From cc0dd5368a38b13bc00125f5d682f2569044bdd3 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 15:56:13 +0800
Subject: [PATCH 01/15] add sonar check
---
.github/workflows/pr-check.yml | 120 ++++++++++++++++++++++-----------
build.gradle | 12 +++-
framework/build.gradle | 2 +-
plugins/build.gradle | 1 -
4 files changed, 93 insertions(+), 42 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index 5b76470a5f1..9dc814863ce 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -93,9 +93,86 @@ jobs:
core.info('PR lint passed.');
}
+ sonar-check:
+ name: SonarCloud Analysis
+ needs: pr-lint
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ - name: Set up JDK 17
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'temurin'
+
+ - name: Cache SonarCloud packages
+ uses: actions/cache@v4
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+
+ - name: Cache Gradle packages
+ uses: actions/cache@v4
+ with:
+ path: |
+ ~/.gradle/caches
+ ~/.gradle/wrapper
+ key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }}
+ restore-keys: ${{ runner.os }}-gradle-
+
+ - name: Build and analyze
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: |
+ ./gradlew clean classes testClasses sonar --info -PskipJdkCheck \
+ -Dsonar.host.url=https://sonarcloud.io \
+# -Dsonar.organization=${{ github.repository_owner }} \
+ -Dsonar.organization=tron-zhaohong \
+# -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
+ -Dsonar.projectKey=java-tron
+
+ checkstyle:
+ name: Checkstyle
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Set up JDK 8
+ uses: actions/setup-java@v4
+ with:
+ java-version: '8'
+ distribution: 'temurin'
+
+ - name: Cache Gradle packages
+ uses: actions/cache@v4
+ with:
+ path: |
+ ~/.gradle/caches
+ ~/.gradle/wrapper
+ key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }}
+ restore-keys: ${{ runner.os }}-gradle-
+
+ - name: Run Checkstyle
+ run: ./gradlew :framework:checkstyleMain :framework:checkstyleTest :plugins:checkstyleMain
+
+ - name: Upload Checkstyle reports
+ if: failure()
+ uses: actions/upload-artifact@v4
+ with:
+ name: checkstyle-reports
+ path: |
+ framework/build/reports/checkstyle/
+ plugins/build/reports/checkstyle/
+
build:
name: Build ${{ matrix.os-name }}(JDK ${{ matrix.java }} / ${{ matrix.arch }})
- needs: pr-lint
+ needs: [pr-lint, checkstyle, sonar-check]
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
@@ -141,7 +218,7 @@ jobs:
docker-build-rockylinux:
name: Build rockylinux (JDK 8 / x86_64)
- needs: pr-lint
+ needs: [pr-lint, checkstyle, sonar-check]
runs-on: ubuntu-latest
container:
@@ -207,7 +284,7 @@ jobs:
docker-build-debian11:
name: Build debian11 (JDK 8 / x86_64)
- needs: pr-lint
+ needs: [pr-lint, checkstyle, sonar-check]
runs-on: ubuntu-latest
container:
@@ -412,39 +489,4 @@ jobs:
echo "All coverage gates passed!"
