diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
new file mode 100644
index 00000000..d5ce251c
--- /dev/null
+++ b/.github/workflows/sonar.yml
@@ -0,0 +1,79 @@
+# This workflow will build a Java project with Maven
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
+
+name: Analyze
+
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+
+jobs:
+ sonar:
+ name: Analyze with Sonar
+ runs-on: ubuntu-latest
+ timeout-minutes: 15
+ steps:
+ - uses: actions/checkout@v3
+ with:
+ # Disabling shallow clone is recommended for improving relevancy of reporting
+ fetch-depth: 0
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ java-version: 17
+ distribution: 'temurin'
+ cache: 'maven'
+ - name: Cache SonarCloud packages
+ uses: actions/cache@v2
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+ - name: Analyze with SonarCloud
+ run: |
+ mvn -Dspotless.apply.skip -Pcoverage -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+ env:
+ # Needed to get some information about the pull request, if any
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ # SonarCloud access token should be generated from https://sonarcloud.io/account/security/
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ - name: Wait for SonarCloud API to update...
+ run: "sleep 10"
+ - name: Upload annotations on PRs
+ if: ${{ github.event_name == 'pull_request' }}
+ uses: actions/github-script@v6
+ with:
+ github-token: ${{ github.token }}
+ script: |
+ const pr = context.payload.pull_request.number;
+ const url = `https://sonarcloud.io/api/issues/search?pullRequest=${pr}&s=FILE_LINE&resolved=false&sinceLeakPeriod=true&ps=100&facets=severities%2Ctypes&componentKeys=onthegomap_planetiler&organization=onthegomap&additionalFields=_all`;
+ console.log("Fetching " + url);
+ const response = await github.request(url);
+ console.log("Got " + JSON.stringify(response.data));
+ response.data.issues.forEach(issue => {
+ try {
+ if (issue.severity === 'INFO') return;
+ const textRange = issue.textRange;
+ const rule = encodeURIComponent(issue.rule);
+ const message = [
+ issue.message,
+ '',
+ `rule: ${issue.rule} (https://sonarcloud.io/organizations/onthegomap/rules?open=${rule}&rule_key=${rule})`,
+ `issue url: https://sonarcloud.io/project/issues?pullRequest=${pr}&open=${encodeURIComponent(issue.key)}&id=onthegomap_planetiler`
+ ].join('\n');
+ const args = {
+ title: `${issue.severity} ${issue.type}`,
+ file: issue.component.replace(/^[^:]*:/, ''),
+ startLine: textRange.startLine,
+ endLine: textRange.endLine,
+ startColumn: textRange.startOffset,
+ endColumn: textRange.endOffset
+ };
+ core.warning(message, args);
+ console.log(args);
+ } catch (e) {
+ core.error(`Unable to parse sonar issue: ${JSON.stringify(issue)}`);
+ }
+ });
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 57e9514c..99916d65 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -35,6 +35,8 @@ easier though.
- [Install IntelliJ IDEA](https://www.jetbrains.com/help/idea/installation-guide.html)
- Install
the [Adapter for Eclipse Code Formatter plugin](https://plugins.jetbrains.com/plugin/6546-adapter-for-eclipse-code-formatter)
+- Install the [SonarLint plugin](https://plugins.jetbrains.com/plugin/7973-sonarlint) (recommended) to see static
+ analysis results while editing code.
- In IntelliJ, click `Open`, navigate to the the `pom.xml` file in the local copy of this repo, and `Open`
then `Open as Project`
- If IntelliJ asks (and you trust the code) then click `Trust Project`
@@ -53,6 +55,8 @@ Troubleshooting:
### Visual Studio Code
- Install the [Extension Pack for Java](https://marketplace.visualstudio.com/items?itemName=vscjava.vscode-java-pack)
+- Install the [SonarLint plugin](https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarlint-vscode)
+ (recommended) to see static analysis results while editing code.
- In VSCode, click `File -> Open` and navigate to Planetiler directory
- If VSCode asks (and you trust the code) then click `Yes I trust the authors`
- To verify everything works correctly, go to the `Testing` tab and click `Run Tests`
@@ -63,6 +67,8 @@ Learn more about using VSCode with Java [here](https://code.visualstudio.com/doc
- In [Eclipse for Java Developers](https://www.eclipse.org/downloads/packages/), click `File -> Import ...`
then `Maven -> Existing Maven Projects`, navigate to Planetiler directory, and click `Finish`
+- Install the [SonarLint plugin](https://marketplace.eclipse.org/content/sonarlint)
+ (recommended) to see static analysis results while editing code.
- Under `Eclipse -> Preferences...`:
- Under `Java -> Code Style -> Formatter` and choose `Import...`
choose [`eclipse-formatter.xml`](eclipse-formatter.xml) from the root of this project. Then choose `Planetiler` as
@@ -76,4 +82,3 @@ Learn more about using VSCode with Java [here](https://code.visualstudio.com/doc
- To verify everything works correctly, right click on `planetiler-core/src/test/java` folder and
click `Run As -> JUnit Test`
-TODO: Set up checkstyle
diff --git a/pom.xml b/pom.xml
index f3372b1c..c35893f6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,6 +22,10 @@
true
2.13.2
5.8.2
+ https://sonarcloud.io
+ onthegomap
+ onthegomap_planetiler
+ ${project.artifactId}
@@ -270,6 +274,16 @@
+
+ org.sonarsource.scanner.maven
+ sonar-maven-plugin
+ 3.9.1.2184
+
+
+ org.jacoco
+ jacoco-maven-plugin
+ 0.8.8
+
@@ -282,6 +296,31 @@
+
+ coverage
+
+
+
+ org.jacoco
+ jacoco-maven-plugin
+
+
+ prepare-agent
+
+ prepare-agent
+
+
+
+ report
+
+ report
+
+
+
+
+
+
+
release
diff --git a/scripts/sonar.sh b/scripts/sonar.sh
new file mode 100755
index 00000000..653e99d5
--- /dev/null
+++ b/scripts/sonar.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+set -eu
+
+mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Pcoverage
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 00000000..de32dff3
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1 @@
+sonar.exclusions=**/VectorTileProto.java