Create separate action to assess code quality (#145)

bakdata · Oct 11, 2023 · 7da4687 · 7da4687
1 parent 5ce31ee
commit 7da4687
Show file tree

Hide file tree

Showing 10 changed files with 368 additions and 182 deletions.
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -11,6 +11,7 @@ The following workflows can be found here:
 - [Python Poetry Release](#python-poetry-release)
 - [Python Poetry Publish PyPI](#python-poetry-publish-pypi)
 - [Python Poetry Publish Snapshot](#python-poetry-publish-snapshot)
+- [Java Gradle Base](#java-gradle-base)
 - [Java Gradle Docker](#java-gradle-docker)
 - [Java Gradle Library](#java-gradle-library)
 - [Java Gradle Plugin](#java-gradle-plugin)
@@ -698,10 +699,9 @@ jobs:
       pypi-token: ${{ secrets.TEST_PYPI_TOKEN }}
 ```
 
-## Java Gradle Docker
+## Java Gradle Base
 
-This workflow will build, test and publish a Java Gradle project including a tarball image. Additionally,
-the workflow creates a GitHub Release when running on a tag branch.
+This workflow will build, test and publish a Java Gradle project.
 
 ### Prerequisites
 
@@ -714,6 +714,75 @@ This workflow is built from multiple composite actions listed below:
 
 - [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build)
 - [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test)
+- [java-gradle-assess-code-quality](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-assess-code-quality)
+
+### Input Parameters
+
+| Name               | Required | Default Value |  Type   | Description                                                                                                   |
+| ------------------ | :------: | :-----------: | :-----: | ------------------------------------------------------------------------------------------------------------- |
+| java-distribution  |    ❌    |   microsoft   | string  | [Java distribution](https://github.com/actions/setup-java#supported-distributions) to be installed            |
+| java-version       |    ❌    |      11       | string  | Java version to be installed                                                                                  |
+| gradle-version     |    ❌    |    wrapper    | string  | [Gradle version](https://github.com/gradle/gradle-build-action#use-a-specific-gradle-version) to be installed |
+| gradle-cache       |    ❌    |     true      | boolean | Whether Gradle caching is enabled or not                                                                      |
+| working-directory  |    ❌    |       .       | string  | Working directory of your Gradle artifacts                                                                    |
+| download-lfs-files |    ❌    |    "false"    | string  | Whether the Git checkout action should resolve LFS files or not                                               |
+
+### Secret Parameters
+
+For Sonarcloud you need to provide a `sonar-token` and a `sonar-organization` to publish code quality results. In case of Sonatype, the action
+requires you to have a `signing-secret-key-ring` (base64 encoded), a `signing-key-id` and a `signing-password` to sign
+your build artifacts.
+
+| Name                    | Required | Description                                                    |
+| ----------------------- | :------: | -------------------------------------------------------------- |
+| signing-key-id          |    ✅    | Key id for signing the Sonatype publication                    |
+| signing-password        |    ✅    | Password for signing the Sonatype publication                  |
+| signing-secret-key-ring |    ✅    | Key ring (base64 encoded) for signing the Sonatype publication |
+| sonar-organization      |    ✅    | Organization for Sonarcloud                                    |
+| sonar-token             |    ✅    | Token for Sonarcloud                                           |
+
+### Calling the workflow
+
+```yaml
+name: Call this reusable workflow
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  call-workflow-passing-data:
+    name: Java Gradle Docker
+    uses: bakdata/ci-templates/.github/workflows/java-gradle-base.yaml@main
+    with:
+      java-distribution: "microsoft" # (Optional) Default is microsoft
+      java-version: "11" # (Optional) Default is 11
+      gradle-version: "wrapper" # (Optional) Default is wrapper
+      gradle-cache: false # (Optional) Default is true
+      working-directory: "." # (Optional) Default is .
+    secrets:
+      sonar-token: ${{ secrets.SONARCLOUD_TOKEN }}
+      sonar-organization: ${{ secrets.SONARCLOUD_ORGANIZATION }}
+      signing-secret-key-ring: ${{ secrets.SIGNING_SECRET_KEY_RING }}
+      signing-key-id: ${{ secrets.SIGNING_KEY_ID }}
+      signing-password: ${{ secrets.SIGNING_PASSWORD }}
+```
+
+## Java Gradle Docker
+
+This workflow will build, test and publish a Java Gradle project including a tarball image. Additionally,
+the workflow creates a GitHub Release when running on a tag branch.
+
+### Prerequisites
+
+Your Java project needs to be set up with Gradle and either needs to contain a `build.gradle` or a `build.gradle.kts`
+file that uses the [Sonar](https://github.com/bakdata/gradle-plugins/tree/master/sonar), [Sonatype](https://github.com/bakdata/gradle-plugins/tree/master/sonatype) and [Jib](https://github.com/GoogleContainerTools/jib/tree/master/jib-gradle-plugin) plugins. Moreover, prepare credentials for Sonarcloud, Sonatype, GitHub and Docker.