echo " Current commit : ${self_cov}%"
echo " Base branch : ${base_branch_cov}%"
- echo " Patch coverage : ${patch_cov}%"
-
- checkstyle:
- name: Checkstyle
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v4
-
- - name: Set up JDK 8
- uses: actions/setup-java@v4
- with:
- java-version: '8'
- distribution: 'temurin'
-
- - name: Cache Gradle packages
- uses: actions/cache@v4
- with:
- path: |
- ~/.gradle/caches
- ~/.gradle/wrapper
- key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }}
- restore-keys: ${{ runner.os }}-gradle-
-
- - name: Run Checkstyle
- run: ./gradlew :framework:checkstyleMain :framework:checkstyleTest :plugins:checkstyleMain
-
- - name: Upload Checkstyle reports
- if: failure()
- uses: actions/upload-artifact@v4
- with:
- name: checkstyle-reports
- path: |
- framework/build/reports/checkstyle/
- plugins/build/reports/checkstyle/
-
+ echo " Patch coverage : ${patch_cov}%"
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index 12a0622db99..b686b893316 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,5 +1,10 @@
import org.gradle.nativeplatform.platform.internal.Architectures
import org.gradle.internal.os.OperatingSystem
+
+plugins {
+ id "org.sonarqube" version "5.1.0.4882" apply false
+}
+
allprojects {
version = "1.0.0"
apply plugin: "java-library"
@@ -40,7 +45,7 @@ ext.archInfo = [
VMOptions: isArm64 ? "${rootDir}/gradle/jdk17/java-tron.vmoptions" : "${rootDir}/gradle/java-tron.vmoptions"
]
-if (!archInfo.java.is(archInfo.requires.JavaVersion)) {
+if (!archInfo.java.is(archInfo.requires.JavaVersion) && !project.hasProperty('skipJdkCheck')) {
throw new GradleException("Java ${archInfo.requires.JavaVersion} is required for ${archInfo.name}. Detected version ${archInfo.java}")
}
@@ -165,3 +170,8 @@ gradle.buildFinished {
}
}
}
+
+// Apply SonarQube plugin only when running with JDK 17+ (sonar analysis requires JDK 17)
+if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) {
+ apply plugin: "org.sonarqube"
+}
diff --git a/framework/build.gradle b/framework/build.gradle
index 59d070e066d..42e905fda67 100644
--- a/framework/build.gradle
+++ b/framework/build.gradle
@@ -1,6 +1,6 @@
plugins {
id "org.gradle.test-retry" version "1.5.9"
- id "org.sonarqube" version "2.6"
+
id "com.gorylenko.gradle-git-properties" version "2.4.1"
}
diff --git a/plugins/build.gradle b/plugins/build.gradle
index e03e9a7c49a..6f18f2b9d41 100644
--- a/plugins/build.gradle
+++ b/plugins/build.gradle
@@ -1,5 +1,4 @@
plugins {
- id "org.sonarqube" version "2.6"
}
apply plugin: 'application'
From 1db1711336e78da23588d457965249b3c2955bf3 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 16:06:36 +0800
Subject: [PATCH 02/15] exclude tests when use sonarcheck
---
build.gradle | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/build.gradle b/build.gradle
index b686b893316..34f3c0463a3 100644
--- a/build.gradle
+++ b/build.gradle
@@ -174,4 +174,24 @@ gradle.buildFinished {
// Apply SonarQube plugin only when running with JDK 17+ (sonar analysis requires JDK 17)
if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) {
apply plugin: "org.sonarqube"
+
+ sonar {
+ properties {
+ property "sonar.sourceEncoding", "UTF-8"
+ }
+ }
+
+ // Only analyze these modules; skip the rest
+ ["protocol", "platform", "example:actuator-example"].each { name ->
+ project(":${name}").sonar.skipProject = true
+ }
+
+ // Only analyze main sources, exclude test sources
+ subprojects {
+ sonar {
+ properties {
+ property "sonar.tests", ""
+ }
+ }
+ }
}
From 1bf9998486da52cc74513944d92c82444961751e Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 16:17:08 +0800
Subject: [PATCH 03/15] skip sonarqube in JDK8
---
build.gradle | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/build.gradle b/build.gradle
index 34f3c0463a3..9c8a533b337 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,8 +1,16 @@
import org.gradle.nativeplatform.platform.internal.Architectures
import org.gradle.internal.os.OperatingSystem
-plugins {
- id "org.sonarqube" version "5.1.0.4882" apply false
+// SonarQube plugin: only resolve on JDK 17+ to avoid verification-metadata issues on JDK 8
+if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) {
+ buildscript {
+ repositories {
+ maven { url 'https://plugins.gradle.org/m2/' }
+ }
+ dependencies {
+ classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882'
+ }
+ }
}
allprojects {
From fbaa3f68f2ec1ce4d437ebbfabb0786fc360e7f9 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 16:28:57 +0800
Subject: [PATCH 04/15] use JDK 17 for Checkstyle
---
.github/workflows/pr-check.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index 9dc814863ce..93f1ba5b3e1 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -143,10 +143,10 @@ jobs:
steps:
- uses: actions/checkout@v4
- - name: Set up JDK 8
+ - name: Set up JDK 17
uses: actions/setup-java@v4
with:
- java-version: '8'
+ java-version: '17'
distribution: 'temurin'
- name: Cache Gradle packages
From 2dfc14c1eece521e345911038cb966df2d04e28a Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 17:31:35 +0800
Subject: [PATCH 05/15] test
---
.github/workflows/pr-check.yml | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index 93f1ba5b3e1..db33d57f51b 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -96,7 +96,7 @@ jobs:
sonar-check:
name: SonarCloud Analysis
needs: pr-lint
- runs-on: ubuntu-latest
+ runs-on: ubuntu-24.04-arm
steps:
- uses: actions/checkout@v4
@@ -131,14 +131,12 @@ jobs:
run: |
./gradlew clean classes testClasses sonar --info -PskipJdkCheck \
-Dsonar.host.url=https://sonarcloud.io \
-# -Dsonar.organization=${{ github.repository_owner }} \
-Dsonar.organization=tron-zhaohong \
-# -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
-Dsonar.projectKey=java-tron
checkstyle:
name: Checkstyle
- runs-on: ubuntu-latest
+ runs-on: ubuntu-24.04-arm
steps:
- uses: actions/checkout@v4
From f060bffb0eae25502d40f79f87805b61f2d90d36 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 17:43:33 +0800
Subject: [PATCH 06/15] init sonar script only in jdk17
---
.github/workflows/pr-check.yml | 24 ++++++++++++++++++++----
build.gradle | 18 ++----------------
2 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index db33d57f51b..a5363bd88d2 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -129,10 +129,26 @@ jobs:
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
- ./gradlew clean classes testClasses sonar --info -PskipJdkCheck \
- -Dsonar.host.url=https://sonarcloud.io \
- -Dsonar.organization=tron-zhaohong \
- -Dsonar.projectKey=java-tron
+ cat > /tmp/sonar-init.gradle << 'EOF'
+ initscript {
+ repositories {
+ maven { url 'https://plugins.gradle.org/m2/' }
+ }
+ dependencies {
+ classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882'
+ }
+ }
+ rootProject {
+ apply plugin: org.sonarqube.gradle.SonarQubePlugin
+ }
+ EOF
+
+ ./gradlew clean classes testClasses sonar --info \
+ --init-script /tmp/sonar-init.gradle \
+ -PskipJdkCheck \
+ -Dsonar.host.url=https://sonarcloud.io \
+ -Dsonar.organization=tron-zhaohong \
+ -Dsonar.projectKey=java-tron
checkstyle:
name: Checkstyle
diff --git a/build.gradle b/build.gradle
index 9c8a533b337..18fbaf55f4c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -1,18 +1,6 @@
import org.gradle.nativeplatform.platform.internal.Architectures
import org.gradle.internal.os.OperatingSystem
-// SonarQube plugin: only resolve on JDK 17+ to avoid verification-metadata issues on JDK 8
-if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) {
- buildscript {
- repositories {
- maven { url 'https://plugins.gradle.org/m2/' }
- }
- dependencies {
- classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882'
- }
- }
-}
-
allprojects {
version = "1.0.0"
apply plugin: "java-library"
@@ -179,10 +167,8 @@ gradle.buildFinished {
}
}
-// Apply SonarQube plugin only when running with JDK 17+ (sonar analysis requires JDK 17)
-if (JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)) {
- apply plugin: "org.sonarqube"
-
+// SonarQube configuration — only activates when the plugin is applied (via CI init script)
+pluginManager.withPlugin('org.sonarqube') {
sonar {
properties {
property "sonar.sourceEncoding", "UTF-8"
From b6cc22a7a39ca8b61ab008c4eff0eab1b1d0d419 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 18:15:41 +0800
Subject: [PATCH 07/15] add verification-metadata for sonar check
---
gradle/verification-metadata.xml | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
index 4d0bf1013d6..3dd82f7e74d 100644
--- a/gradle/verification-metadata.xml
+++ b/gradle/verification-metadata.xml
@@ -2262,6 +2262,19 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
@@ -2270,6 +2283,11 @@
+
+
+
+
+
@@ -2283,6 +2301,14 @@
+
+
+
+
+
+
+
+
From af5d96fa5532a3042836bb28b0f1a43927130c32 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 18:49:15 +0800
Subject: [PATCH 08/15] use github.repository_owner to define
sonar.organization
---
.github/workflows/pr-check.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index a5363bd88d2..c0ae33f5b89 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -147,8 +147,8 @@ jobs:
--init-script /tmp/sonar-init.gradle \
-PskipJdkCheck \
-Dsonar.host.url=https://sonarcloud.io \
- -Dsonar.organization=tron-zhaohong \
- -Dsonar.projectKey=java-tron
+ -Dsonar.organization=${{ github.repository_owner }} \
+ -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
checkstyle:
name: Checkstyle
From 4668c6efcbac71cdee9b1be37c85990799a76eda Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Tue, 3 Mar 2026 18:59:18 +0800
Subject: [PATCH 09/15] test
---
.github/workflows/pr-check.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index c0ae33f5b89..5145c959cb7 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -145,7 +145,7 @@ jobs:
./gradlew clean classes testClasses sonar --info \
--init-script /tmp/sonar-init.gradle \
- -PskipJdkCheck \
+ -PskipJdkCheck \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=${{ github.repository_owner }} \
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
From 0e85ea7dc1575b3f56d960c6f53682007beeb1a6 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Wed, 4 Mar 2026 18:21:27 +0800
Subject: [PATCH 10/15] extract sonar-check.yml
---
.github/workflows/pr-check.yml | 63 ++---------------------------
.github/workflows/sonar-check.yml | 67 +++++++++++++++++++++++++++++++
2 files changed, 70 insertions(+), 60 deletions(-)
create mode 100644 .github/workflows/sonar-check.yml
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index 5145c959cb7..c48464964a6 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -93,63 +93,6 @@ jobs:
core.info('PR lint passed.');
}
- sonar-check:
- name: SonarCloud Analysis
- needs: pr-lint
- runs-on: ubuntu-24.04-arm
-
- steps:
- - uses: actions/checkout@v4
- with:
- fetch-depth: 0
-
- - name: Set up JDK 17
- uses: actions/setup-java@v4
- with:
- java-version: '17'
- distribution: 'temurin'
-
- - name: Cache SonarCloud packages
- uses: actions/cache@v4
- with:
- path: ~/.sonar/cache
- key: ${{ runner.os }}-sonar
- restore-keys: ${{ runner.os }}-sonar
-
- - name: Cache Gradle packages
- uses: actions/cache@v4
- with:
- path: |
- ~/.gradle/caches
- ~/.gradle/wrapper
- key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }}
- restore-keys: ${{ runner.os }}-gradle-
-
- - name: Build and analyze
- env:
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- run: |
