dependencies
+          python-version: 3.x
       - run: pip install commitizen
       - name: Check commit messages
         run: cz check --rev-range origin/${GITHUB_BASE_REF}..
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index f60bc7d..d974bbb 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -79,11 +79,11 @@ Before you submit your Pull Request (PR) consider the following guidelines:
   is necessary because release notes are automatically generated from these messages.
 
      ```shell
-     git commit -a -S
+     git commit -a --gpg-sign
      ```
   Note: The optional commit `-a` command line option will automatically "add" and "rm" edited files.
 
-  Note: The command line option `-S` generates a signed commit, which is required to make a contribution (See [Developer Certificate of Origin](./LICENSES/DCO.txt))
+  Note: The command line option `-S/--gpg-sign` generates a signed commit, which is required to make a contribution (See [Developer Certificate of Origin](./LICENSES/DCO.txt))
 
 * Push your branch to GitHub:
 
diff --git a/LICENSES/SBB.txt b/LICENSES/SBB.txt
index 876a005..f1cdf0a 100644
--- a/LICENSES/SBB.txt
+++ b/LICENSES/SBB.txt
@@ -1,4 +1,5 @@
 Copyright 2024 SBB AG and contributors
+Version 1.0
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
diff --git a/README.md b/README.md
index 48a1073..6531381 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,14 @@
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=bugs)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=code_smells)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=coverage)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Duplicated Lines (%)](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=duplicated_lines_density)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+[![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples&metric=vulnerabilities)](https://sonarcloud.io/summary/new_code?id=SchweizerischeBundesbahnen_ch.sbb.polarion.extension.interceptor.hook-samples)
+
 # Hook samples for Polarion Interceptor Manager extension
 
 This project contains samples of hooks for Polarion [Interceptor Manager extension](https://github.com/SchweizerischeBundesbahnen/ch.sbb.polarion.extension.interceptor-manager).