build

Merge pull request #15 from tnaskali/dependabot/maven/org.glassfish.m… #21

	# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
	# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven

	# This workflow uses actions that are not certified by GitHub.
	# They are provided by a third-party and are governed by
	# separate terms of service, privacy policy, and support
	# documentation.

	name: build

	on:
	push:
	branches: [ "master" ]
	pull_request:
	branches: [ "master" ]

	env:
	SONAR_URL: https://sonarcloud.io
	SONAR_PROJECTKEY: ${{ github.repository_owner }}_${{ github.event.repository.name }}
	SONAR_ORGANIZATION: ${{ github.repository_owner }}

	jobs:
	build:

	runs-on: ubuntu-latest

	steps:
	- name: Checkout project
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'temurin'
	cache: maven

	- name: Build with Maven
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
	run: \|
	mvn -B verify sonar:sonar \
	-Dsonar.host.url=${{ env.SONAR_URL }} \
	-Dsonar.projectKey=${{ env.SONAR_PROJECTKEY }} \
	-Dsonar.organization=${{ env.SONAR_ORGANIZATION }} \
	-Dsonar.qualitygate.wait=false

	# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
	- name: Update dependency graph
	uses: advanced-security/maven-dependency-submission-action@v4

Provide feedback