this is the relevant part of my GitHub actions workflow:
complete-build-test-analysis:
name: Complete Build, Test, and SonarQube Analysis 🚀
runs-on: self-hosted
needs: [documentation-CI, client-CI, farmer-ci, transport-ci, article-ci]
environment: staging
steps:
- name: Checkout branch 🛎️
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Build Docker images with JIB 🐋
run: mvn -T 2C compile package jib:dockerBuild -e
- name: Create SonarQube Volumes 📁
run: |
docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs
docker volume create staging_test_data
- name: Start Docker Containers 🐳
run: docker-compose -f docker-compose-staging.yml up -d
- name: Wait for SonarQube to be ready
run: |
until $(curl --output /dev/null --silent --head --fail http://localhost:9000); do
printf '.'
sleep 5
done
article-analysis:
name: Article Analysis
runs-on: self-hosted
needs: [ complete-build-test-analysis ]
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Compile, Test, and Analyze Article Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./article/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Article_Module \
-Dsonar.projectName="Flowcontrol - Article Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }}
- name: SonarQube Quality Gate Check - Article Module
id: sonarqube-quality-gate-check-article
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./article/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
farmer-analysis:
name: Farmer Analysis
runs-on: self-hosted
needs: [complete-build-test-analysis]
steps:
- name: Compile, Test, and Analyze Farmer Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./farmer/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Farmer_Module \
-Dsonar.projectName="Flowcontrol - Farmer Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Farmer Module
id: sonarqube-quality-gate-check-farmer
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./farmer/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
transport-analysis:
name: Transport Analysis
runs-on: self-hosted
needs: [complete-build-test-analysis]
steps:
- name: Compile, Test, and Analyze Transport Module
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
run: |
mvn -f ./transport/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Transport_Module \
-Dsonar.projectName="Flowcontrol - Transport Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Transport Module
id: sonarqube-quality-gate-check-transport
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./transport/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
#
quality-gate-check:
name: Quality Gate Check
runs-on: self-hosted
needs: [article-analysis, farmer-analysis, transport-analysis]
steps:
- name: Write Combined Commit Message
if: |
needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: |
FAILED_MODULES=""
if [ "${{ needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Article Module"
fi
if [ "${{ needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Farmer Module"
fi
if [ "${{ needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Transport Module"
fi
COMMENT_BODY="SonarQube Quality Gate failed for the following modules:$FAILED_MODULES"
curl -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/json" \
-d "{\"body\": \"$COMMENT_BODY\"}" \
"https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}/comments"
- name: Fail workflow if any quality gate failed
if: |
needs.article-analysis.steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
needs.farmer-analysis.steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
needs.transport-analysis.steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: exit 1
More specifically we are looking at the analyze part of the code. When it gets to that part it gives me an error that it cannot authorize using the token and I know for the fact that the problem is not in the token. This only happens when I try to run the analysis into multiple jobs but when I run everything to a single job the problem is not present. This is the code when I combine it to a single job :
name: Deployment-CI/CD
on:
push:
branches:
- v3.0.0_workflows_single_job
pull_request:
branches:
- "master"
types: [closed]
jobs:
documentation-CI:
name: documentation-CI 📚
uses: ./.github/workflows/documentation.yml
article-ci:
name: Run Article CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./article
farmer-ci:
name: Run Farmer CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./farmer
transport-ci:
name: Run Transport CI pipeline
uses: ./.github/workflows/SJ.yml
with:
java_version: 18
working_directory: ./transport
# Run the client CI pipeline
client-CI:
name: client-CI 🚀
uses: ./.github/workflows/clientDev.yml
complete-build-test-analysis:
name: Complete Build, Test, and SonarQube Analysis 🚀
runs-on: self-hosted
needs: [ documentation-CI, client-CI, farmer-ci, transport-ci, article-ci ]
environment: staging
steps:
- name: Checkout branch 🛎️
uses: actions/checkout@v3
- name: Set up JDK 18 🏗️
uses: actions/setup-java@v3
with:
java-version: 18
distribution: 'temurin'
cache: maven
- name: Build Docker images with JIB 🐋
run: mvn -T 2C compile package jib:dockerBuild -e
- name: Create SonarQube Volumes 📁
run: |
docker volume create sonarqube_data
docker volume create sonarqube_extensions
docker volume create sonarqube_logs
docker volume create staging_test_data
- name: Start Docker Containers 🐳
run: docker-compose -f docker-compose-staging.yml up -d
- name: Wait for SonarQube to be ready
run: |
until $(curl --output /dev/null --silent --head --fail http://localhost:9000); do
printf '.'
sleep 5
done
- name: Compile, Test, and Analyze Article Module
run: |
mvn -f ./article/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Article_Module \
-Dsonar.projectName="Flowcontrol - Article Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Article Module
id: sonarqube-quality-gate-check-article
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./article/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Compile, Test, and Analyze Farmer Module
run: |
mvn -f ./farmer/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Farmer_Module \
-Dsonar.projectName="Flowcontrol - Farmer Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Farmer Module
id: sonarqube-quality-gate-check-farmer
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./farmer/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Compile, Test, and Analyze Transport Module
run: |
mvn -f ./transport/pom.xml clean compile test sonar:sonar \
-Dsonar.projectKey=Flowcontrol_Transport_Module \
-Dsonar.projectName="Flowcontrol - Transport Module" \
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
-Dsonar.login=${{ secrets.SONAR_TOKEN_STAGING }}
- name: SonarQube Quality Gate Check - Transport Module
id: sonarqube-quality-gate-check-transport
uses: sonarsource/sonarqube-quality-gate-action@master
with:
scanMetadataReportFile: ./transport/target/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_STAGING }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
continue-on-error: true
- name: Write Combined Commit Message
if: |
steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: |
FAILED_MODULES=""
if [ "${{ steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Article Module"
fi
if [ "${{ steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Farmer Module"
fi
if [ "${{ steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status }}" == "FAILED" ]; then
FAILED_MODULES="$FAILED_MODULES\n- Transport Module"
fi
COMMENT_BODY="SonarQube Quality Gate failed for the following modules:$FAILED_MODULES"
curl -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/json" \
-d "{\"body\": \"$COMMENT_BODY\"}" \
"https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}/comments"
- name: Fail workflow if any quality gate failed
if: |
steps.sonarqube-quality-gate-check-article.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-farmer.outputs.quality-gate-status == 'FAILED' ||
steps.sonarqube-quality-gate-check-transport.outputs.quality-gate-status == 'FAILED'
run: exit 1
Why doesn't it accept the token when I am trying to run it into multiple jobs?
The problem was that I should use vars instead of env like this:
${{vars.SONAR_HOST_STAGING_URL}}
instead of:
${{env.SONAR_HOST_STAGING_URL}}