Add sonar analyzing and remove codecov

.github/workflows/build_deploy.yml

@@ -8,23 +8,43 @@ on:
       - '*' # Trigger on all tags
   pull_request: { }
 
+env:
+  SONARQUBE_PROJECT: patrickfav_bytes-java
+
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout Code
         uses: actions/checkout@v3
-      - name: Set up JDK 8
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v3
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven
+        id: cache-primes
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Set up JDK 11
         uses: actions/setup-java@v3
         with:
-          java-version: '8'
-          distribution: 'adopt'
-          cache: 'maven'
+          java-version: '11'
+          distribution: 'temurin'
       - name: Build with Maven
-        run: ./mvnw -B clean package checkstyle:checkstyle jacoco:report -DcommonConfig.jarSign.skip=true
-      - name: Upload coverage reports to CodeCov
-        uses: codecov/codecov-action@v3
+        run: ./mvnw -B clean verify checkstyle:checkstyle jacoco:report -DcommonConfig.jarSign.skip=true
+      - name: Analyze with SonaQube
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=$SONARQUBE_PROJECT
 
   deploy:
     needs: build
@@ -38,12 +58,18 @@ jobs:
           KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }}
         run: |
           echo $KEYSTORE_BASE64 | base64 --decode > keystore.jks
+      - name: Cache Maven
+        id: cache-primes
+        uses: actions/cache@v3
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
       - name: Set up Maven Central Repository
         uses: actions/setup-java@v3
         with:
-          java-version: '8'
-          distribution: 'adopt'
-          cache: 'maven'
+          java-version: '11'
+          distribution: 'temurin'
           server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
           server-username: MAVEN_USERNAME # env variable for username in deploy
           server-password: MAVEN_PASSWORD # env variable for token in deploy

.mvn/maven.config

@@ -1 +1 @@
--DcommonConfig.compiler.profile=jdk7_w_errorprone
+-DcommonConfig.compiler.profile=jdk7

README.md

@@ -30,10 +30,11 @@ to blindly paste code snippets from
 [![Maven Central](https://img.shields.io/maven-central/v/at.favre.lib/bytes)](https://mvnrepository.com/artifact/at.favre.lib/bytes)
 [![Github Actions](https://github.com/patrickfav/bytes-java/actions/workflows/build_deploy.yml/badge.svg)](https://github.com/patrickfav/bytes-java/actions)
 [![Javadocs](https://www.javadoc.io/badge/at.favre.lib/bytes.svg)](https://www.javadoc.io/doc/at.favre.lib/bytes)
-[![codecov](https://codecov.io/gh/patrickfav/bytes-java/branch/master/graph/badge.svg?token=YiSRwBApvz)](https://codecov.io/gh/patrickfav/bytes-java)
-[![Maintainability](https://api.codeclimate.com/v1/badges/43b7770f0ee00b85f92a/maintainability)](https://codeclimate.com/github/patrickfav/bytes-java/maintainability)
+[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=patrickfav_bytes-java&metric=coverage)](https://sonarcloud.io/summary/new_code?id=patrickfav_bytes-java)
+[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=patrickfav_bytes-java&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=patrickfav_bytes-java)
+[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=patrickfav_bytes-java&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=patrickfav_bytes-java)
 
-It's main features include:
+Its main features include:
 
 * **Creation** from a wide variety of sources: multiple arrays, integers, [streams](https://docs.oracle.com/javase/7/docs/api/java/io/InputStream.html), random, strings, files, uuid, ...
 * **Transformation** with many built-in: append, [xor](https://en.wikipedia.org/wiki/Exclusive_or), [and](https://en.wikipedia.org/wiki/Logical_conjunction), [hash](https://en.wikipedia.org/wiki/Cryptographic_hash_function), [shifts](https://en.wikipedia.org/wiki/Bitwise_operation#Bit_shifts), shuffle, reverse, [checksum](https://en.wikipedia.org/wiki/Checksum), ...
@@ -699,8 +700,8 @@ the plugin versions as well as providing the checkstyle config rules. Specifical
 
 ## Tech Stack
 
-* Java 7 (+ [errorprone](https://github.com/google/error-prone) static analyzer)
-* Maven
+* Java 7 Source, JDK 11 required to build (not yet JDK17 compatible)
+* Maven 3
 
 # Credits
 

pom.xml

@@ -7,7 +7,7 @@
     <parent>
         <groupId>at.favre.lib</groupId>
         <artifactId>common-parent</artifactId>
-        <version>18</version>
+        <version>18.1</version>
     </parent>
 
     <artifactId>bytes</artifactId>
@@ -24,6 +24,12 @@
 
     <properties>
         <commonConfig.jarSign.skip>false</commonConfig.jarSign.skip>
+        <!-- SonarQube Config -->
+        <sonar.organization>patrickfav</sonar.organization>
+        <sonar.host.url>https://sonarcloud.io</sonar.host.url>
+        <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
+        <sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
+        <sonar.language>java</sonar.language>
     </properties>
 
     <build>
@@ -35,7 +41,7 @@
             <plugin>
                 <groupId>org.apache.felix</groupId>
                 <artifactId>maven-bundle-plugin</artifactId>
-                <version>4.2.0</version>
+                <version>5.1.8</version>
                 <extensions>true</extensions>
             </plugin>
             <plugin>
@@ -65,10 +71,6 @@
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
             </plugin>
-            <plugin>
-                <groupId>com.github.wvengen</groupId>
-                <artifactId>proguard-maven-plugin</artifactId>
-            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jarsigner-plugin</artifactId>