- cat > /tmp/sonar-init.gradle << 'EOF'
- initscript {
- repositories {
- maven { url 'https://plugins.gradle.org/m2/' }
- }
- dependencies {
- classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882'
- }
- }
- rootProject {
- apply plugin: org.sonarqube.gradle.SonarQubePlugin
- }
- EOF
-
- ./gradlew clean classes testClasses sonar --info \
- --init-script /tmp/sonar-init.gradle \
- -PskipJdkCheck \
- -Dsonar.host.url=https://sonarcloud.io \
- -Dsonar.organization=${{ github.repository_owner }} \
- -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
-
checkstyle:
name: Checkstyle
runs-on: ubuntu-24.04-arm
@@ -186,7 +129,7 @@ jobs:
build:
name: Build ${{ matrix.os-name }}(JDK ${{ matrix.java }} / ${{ matrix.arch }})
- needs: [pr-lint, checkstyle, sonar-check]
+ needs: [pr-lint, checkstyle]
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
@@ -232,7 +175,7 @@ jobs:
docker-build-rockylinux:
name: Build rockylinux (JDK 8 / x86_64)
- needs: [pr-lint, checkstyle, sonar-check]
+ needs: [pr-lint, checkstyle]
runs-on: ubuntu-latest
container:
@@ -298,7 +241,7 @@ jobs:
docker-build-debian11:
name: Build debian11 (JDK 8 / x86_64)
- needs: [pr-lint, checkstyle, sonar-check]
+ needs: [pr-lint, checkstyle]
runs-on: ubuntu-latest
container:
diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml
new file mode 100644
index 00000000000..4078443c8d6
--- /dev/null
+++ b/.github/workflows/sonar-check.yml
@@ -0,0 +1,67 @@
+name: SonarCloud Analysis
+
+on:
+ pull_request:
+ branches: [ 'develop_ci', 'release_**' ]
+ types: [ opened, edited, synchronize, reopened ]
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
+ cancel-in-progress: true
+
+jobs:
+ sonar-check:
+ name: SonarCloud Analysis
+ runs-on: ubuntu-24.04-arm
+
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ - name: Set up JDK 17
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'temurin'
+
+ - name: Cache SonarCloud packages
+ uses: actions/cache@v4
+ with:
+ path: ~/.sonar/cache
+ key: ${{ runner.os }}-sonar
+ restore-keys: ${{ runner.os }}-sonar
+
+ - name: Cache Gradle packages
+ uses: actions/cache@v4
+ with:
+ path: |
+ ~/.gradle/caches
+ ~/.gradle/wrapper
+ key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle', '**/gradle-wrapper.properties') }}
+ restore-keys: ${{ runner.os }}-gradle-
+
+ - name: Build and analyze
+ env:
+ SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ run: |
+ cat > /tmp/sonar-init.gradle << 'EOF'
+ initscript {
+ repositories {
+ maven { url 'https://plugins.gradle.org/m2/' }
+ }
+ dependencies {
+ classpath 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:5.1.0.4882'
+ }
+ }
+ rootProject {
+ apply plugin: org.sonarqube.gradle.SonarQubePlugin
+ }
+ EOF
+
+ ./gradlew clean classes testClasses sonar --info \
+ --init-script /tmp/sonar-init.gradle \
+ -PskipJdkCheck \
+ -Dsonar.host.url=https://sonarcloud.io \
+ -Dsonar.organization=${{ github.repository_owner }} \
+ -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
From f2b9e33f2854458d679750d9b8ef127ddff2ccc6 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Wed, 4 Mar 2026 19:23:09 +0800
Subject: [PATCH 11/15] don't comment on PR when run sonar check
---
.github/workflows/pr-check.yml | 18 +++++++++---------
.github/workflows/sonar-check.yml | 6 +++++-
codecov.yml | 1 +
3 files changed, 15 insertions(+), 10 deletions(-)
create mode 100644 codecov.yml
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index c48464964a6..16bd49502bb 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -432,15 +432,15 @@ jobs:
fi
# Rule 3: patch coverage on changed files >= 80%
- if [ "$impacted_files" -gt 0 ] && [ "$(echo "$patch_cov > 0" | bc)" -eq 1 ]; then
- if [ "$(echo "$patch_cov < 80" | bc)" -eq 1 ]; then
- echo "FAIL: Patch coverage is ${patch_cov}% (minimum 80%)."
