feat: create a github-action for this repo

.dockerignore

@@ -1,5 +1,6 @@
 *
 !build/*-runner
+!build/resources/*
 !build/*-runner.jar
 !build/lib/*
-!build/quarkus-app/*
+!build/quarkus-app/*

.github/workflows/build.yml

@@ -86,18 +86,12 @@ jobs:
         with:
           state: open
       - name: Qualityannotate
+        uses: ./
         if: success() && steps.findPr.outputs.number
-        env:
-          # ${{ secrets.TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GITHUB_PULL_REQUEST: ${{ steps.findPr.outputs.pr }}
-          GITHUB_PROJECT: balrok/qualityannotate  # ${{env.GITHUB_ACTION_REPOSITORY}}
-          SONARQUBE_PROJECT: quyt_qualityannotate
-          SONARQUBE_URL: https://sonarcloud.io/
-          SONARQUBE_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONARQUBE_PULL_REQUEST: ${{ steps.findPr.outputs.pr }}
-        run: |
-          chmod +x ./qualityannotate-1.0.0-SNAPSHOT-runner
-          mkdir -p config
-          cp src/main/resources/application.yml config/
-          ./qualityannotate-1.0.0-SNAPSHOT-runner
+        with:
+          pullRequest: ${{ steps.findPr.outputs.pr }}
+          githubToken: ${{ secrets.GITHUB_TOKEN }}
+          githubProject: balrok/qualityannotate  # ${{env.GITHUB_ACTION_REPOSITORY}}
+          sonarqubeProject: quyt_qualityannotate
+          sonarqubeUrl: https://sonarcloud.io/
+          sonarqubeToken: ${{ secrets.SONAR_TOKEN }}

.github/workflows/docker.yml

@@ -57,7 +57,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
       - name: Build and push Docker image

README.md

@@ -9,7 +9,7 @@ The implementation tries to be variable within the two dimensions of:
 
 |           | Bitbucket | Gitlab   | Github   |
 |-----------|-----------|----------|----------|
-| Sonarqube | ❌  | ❌ | ✅  |
+| Sonarqube | ❌  | ❌ | [✅](./docs/github.md)  |
 | ???       | ❌  | ❌ | ❌ |
 
 Since it is a commandline application it can also be integrated in various ci-systems. Please refer to the sample ci

action.yml

@@ -0,0 +1,41 @@
+---
+name: 'Cache'
+description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time'
+author: 'GitHub'
+inputs:
+  pullRequest:
+    description: "Number of the pull request. Use jwalton/gh-find-current-pr@v1"
+    required: true
+  sonarqubeToken:
+    description: "How to create a token:
+      https://docs.sonarsource.com/sonarqube/9.8/user-guide/user-account/generating-and-using-tokens/"
+    required: true
+  sonarqubeProject:
+    description: "Project identifier in sonarqube"
+    required: true
+  sonarqubeUrl:
+    description: "E.g. https://sonarqube.io"
+    required: true
+  githubToken:
+    description: "Give your pipeline the checks:write permission and use secrets.GITHUB_TOKEN"
+    required: true
+  githubProject:
+    description: "e.g. balrok/qualityannotate"
+    required: true
+runs:
+  using: 'docker'
+  image: 'docker://ghcr.io/balrok/qualityannotate:v0'
+  env:
+    GITHUB_TOKEN: ${{ inputs.githubToken }}
+    GITHUB_PULL_REQUEST: ${{ inputs.pullRequest }}
+    GITHUB_PROJECT: ${{ inputs.githubProject }}
+    SONARQUBE_PROJECT: ${{ inputs.sonarqubeProject }}
+    SONARQUBE_URL: ${{ inputs.sonarqubeUrl }}
+    SONARQUBE_TOKEN: ${{ inputs.sonarqubeToken }}
+    SONARQUBE_PULL_REQUEST: ${{ inputs.pullRequest }}
+  args:
+    - sonarqube
+    - github
+branding:
+  icon: 'umbrella'
+  color: 'purple'

docs/github.md

@@ -0,0 +1,39 @@
+# Github integration
+
+To use qualityannotate with github you can copy this into your github actions - right after you scanned via sonarqube.
+
+```yml
+jobs:
+  qualityannotate:
+    needs: build-native
+    permissions:
+      checks: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: jwalton/gh-find-current-pr@v1
+        id: findPr
+        with:
+          state: open
+      - name: Qualityannotate
+        uses: balrok/qualityannotate@v0
+        if: success() && steps.findPr.outputs.number
+        with:
+          pullRequest: ${{ steps.findPr.outputs.pr }}
+          githubToken: ${{ secrets.GITHUB_TOKEN }}
+          githubProject: balrok/qualityannotate  # ${{env.GITHUB_ACTION_REPOSITORY}}
+          sonarqubeProject: quyt_qualityannotate
+          sonarqubeUrl: https://sonarcloud.io/
+          sonarqubeToken: ${{ secrets.SONAR_TOKEN }}
+```
+
+## Checks-Api (Default)
+
+By default the github checks api will be used. It will look like this:
+
+![Image of checks api](./github_checks.png)
+
+## Comments
+
+If `use_checks` is set to false, normal user-comments will be created. It will look like this:
+
+![Image when using comments](./github_comments.png)

src/main/docker/Dockerfile.native

@@ -14,14 +14,12 @@
 # docker run -i --rm -p 8080:8080 quarkus/qualityannotate
 #
 ###
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8
-WORKDIR /work/
-RUN chown 1001 /work \
-    && chmod "g+rwX" /work \
-    && chown 1001:root /work
-COPY --chown=1001:root build/*-runner /work/application
+FROM scratch
+WORKDIR /
+COPY --chown=1001:root build/resources/main/application.yml /config/application.yml
+COPY --chown=1001:root build/*-runner /qualityannotate
 
 EXPOSE 8080
 USER 1001
 
-ENTRYPOINT ["./application", "-Dquarkus.http.host=0.0.0.0"]
+ENTRYPOINT ["/qualityannotate"]

src/main/resources/application.yml

@@ -4,7 +4,8 @@
 sonarqube:
   # base-url for your sonarqube api. E.g. https://mysonar.example.com/
   url: "test"
-  # How to create a token: https://docs.sonarsource.com/sonarqube/9.8/user-guide/user-account/generating-and-using-tokens/
+  # How to create a token:
+  # https://docs.sonarsource.com/sonarqube/9.8/user-guide/user-account/generating-and-using-tokens/
   token: "_"
   # The Project key
   project: "_"
@@ -26,6 +27,8 @@ github:
   project: "test"
   # Pullrequest id
   pull_request: "1"
+  # Should the checks-api be used or comments. Default: true
+  use_checks: true
 
 # you can ignore these
 quarkus: