extension-kafka icon indicating copy to clipboard operation
extension-kafka copied to clipboard

Published 20 hours ago verified publisher icon AxonFramework

Fix errors in CI/CD pipeline

Open zambrovski opened this issue 4 years ago • 4 comments

Expected behaviour

CI/CD Pipeline deployes snaphosts / releases

Actual behaviour

The pipeline seems to have multiple errors:

There are some issues with calling Sonar (no authorization). Error: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar (default-cli) on project axon-kafka-parent: You're not authorized to run analysis. No sonar.login or SONAR_TOKEN env variable was set -> [Help 1] See: https://github.com/AxonFramework/extension-kafka/runs/3869078032?check_suite_focus=true

Due to incompatibility in a module naming scheme, JavaDoc maven plugin fails to detect the name of the Kafka module. This leads to a build error and prevents pipeline from completing. See: https://github.com/AxonFramework/extension-kafka/runs/3836134591?check_suite_focus=true

zambrovski avatar Oct 12 '21 10:10 zambrovski

The Sonar issue has to do with the fact we can't easily share the token with contributors outside of the AxonIQ organization. I have looked into this shortly, and there's a means to adjust the workflow entirely to (1) keep the tokens secure and (2) usable by others. As you might've guessed, this is an issue on all our open source repositories.

smcvb avatar Oct 15 '21 14:10 smcvb

I'm aware of this problem. Usually the way to go will to split the build into two pipelines. One pipeline without sonar and one for sonar issues... This will give you a chance to see if the build runs correctly. You could tweak it in a way, that the PR needs to get approved first to trigger the Sonar build...

The workflow would look like this:

  1. PR created
  2. CI build runs on the branch triggered by push
  3. You run a PR review and mark is "approved" eventually
  4. CI build further runs on push
  5. Sonar build runs if the PR is approved

Another idea is to let it run as it is it now but add a condition to run sonar only on "authorized" branches, since you are not able to run it on public PRs by any other means... This can be achieved by adding a task condition if checking the branch name...

zambrovski avatar Oct 15 '21 15:10 zambrovski

I was hoping for an approach that still included Sonar for contributors too since that code needs to be validated just as well. The two-step workflow is indeed what we were looking into, although I wasn't planning to use the "approved" trigger. Rather a process that runs directly after the JDK 8 and 11 builds.

I'd see ignoring sonar as a temporary solution.

smcvb avatar Oct 15 '21 15:10 smcvb

This is closed by https://github.com/AxonFramework/extension-kafka/pull/201, right? Can we close it? ping @zambrovski

lfgcampos avatar Dec 13 '21 13:12 lfgcampos