BFD-4393: Update IT, UT, and SonarQube Config #2886
Conversation
| <user.timezone>UTC</user.timezone> | ||
| <its.db.url>${its.db.url}</its.db.url> | ||
| <its.db.username>${its.db.username}</its.db.username> | ||
| <its.db.password>${its.db.password}</its.db.password> | ||
| <its.testcontainer.db.image>${its.testcontainer.db.image}</its.testcontainer.db.image> | ||
| <its.testcontainer.aws.image>${its.testcontainer.aws.image}</its.testcontainer.aws.image> | ||
| <generateTestData>false</generateTestData> | ||
| </systemPropertyVariables> | ||
| <includes> | ||
| <include>**/*IT.java</include> | ||
| <include>**/*E2E.java</include> | ||
| </includes> | ||
|
|
||
| <!-- Needed to avoid test failures when comparing ETL timestamps. --> | ||
| <environmentVariables> | ||
| <TZ>UTC</TZ> | ||
| </environmentVariables> |
There was a problem hiding this comment.
Unsure which approach is better–this has been here for years and only applies to failsafe (integration) tests. The test that had been throwing the most errors is currently called under surefire (unit) testing. Probably a solid argument to be made that it belongs under integration, but still...
Should we provide the UTC timezone via TZ=UTC as an envvar or -Duser.timezone=UTC as a system property?
.github/workflows/ci-java.yml
Outdated
| BFD_BRANCH: ${{ inputs.branch }} | ||
| run: | | ||
| mvn sonar:sonar \ | ||
| mvn org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ |
There was a problem hiding this comment.
This verbose setting is recommended by the sonarscanner documentation on analyzing and partially addresses the following warning that cropped up in the build logs:
Warning: The artifact org.codehaus.mojo:sonar-maven-plugin:jar:4.0.0.4121 has been relocated to org.sonarsource.scanner.maven:sonar-maven-plugin:jar:4.0.0.4121: SonarQube plugin was moved to SonarSource organisation
| <plugin> | ||
| <groupId>org.sonarsource.scanner.maven</groupId> | ||
| <artifactId>sonar-maven-plugin</artifactId> | ||
| <version>${sonar.version}</version> | ||
| </plugin> |
There was a problem hiding this comment.
Explicitly defining the plugin and ${sonar.version} here addresses another warning that was present in the build logs:
Warning: 19:43:49.966 Using an unspecified version instead of an explicit plugin version may introduce breaking analysis changes at an unwanted time. It is highly recommended to use an explicit version, e.g. 'org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121'.
mjburling
force-pushed
the
burling/bfd-4393
branch
from
bffb208 to
15aec89
Compare
|
JIRA Ticket:
BFD-4393
What Does This PR Do?
Replace me.
What Should Reviewers Watch For?
If you're reviewing this PR, please check for these things in particular:
What Security Implications Does This PR Have?
Please indicate if this PR does any of the following:
Adds any new software dependencies
Modifies any security controls
Adds new transmission or storage of data
Any other changes that could possibly affect security?
I have considered the above security implications as it relates to this PR. (If one or more of the above apply, it cannot be merged without the ISSO or team security engineer's (
@sb-benohe) approval.)I have created tests to sufficiently ensure the reliability of my code, if applicable. If this is a modification to an existing piece of code, I have audited the associated tests to ensure everything works as expected.
Validation
Have you fully verified and tested these changes? Is the acceptance criteria met? Please provide reproducible testing instructions, code snippets, or screenshots as applicable.