- echo "Please add tests for new/changed code."
- exit 1
- fi
- else
- echo "No impacted files or no patch data; skipping patch coverage check."
- fi
+# if [ "$impacted_files" -gt 0 ] && [ "$(echo "$patch_cov > 0" | bc)" -eq 1 ]; then
+# if [ "$(echo "$patch_cov < 80" | bc)" -eq 1 ]; then
+# echo "FAIL: Patch coverage is ${patch_cov}% (minimum 80%)."
+# echo "Please add tests for new/changed code."
+# exit 1
+# fi
+# else
+# echo "No impacted files or no patch data; skipping patch coverage check."
+# fi
echo ""
echo "All coverage gates passed!"
diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml
index 4078443c8d6..7f10b5cf5c5 100644
--- a/.github/workflows/sonar-check.yml
+++ b/.github/workflows/sonar-check.yml
@@ -9,6 +9,9 @@ concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
cancel-in-progress: true
+permissions:
+ contents: read # don't comment in PR after check
+
jobs:
sonar-check:
name: SonarCloud Analysis
@@ -64,4 +67,5 @@ jobs:
-PskipJdkCheck \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=${{ github.repository_owner }} \
- -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
+ -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} \
+ -Dsonar.qualitygate.wait=false
diff --git a/codecov.yml b/codecov.yml
new file mode 100644
index 00000000000..69cb76019a4
--- /dev/null
+++ b/codecov.yml
@@ -0,0 +1 @@
+comment: false
From 1a7b07fa51e7c814098c5b0aed74db70c83198bf Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Wed, 4 Mar 2026 19:27:08 +0800
Subject: [PATCH 12/15] comment patch coverage check
---
.github/workflows/pr-check.yml | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index 16bd49502bb..abb01e412d9 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -432,15 +432,15 @@ jobs:
fi
# Rule 3: patch coverage on changed files >= 80%
-# if [ "$impacted_files" -gt 0 ] && [ "$(echo "$patch_cov > 0" | bc)" -eq 1 ]; then
-# if [ "$(echo "$patch_cov < 80" | bc)" -eq 1 ]; then
-# echo "FAIL: Patch coverage is ${patch_cov}% (minimum 80%)."
-# echo "Please add tests for new/changed code."
-# exit 1
-# fi
-# else
-# echo "No impacted files or no patch data; skipping patch coverage check."
-# fi
+ # if [ "$impacted_files" -gt 0 ] && [ "$(echo "$patch_cov > 0" | bc)" -eq 1 ]; then
+ # if [ "$(echo "$patch_cov < 80" | bc)" -eq 1 ]; then
+ # echo "FAIL: Patch coverage is ${patch_cov}% (minimum 80%)."
+ # echo "Please add tests for new/changed code."
+ # exit 1
+ # fi
+ # else
+ # echo "No impacted files or no patch data; skipping patch coverage check."
+ # fi
echo ""
echo "All coverage gates passed!"
