Search code examples
mavensonarqubegithub-actions

JaCoCo coverage report in sonarqube with github workflow


I am trying to setup sonar pipleline using github workflows. My pom.xml has the below plugin configured in build:

pom.xml

<!-- Dependencies needed for creating SonarQube coverage reports -->
           <plugin>
               <groupId>org.jacoco</groupId>
               <artifactId>jacoco-maven-plugin</artifactId>
               <version>${jacoco.version}</version>
               <executions>
                   <execution>
                       <id>prepare-agent</id>
                       <goals>
                           <goal>prepare-agent</goal>
                       </goals>
                   </execution>
                   <execution>
                       <id>report</id>
                       <goals>
                           <goal>report</goal>
                       </goals>
                   </execution>
               </executions>
           </plugin>

When I do a mvn clean install I can find the jacoco.xml on the path: target/site/jacoco/jacoco.xml

Next I have setup my workflow .yml file under .github/workflows/main.yml

main.yml

    jobs:
      maven-build:
        runs-on: ubuntu-latest
        steps:
          - uses: actions/checkout@v3
          - name: Set up JDK 11
            uses: actions/setup-java@v3
            with:
              java-version: '11'
              distribution: 'temurin'
              cache: maven
          - name: Build with Maven
            run: mvn clean install
      sonar_analysis:
        needs: maven-build
        runs-on: ubuntu-latest
        steps:
          - name: Analyze with SonarCloud         
            uses: SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
            env:
              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information
              SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
            with:
              args:             
                -Dsonar.projectKey=sk-Prices-Tracker
                -Dsonar.organization=sk

The maven-build job does a clean install which generates the jacoco.xml report. Next the sonar_analysis runs after maven-build is run to ensure that the report exists before sonar scanning runs.

On the workflow run log I can see that it is unable to pick up the jacoco.xml report. What am I doing wrong here?

INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=10ms

Solution

  • Jobs are run independently on different (virtual) machines.

    Therefore, if you want to access artefacts from maven-build in sonar_analysis, you need to either use the action upload-artifact or join your two jobs into one like so:

        jobs:
          maven-build:
            runs-on: ubuntu-latest
            steps:
              - uses: actions/checkout@v3
              - name: Set up JDK 11
                uses: actions/setup-java@v3
                with:
                  java-version: '11'
                  distribution: 'temurin'
                  cache: maven
              - name: Build with Maven
                run: mvn clean install
    
              - name: Analyze with SonarCloud         
                uses: SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
                env:
                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information
                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}   # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
                with:
                  args:             
                    -Dsonar.projectKey=sk-Prices-Tracker
                    -Dsonar.organization=sk