From 43ea7d4f943838323af1927aeb66e19d5f518196 Mon Sep 17 00:00:00 2001
From: itsankit-google <itsankitjain@google.com>
Date: Fri, 21 Jun 2024 10:34:03 +0000
Subject: [PATCH] separate sonar reports and publishing build steps

---
 .github/workflows/build-sonar-report.yml | 76 ++++++++++++++++++++++++
 .github/workflows/build-sonar.yml        | 66 +++-----------------
 2 files changed, 83 insertions(+), 59 deletions(-)
 create mode 100644 .github/workflows/build-sonar-report.yml

diff --git a/.github/workflows/build-sonar-report.yml b/.github/workflows/build-sonar-report.yml
new file mode 100644
index 000000000000..e97a26bff64d
--- /dev/null
+++ b/.github/workflows/build-sonar-report.yml
@@ -0,0 +1,76 @@
+# Copyright © 2024 Cask Data, Inc.
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may not
+#  use this file except in compliance with the License. You may obtain a copy of
+#  the License at
+#  http://www.apache.org/licenses/LICENSE-2.0
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#  License for the specific language governing permissions and limitations under
+#  the License.
+
+# This workflow will build a Java project with Maven
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
+# Note: Any changes to this workflow would be used only after merging into develop
+name: Build Sonar Report
+
+on:
+  workflow_run:
+    workflows:
+    - Build with test coverage for Sonar
+    types:
+    - completed
+
+jobs:
+  build:
+    runs-on: k8s-runner-build
+
+    steps:
+     - name: Cache SonarCloud packages
+       uses: actions/cache@v3
+       with:
+        path: ~/.sonar/cache
+        key: ${{ runner.os }}-sonar
+        restore-keys: ${{ runner.os }}-sonar
+
+     - name: Download artifact
+       uses: actions/download-artifact@v2
+       with:
+        name: reports-${{ github.event.workflow_run.id }}
+        path: ./downloaded-artifact
+
+     - name: Validate PR
+       id: validate_pr
+       # For whatever reason we get PR 69 for develop branch with both head and base as develop.
+       if: ${{ github.event.workflow_run.pull_requests[0].head.ref != github.event.workflow_run.pull_requests[0].base.ref }}
+       run: |
+         echo "PR_KEY=${{ github.event.workflow_run.pull_requests[0].number }}"
+         echo "PR_BRANCH=${{ github.event.workflow_run.pull_requests[0].head.ref }}"
+         echo "PR_BASE=${{ github.event.workflow_run.pull_requests[0].base.ref }}"
+
+     - name: Sonar report
+       env:
+         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+         JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
+       run: >-
+         mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -fae -T 2 -B -V
+         -Dmaven.repo.local=$HOME/.m2/repository11
+         -DcloudBuild
+         -Pcoverage,templates
+         -Dmaven.wagon.http.retryHandler.count=3
+         -Dmaven.wagon.httpconnectionManager.ttlSeconds=25
+         -Dsonar.pullrequest.key=$PR_KEY
+         -Dsonar.pullrequest.branch=$PR_BRANCH
+         -Dsonar.pullrequest.base=$PR_BASE
+         -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }}
+
+     - name: Surefire Report
+       # Pinned 3.5.2 version
+       uses: mikepenz/action-junit-report@16a9560bd02f11e7e3bf6b3e2ef6bba6c9d07c32
+       if: always()
+       with:
+         report_paths: '**/target/surefire-reports/TEST-*.xml'
+         github_token: ${{ secrets.GITHUB_TOKEN }}
+         detailed_summary: true
+         commit: ${{ github.event.workflow_run.head_sha }}
+         check_name: Sonar Build Test Report
\ No newline at end of file
diff --git a/.github/workflows/build-sonar.yml b/.github/workflows/build-sonar.yml
index 01ca7bd43d31..c4766e3221f8 100644
--- a/.github/workflows/build-sonar.yml
+++ b/.github/workflows/build-sonar.yml
@@ -12,27 +12,22 @@
 # This workflow will build a Java project with Maven
 # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
 # Note: Any changes to this workflow would be used only after merging into develop
-name: Build with test coverage and Sonar
+name: Build with test coverage for Sonar
 
 on:
-  workflow_run:
-    workflows:
-      - Trigger build
-    types:
-      - completed
+  push:
+    branches: [ develop, release/** ]
+  pull_request:
+    branches: [ develop, release/** ]
+    types: [opened, synchronize, reopened, labeled]
 
 jobs:
   build:
     runs-on: k8s-runner-build
 
-    if: ${{ github.event.workflow_run.conclusion != 'skipped' }}
-
     steps:
-      # Pinned 1.0.0 version
-      - uses: marocchino/action-workflow_run-status@54b6e87d6cb552fc5f36dbe9a722a6048725917a
       - uses: actions/checkout@v3
         with:
-          ref: ${{ github.event.workflow_run.head_sha }}
           submodules: recursive
       - name: Cache
         uses: actions/cache@v3
@@ -41,12 +36,6 @@ jobs:
           key: ${{ runner.os }}-maven-${{ github.workflow }}-${{ hashFiles('**/pom.xml') }}
           restore-keys: |
             ${{ runner.os }}-maven-${{ github.workflow }}
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
       - name: Build with Maven
         run: >-
           mvn clean verify -fae -T 2 -B -V -Dmaven.test.failure.ignore
@@ -59,48 +48,7 @@ jobs:
         uses: actions/upload-artifact@v2.2.2
         if: always()
         with:
-          name: Build debug files
+          name: reports-${{ github.run_id }}
           path: |
             **/target/rat.txt
             **/target/surefire-reports/*
-      - name: Validate PR
-        id: validate_pr
-        # For whatever reason we get PR 69 for develop branch with both head and base as develop.
-        if: ${{ github.event.workflow_run.pull_requests[0].head.ref != github.event.workflow_run.pull_requests[0].base.ref }}
-        run: |
-          echo ":set-output pr-key=${{ github.event.workflow_run.pull_requests[0].number }}"
-          echo ":set-output pr-branch=${{ github.event.workflow_run.pull_requests[0].head.ref }}"
-          echo ":set-output pr-base=${{ github.event.workflow_run.pull_requests[0].base.ref }}"
-      - name: Sonar report
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
-        run: >-
-          mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -fae -T 2 -B -V
-          -Dmaven.repo.local=$HOME/.m2/repository11
-          -DcloudBuild
-          -Pcoverage,templates
-          -Dmaven.wagon.http.retryHandler.count=3
-          -Dmaven.wagon.httpconnectionManager.ttlSeconds=25
-          -Dsonar.pullrequest.key=${{ steps.validate_pr.outputs.pr-key }}
-          -Dsonar.pullrequest.branch=${{ steps.validate_pr.outputs.pr-branch }}
-          -Dsonar.pullrequest.base=${{ steps.validate_pr.outputs.pr-base }}
-          -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }}
-      - name: Archive build artifacts
-        uses: actions/upload-artifact@v3
-        if: always()
-        with:
-          name: Build debug files
-          path: |
-            **/target/rat.txt
-            **/target/surefire-reports/*
-      - name: Surefire Report
-        # Pinned 3.5.2 version
-        uses: mikepenz/action-junit-report@16a9560bd02f11e7e3bf6b3e2ef6bba6c9d07c32
-        if: always()
-        with:
-          report_paths: '**/target/surefire-reports/TEST-*.xml'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          detailed_summary: true
-          commit: ${{ github.event.workflow_run.head_sha }}
-          check_name: Sonar Build Test Report