这是我的 GitHub 操作工作流程的相关部分:
complete-build-test-analysis:
name: Complete Build, Test, and SonarQube Analysis 🚀
runs-on: self-hosted
needs: [documentation-CI, client-CI, farmer-ci, transport-ci, article-ci]
environment: staging
steps:
- name: Checkout branch 🛎️
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Build Docker images with JIB 🐋
run: mvn -T 2C compile package jib:dockerBuild -e
- name: Create SonarQube Volumes 📁
run: |
docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs
docker volume create staging_test_data
- name: Start Docker Containers 🐳
run: docker-compose -f docker-compose-staging.yml up -d
- name: Wait for SonarQube to be ready
run: |
until $(curl --output /dev/null --silent --head --fail http://localhost:9000); do
printf '.'
sleep 5
done
article-analysis:
name: Article Analysis
runs-on: self-hosted
needs: [ complete-build-test-analysis ]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Compile, Test, and Analyze Article Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./article/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Article_Module \
-Dsonar.projectName="Flowcontrol - Article Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }}
- name: SonarQube Quality Gate Check - Article Module
id: sonarqube-quality-gate-check-article
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./article/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
farmer-analysis:
name: Farmer Analysis
runs-on: self-hosted
needs: [complete-build-test-analysis]
steps:
- name: Compile, Test, and Analyze Farmer Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./farmer/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Farmer_Module \
-Dsonar.projectName="Flowcontrol - Farmer Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Farmer Module
id: sonarqube-quality-gate-check-farmer
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./farmer/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
transport-analysis:
name: Transport Analysis
runs-on: self-hosted
needs: [complete-build-test-analysis]
steps:
- name: Compile, Test, and Analyze Transport Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./transport/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Transport_Module \
-Dsonar.projectName="Flowcontrol - Transport Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Transport Module
id: sonarqube-quality-gate-check-transport
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./transport/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
#
quality-gate-check:
name: Quality Gate Check
runs-on: self-hosted
needs: [article-analysis, farmer-analysis, transport-analysis]
steps:
- name: Write Combined Commit Message
if: |
needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: |
FAILED_MODULES=""
if [ "${{ needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Article Module"
fi
if [ "${{ needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Farmer Module"
fi
if [ "${{ needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Transport Module"
fi
COMMENT_BODY="SonarQube Quality Gate failed for the following modules:$FAILED_MODULES"
curl -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/json" \
-d "{\"body\": \"$COMMENT_BODY\"}" \
"https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}/comments"
- name: Fail workflow if any quality gate failed
if: |
needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: exit 1
更具体地说,我们正在查看代码的分析部分。当它到达该部分时,它给我一个错误,它无法授权使用令牌,而且我知道问题不在令牌中。仅当我尝试将分析运行到多个作业中时才会发生这种情况,但是当我将所有内容运行到单个作业中时,问题就不存在了。这是我将其合并到单个作业中时的代码:
name: Deployment-CI/CD
on:
push:
branches:
- v3.0.0_workflows_single_job
pull_request:
branches:
- "master"
types: [closed]
jobs:
documentation-CI:
name: documentation-CI 📚
uses: ./.github/workflows/documentation.yml
article-ci:
name: Run Article CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./article
farmer-ci:
name: Run Farmer CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./farmer
transport-ci:
name: Run Transport CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./transport
# Run the client CI pipeline
client-CI:
name: client-CI 🚀
uses: ./.github/workflows/clientDev.yml
complete-build-test-analysis:
name: Complete Build, Test, and SonarQube Analysis 🚀
runs-on: self-hosted
needs: [ documentation-CI, client-CI, farmer-ci, transport-ci, article-ci ]
environment: staging
steps:
- name: Checkout branch 🛎️
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Build Docker images with JIB 🐋
run: mvn -T 2C compile package jib:dockerBuild -e
- name: Create SonarQube Volumes 📁
run: |
docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs
docker volume create staging_test_data
- name: Start Docker Containers 🐳
run: docker-compose -f docker-compose-staging.yml up -d
- name: Wait for SonarQube to be ready
run: |
until $(curl --output /dev/null --silent --head --fail http://localhost:9000); do
printf '.'
sleep 5
done
- name: Compile, Test, and Analyze Article Module
run: |
mvn -f ./article/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Article_Module \
-Dsonar.projectName="Flowcontrol - Article Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Article Module
id: sonarqube-quality-gate-check-article
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./article/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Compile, Test, and Analyze Farmer Module
run: |
mvn -f ./farmer/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Farmer_Module \
-Dsonar.projectName="Flowcontrol - Farmer Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Farmer Module
id: sonarqube-quality-gate-check-farmer
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./farmer/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Compile, Test, and Analyze Transport Module
run: |
mvn -f ./transport/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Transport_Module \
-Dsonar.projectName="Flowcontrol - Transport Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Transport Module
id: sonarqube-quality-gate-check-transport
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./transport/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Write Combined Commit Message
if: |
steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: |
FAILED_MODULES=""
if [ "${{ steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Article Module"
fi
if [ "${{ steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Farmer Module"
fi
if [ "${{ steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Transport Module"
fi
COMMENT_BODY="SonarQube Quality Gate failed for the following modules:$FAILED_MODULES"
curl -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/json" \
-d "{\"body\": \"$COMMENT_BODY\"}" \
"https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}/comments"
- name: Fail workflow if any quality gate failed
if: |
steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: exit 1
问题是我应该像这样使用 vars 而不是 env:
${{vars.SONAR_HOST_STAGING_URL}}
而不是:
${{secrets.SONAR_HOST_STAGING_URL}}