From a8d657e875bdd429877215e609750911241ce2cb Mon Sep 17 00:00:00 2001 From: Anthony Brown Date: Tue, 27 Jan 2026 13:59:29 +0000 Subject: [PATCH 1/4] clear mavan cache for corrupted file --- .github/workflows/quality-checks.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index be54304..9664a2f 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -328,7 +328,9 @@ jobs: - name: Run SonarQube analysis if: ${{ steps.check_languages.outputs.uses_java == 'true' && env.SONAR_TOKEN_EXISTS == 'true' }} - run: mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} + run: | + rm -rf ~/.m2 + mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 From 54345b57d5eeff6e4588197d37dbb2f790ba1258 Mon Sep 17 00:00:00 2001 From: Anthony Brown Date: Tue, 27 Jan 2026 14:39:34 +0000 Subject: [PATCH 2/4] just delete sslcontext --- .github/workflows/quality-checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 9664a2f..c3f74a3 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -329,8 +329,8 @@ jobs: - name: Run SonarQube analysis if: ${{ steps.check_languages.outputs.uses_java == 'true' && env.SONAR_TOKEN_EXISTS == 'true' }} run: | - rm -rf ~/.m2 - mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} + rm -rf ~/.m2/repository/io/github/hakky54/sslcontext-kickstart/9.1.0 + mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 From db4b3dd3c9f903cb632ab0e7ba01d3e9abc018d7 Mon Sep 17 00:00:00 2001 From: Anthony Brown Date: Tue, 27 Jan 2026 14:51:07 +0000 Subject: [PATCH 3/4] force download of sslcontext --- .github/workflows/quality-checks.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index c3f74a3..71ed9da 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -329,8 +329,11 @@ jobs: - name: Run SonarQube analysis if: ${{ steps.check_languages.outputs.uses_java == 'true' && env.SONAR_TOKEN_EXISTS == 'true' }} run: | + mvn clean + mvn initialize rm -rf ~/.m2/repository/io/github/hakky54/sslcontext-kickstart/9.1.0 - mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} + mvn dependency:get -U -Dartifact=io.github.hakky54:sslcontext-kickstart:9.1.0 + mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 From a0e12fa92d5f284dbfb0bf0cad41a7daef59e082 Mon Sep 17 00:00:00 2001 From: Anthony Brown Date: Tue, 27 Jan 2026 15:35:54 +0000 Subject: [PATCH 4/4] add some comments --- .gitallowed | 1 + .github/workflows/quality-checks.yml | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.gitallowed b/.gitallowed index 108768f..c9efd61 100644 --- a/.gitallowed +++ b/.gitallowed @@ -5,3 +5,4 @@ password: \${{ secrets\.GITHUB_TOKEN }} def __init__\(self, token: str, owner: str, repo: str.* self\.token = token token = os\.environ\.get\(\"GH_TOKEN\"\) +\-Dsonar\.token=\"\$SONAR_TOKEN\" diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 71ed9da..25a32cc 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -329,11 +329,13 @@ jobs: - name: Run SonarQube analysis if: ${{ steps.check_languages.outputs.uses_java == 'true' && env.SONAR_TOKEN_EXISTS == 'true' }} run: | - mvn clean - mvn initialize + # issues with sonar scanner and sslcontext-kickstart 9.1.0, forcing re-download rm -rf ~/.m2/repository/io/github/hakky54/sslcontext-kickstart/9.1.0 mvn dependency:get -U -Dartifact=io.github.hakky54:sslcontext-kickstart:9.1.0 - mvn sonar:sonar -Dsonar.login=${{ secrets.SONAR_TOKEN }} + # run sonar scan + mvn sonar:sonar -Dsonar.token="$SONAR_TOKEN" + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9