From d18e381e5f0100a679880c50f70bf449b9a802fc Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Wed, 4 Mar 2026 19:36:23 +0800
Subject: [PATCH 13/15] don't comment on sonar check task
---
.github/workflows/sonar-check.yml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/sonar-check.yml b/.github/workflows/sonar-check.yml
index 7f10b5cf5c5..ecd69f0ee7f 100644
--- a/.github/workflows/sonar-check.yml
+++ b/.github/workflows/sonar-check.yml
@@ -68,4 +68,5 @@ jobs:
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=${{ github.repository_owner }} \
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }} \
- -Dsonar.qualitygate.wait=false
+ -Dsonar.qualitygate.wait=false \
+ -Dsonar.pullrequest.github.summary_comment=false
From bc02f285dd2c0857ce1536624e7a6a36f248b551 Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Wed, 4 Mar 2026 19:45:14 +0800
Subject: [PATCH 14/15] add --no-build-cache for docker-build-debian11
---
.github/workflows/pr-check.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
index abb01e412d9..9d861078267 100644
--- a/.github/workflows/pr-check.yml
+++ b/.github/workflows/pr-check.yml
@@ -281,7 +281,7 @@ jobs:
run: chmod +x gradlew
- name: Build
- run: ./gradlew clean build --no-daemon
+ run: ./gradlew clean build --no-daemon --no-build-cache
coverage-gate:
From 424fa81fc1b15f8566e8cfd245d565c1007566fe Mon Sep 17 00:00:00 2001
From: jiangyuanshu <317787106@qq.com>
Date: Mon, 9 Mar 2026 14:47:34 +0800
Subject: [PATCH 15/15] add system-test workflow
---
.github/workflows/system-test.yml | 71 +++++++++++++++++++++++++++++++
build.gradle | 2 +-
2 files changed, 72 insertions(+), 1 deletion(-)
create mode 100644 .github/workflows/system-test.yml
diff --git a/.github/workflows/system-test.yml b/.github/workflows/system-test.yml
new file mode 100644
index 00000000000..a8fb2053b12
--- /dev/null
+++ b/.github/workflows/system-test.yml
@@ -0,0 +1,71 @@
+name: System Test
+
+on:
+ pull_request:
+ branches: [ 'develop_ci', 'release_**' ]
+ types: [ opened, edited, synchronize, reopened ]
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
+ cancel-in-progress: true
+
+jobs:
+ system-test:
+ name: System Test (JDK 8 / x86_64)
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Set up JDK 8
+ uses: actions/setup-java@v4
+ with:
+ java-version: '8'
+ distribution: 'temurin'
+
+ - name: Clone system-test
+ run: |
+ git clone https://github.com/tronprotocol/system-test.git
+ cd system-test
+ git checkout release_workflow
+
+ - name: Checkout java-tron
+ uses: actions/checkout@v4
+ with:
+ path: java-tron
+
+ - name: Cache Gradle packages
+ uses: actions/cache@v4
+ with:
+ path: |
+ ~/.gradle/caches
+ ~/.gradle/wrapper
+ key: ${{ runner.os }}-gradle-system-test-${{ hashFiles('java-tron/**/*.gradle', 'java-tron/**/gradle-wrapper.properties') }}
+ restore-keys: ${{ runner.os }}-gradle-system-test-
+
+ - name: Build java-tron
+ working-directory: java-tron
+ run: ./gradlew clean build -x test --no-daemon
+
+ - name: Copy config and start FullNode
+ run: |
+ cp system-test/testcase/src/test/resources/config-system-test.conf java-tron/
+ cd java-tron
+ nohup java -jar build/libs/FullNode.jar --witness -c config-system-test.conf > fullnode.log 2>&1 &
+ echo "FullNode started, waiting 30 seconds..."
+ sleep 30
+ echo "=== FullNode log (last 30 lines) ==="
+ tail -30 fullnode.log || true
+
+ - name: Run system tests
+ working-directory: system-test
+ run: |
+ cp solcDIR/solc-linux-0.8.6 solcDIR/solc
+ ./gradlew clean --no-daemon
+ ./gradlew --info stest --no-daemon
+
+ - name: Upload FullNode log
+ if: always()
+ uses: actions/upload-artifact@v4
+ with:
+ name: fullnode-log
+ path: java-tron/fullnode.log
+ if-no-files-found: warn
diff --git a/build.gradle b/build.gradle
index 18fbaf55f4c..6f00196994d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -175,7 +175,7 @@ pluginManager.withPlugin('org.sonarqube') {
}
}
- // Only analyze these modules; skip the rest
+ // Skip these projects
["protocol", "platform", "example:actuator-example"].each { name ->
project(":${name}").sonar.skipProject = true
}