Platform/david navapbc/15514/hl7 oml aui fhir mapping #9840
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: SonarCloud | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
paths: | |
- "prime-router/**" | |
- "frontend-react/**" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
env: | |
# These are for CI and not credentials of any system | |
DB_USER: prime | |
DB_PASSWORD: changeIT! | |
jobs: | |
sonarcloud: | |
if: github.actor != 'dependabot[bot]' | |
name: "SonarCloud/CodeQL scan" | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
language: ["java-kotlin"] | |
steps: | |
- name: Increase swapfile | |
run: | | |
sudo swapoff -a | |
sudo fallocate -l 15G /mnt/swapfile | |
sudo chmod 600 /mnt/swapfile | |
sudo mkswap /mnt/swapfile | |
sudo swapon /mnt/swapfile | |
sudo swapon --show | |
- name: "Check out everything" | |
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 | |
with: | |
fetch-depth: 0 | |
- name: Get branch name | |
id: branch-name | |
uses: tj-actions/branch-names@6871f53176ad61624f978536bbf089c574dc19a2 | |
- name: "Get changed files with yaml" | |
id: changed-files-yaml | |
uses: tj-actions/changed-files@48d8f15b2aaa3d255ca5af3eba4870f807ce6b3c | |
with: | |
files_yaml: | | |
frontend: | |
- 'frontend-react/**' | |
backend: | |
- 'prime-router/**' | |
- name: Set up JDK 17 | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 | |
with: | |
java-version: "17" | |
distribution: "temurin" | |
cache: "gradle" | |
- name: Gradle setup | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 | |
- name: Spin up build containers | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
working-directory: prime-router | |
run: docker compose -f docker-compose.postgres.yml up -d | |
- name: Initialize CodeQL | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: ${{ matrix.language }} | |
- name: Build Prime Router Package | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: ./.github/actions/retry | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_wait_seconds: 30 | |
command: ./gradlew -Dorg.gradle.jvmargs="-Xmx6g" :prime-router:package -x fatjar | |
shell: bash | |
- name: Build Submissions Package | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: ./.github/actions/build-submissions | |
- name: Build Auth Package | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: ./.github/actions/build-auth | |
- name: Perform Java CodeQL Analysis | |
if: steps.changed-files-yaml.outputs.backend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: github/codeql-action/analyze@v3 | |
- name: Use Node.js with yarn | |
if: steps.changed-files-yaml.outputs.frontend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 | |
with: | |
node-version-file: "frontend-react/.nvmrc" | |
- name: Yarn | |
if: steps.changed-files-yaml.outputs.frontend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
run: yarn install | |
working-directory: frontend-react | |
- name: Frontend Coverage | |
if: steps.changed-files-yaml.outputs.frontend_any_changed == 'true' || steps.branch-name.outputs.is_default == 'true' | |
uses: ./.github/actions/retry | |
with: | |
timeout_minutes: 30 | |
max_attempts: 2 | |
retry_wait_seconds: 30 | |
command: | | |
cd frontend-react | |
yarn run test:ci | |
shell: bash | |
- name: Run SonarCloud Scan main or full | |
if: ( steps.changed-files-yaml.outputs.frontend_any_changed == 'true' && steps.changed-files-yaml.outputs.backend_any_changed == 'true' ) || steps.branch-name.outputs.is_default == 'true' | |
uses: ./.github/actions/sonarcloud | |
with: | |
scan-level: default | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
sonar-token: ${{ secrets.SONAR_TOKEN }} | |
- name: Run SonarCloud Scan frontened | |
if: steps.changed-files-yaml.outputs.frontend_any_changed == 'true' && steps.changed-files-yaml.outputs.backend_any_changed == 'false' && steps.branch-name.outputs.is_default == 'false' | |
uses: ./.github/actions/sonarcloud | |
with: | |
scan-level: frontend | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
sonar-token: ${{ secrets.SONAR_TOKEN }} | |
- name: Run SonarCloud Scan backend | |
if: steps.changed-files-yaml.outputs.frontend_any_changed == 'false' && steps.changed-files-yaml.outputs.backend_any_changed == 'true' && steps.branch-name.outputs.is_default == 'false' | |
uses: ./.github/actions/sonarcloud | |
with: | |
scan-level: backend | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
sonar-token: ${{ secrets.SONAR_TOKEN }} |