+
+### Dependencies
+
+This workflow is built from multiple composite actions and workflows listed below:
+
+- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml)
 - [java-gradle-build-jib](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build-jib)
 - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish)
 - [docker-publish](https://github.com/bakdata/ci-templates/tree/main/actions/docker-publish)
@@ -799,10 +868,9 @@ file that uses the [Sonar](https://github.com/bakdata/gradle-plugins/tree/master
 
 ### Dependencies
 
-This workflow is built from multiple composite actions listed below:
+This workflow is built from multiple composite actions and workflows listed below:
 
-- [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build)
-- [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test)
+- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml)
 - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish)
 - [java-gradle-release-github](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-release-github)
 
@@ -880,10 +948,9 @@ and Gradle Plugin Portal.
 
 ### Dependencies
 
-This workflow is built from multiple composite actions listed below:
+This workflow is built from multiple composite actions and workflows listed below:
 
-- [java-gradle-build](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-build)
-- [java-gradle-test](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-test)
+- [java-gradle-base](https://github.com/bakdata/ci-templates/tree/main/.github/workflows/java-gradle-base.yaml)
 - [java-gradle-publish](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish)
 - [java-gradle-publish-plugin](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-publish-plugin)
 - [java-gradle-release-github](https://github.com/bakdata/ci-templates/tree/main/actions/java-gradle-release-github)

diff --git a/.github/workflows/java-gradle-base.yaml b/.github/workflows/java-gradle-base.yaml
@@ -0,0 +1,101 @@
+name: Java Gradle Base
+# Reusable workflow for building testing and assessing code quality
+
+on:
+  workflow_call:
+    inputs:
+      download-lfs-files:
+        description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)"
+        required: false
+        type: boolean
+        default: false
+      gradle-cache:
+        description: "Whether Gradle caching is enabled or not. (Default is true)"
+        required: false
+        type: boolean
+        default: true
+      gradle-version:
+        description: "Gradle version to be installed. (Default is wrapper)"
+        required: false
+        type: string
+        default: "wrapper"
+      java-distribution:
+        description: "Java distribution to be installed. (Default is microsoft)"
+        required: false
+        type: string
+        default: "microsoft"
+      java-version:
+        description: "Java version to be installed. (Default is 11)"
+        required: false
+        type: string
+        default: "11"
+      working-directory:
+        description: "Working directory of your Gradle artifacts. (Default is .)"
+        required: false
+        type: string
+        default: "."
+    secrets:
+      signing-key-id:
+        description: "Key id for signing the Sonatype publication."
+        required: true
+      signing-password:
+        description: "Password for signing the Sonatype publication."
+        required: true
+      signing-secret-key-ring:
+        description: "Key ring (base64 encoded) for signing the Sonatype publication."
+        required: true
+      sonar-organization:
+        description: "Organization for Sonarcloud"
+        required: true
+      sonar-token:
+        description: "Token for Sonarcloud."
+        required: true
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Build
+        uses: bakdata/ci-templates/actions/[email protected]
+        with:
+          java-distribution: ${{ inputs.java-distribution }}
+          java-version: ${{ inputs.java-version }}
+          gradle-version: ${{ inputs.gradle-version }}
+          gradle-cache: ${{ inputs.gradle-cache }}
+          working-directory: ${{ inputs.working-directory }}
+
+  test:
+    name: Test
+    runs-on: ubuntu-22.04
+    needs: build
+    steps:
+      - name: Run unit tests
+        uses: bakdata/ci-templates/actions/[email protected]
+        with:
+          gradle-cache: ${{ inputs.gradle-cache }}
+          gradle-version: ${{ inputs.gradle-version }}
+          java-distribution: ${{ inputs.java-distribution }}
+          java-version: ${{ inputs.java-version }}
+          working-directory: ${{ inputs.working-directory }}
+
+  assess-code-quality:
+    name: Asses code quality
+    runs-on: ubuntu-22.04
+    needs: build
+    steps:
+      - name: Assess code quality
+        uses: bakdata/ci-templates/actions/[email protected]
+        with:
+          download-lfs-files: ${{ inputs.download-lfs-files }}
+          gradle-cache: ${{ inputs.gradle-cache }}
+          gradle-version: ${{ inputs.gradle-version }}
+          java-distribution: ${{ inputs.java-distribution }}
+          java-version: ${{ inputs.java-version }}
+          signing-key-id: ${{ secrets.signing-key-id }}
+          signing-password: ${{ secrets.signing-password }}
+          signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }}
+          sonar-organization: ${{ secrets.sonar-organization }}
+          sonar-token: ${{ secrets.sonar-token }}
+          working-directory: ${{ inputs.working-directory }}
diff --git a/.github/workflows/java-gradle-docker.yaml b/.github/workflows/java-gradle-docker.yaml
@@ -69,44 +69,26 @@ on:
         required: true
 
 jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-22.04
-
-    steps:
-      - name: Build
-        uses: bakdata/ci-templates/actions/[email protected]
-        with:
-          java-distribution: ${{ inputs.java-distribution }}
-          java-version: ${{ inputs.java-version }}
-          gradle-version: ${{ inputs.gradle-version }}
-          gradle-cache: ${{ inputs.gradle-cache }}
-          working-directory: ${{ inputs.working-directory }}
-
-  test:
-    name: Test
-    runs-on: ubuntu-22.04
-    needs: build
+  build-and-test:
+    name: Build, Test and Assess code quality
+    uses: bakdata/ci-templates/.github/workflows/[email protected]
+    with:
+      java-distribution: ${{ inputs.java-distribution }}
+      java-version: ${{ inputs.java-version }}
+      gradle-version: ${{ inputs.gradle-version }}
+      gradle-cache: ${{ inputs.gradle-cache }}
+      working-directory: ${{ inputs.working-directory }}
+    secrets:
+      signing-key-id: ${{ secrets.signing-key-id }}
+      signing-password: ${{ secrets.signing-password }}
+      signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }}
+      sonar-organization: ${{ secrets.sonar-organization }}
+      sonar-token: ${{ secrets.sonar-token }}
 
-    steps:
-      - name: Test
-        uses: bakdata/ci-templates/actions/[email protected]
-        with:
-          sonar-token: ${{ secrets.sonar-token }}
-          sonar-organization: ${{ secrets.sonar-organization }}
-          signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }}
-          signing-key-id: ${{ secrets.signing-key-id }}
-          signing-password: ${{ secrets.signing-password }}
-          java-distribution: ${{ inputs.java-distribution }}
-          java-version: ${{ inputs.java-version }}
-          gradle-version: ${{ inputs.gradle-version }}
-          gradle-cache: ${{ inputs.gradle-cache }}
-          working-directory: ${{ inputs.working-directory }}
-
   build-jib:
     name: Build tarball image
     runs-on: ubuntu-22.04
-    needs: test
+    needs: build-and-test
 
     steps:
       - name: Build tarball image
@@ -155,7 +137,7 @@ jobs:
     name: Create Github release
     if: startsWith(github.ref, 'refs/tags/')
     runs-on: ubuntu-22.04
-    needs: publish
+    needs: [publish, publish-jib-image]
 
     steps:
       - name: Release on Github

diff --git a/.github/workflows/java-gradle-library.yaml b/.github/workflows/java-gradle-library.yaml
@@ -59,44 +59,27 @@ on:
         required: true
 
 jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-22.04
-
-    steps:
-      - name: Build
-        uses: bakdata/ci-templates/actions/[email protected]
-        with:
-          java-distribution: ${{ inputs.java-distribution }}
-          java-version: ${{ inputs.java-version }}
-          gradle-version: ${{ inputs.gradle-version }}
-          gradle-cache: ${{ inputs.gradle-cache }}
-          working-directory: ${{ inputs.working-directory }}
-
-  test:
-    name: Test
-    runs-on: ubuntu-22.04
-    needs: build
+  build-and-test:
+    name: Build, Test and Assess code quality
+    uses: bakdata/ci-templates/.github/workflows/[email protected]
+    with:
+      java-distribution: ${{ inputs.java-distribution }}
+      java-version: ${{ inputs.java-version }}
+      gradle-version: ${{ inputs.gradle-version }}
+      gradle-cache: ${{ inputs.gradle-cache }}
+      working-directory: ${{ inputs.working-directory }}
 
-    steps:
-      - name: Test
-        uses: bakdata/ci-templates/actions/[email protected]
-        with:
-          sonar-token: ${{ secrets.sonar-token }}
-          sonar-organization: ${{ secrets.sonar-organization }}
-          signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }}
-          signing-key-id: ${{ secrets.signing-key-id }}
-          signing-password: ${{ secrets.signing-password }}
-          java-distribution: ${{ inputs.java-distribution }}
-          java-version: ${{ inputs.java-version }}
-          gradle-version: ${{ inputs.gradle-version }}
-          gradle-cache: ${{ inputs.gradle-cache }}
-          working-directory: ${{ inputs.working-directory }}
+    secrets:
+      signing-key-id: ${{ secrets.signing-key-id }}
+      signing-password: ${{ secrets.signing-password }}
+      signing-secret-key-ring: ${{ secrets.signing-secret-key-ring }}
+      sonar-token: ${{ secrets.sonar-token }}
+      sonar-organization: ${{ secrets.sonar-organization }}
 
   publish:
     name: Publish
     runs-on: ubuntu-22.04
-    needs: test
+    needs: build-and-test
 
     steps:
       - name: Publish