SonarSource
diff --git a/‎.cirrus.star‎
Lines changed: 0 additions & 4 deletions b/‎.cirrus.star‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎.cirrus.yml‎
Lines changed: 0 additions & 108 deletions b/‎.cirrus.yml‎
Lines changed: 0 additions & 108 deletions
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 116 additions & 0 deletions b/‎.github/workflows/build.yml‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎.github/workflows/releasability.yml‎
Lines changed: 1 addition & 4 deletions b/‎.github/workflows/releasability.yml‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎lib/src/test/java/org/sonarsource/scanner/lib/internal/facade/forked/JavaRunnerTest.java‎
Lines changed: 1 addition & 1 deletion b/‎lib/src/test/java/org/sonarsource/scanner/lib/internal/facade/forked/JavaRunnerTest.java‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,116 @@
+name: Build
+on:
+  push:
+    branches:
+      - master
+      - 'branch-*'
+  pull_request:
+  merge_group:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  id-token: write
+  contents: write
+
+jobs:
+  build:
+    name: Build
+    runs-on: github-ubuntu-latest-s
+    timeout-minutes: 30
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          fetch-depth: 0
+      - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
+        with:
+          version: 2025.7.12
+      - uses: SonarSource/ci-github-actions/build-maven@v1
+        with:
+          artifactory-reader-role: private-reader
+          artifactory-deployer-role: qa-deployer
+          deploy-pull-request: true
+      - name: Upload test results on failure
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: test-results
+          path: '**/target/surefire-reports/**/*.xml'
+          if-no-files-found: ignore
+
+  qa:
+    name: QA
+    needs: build
+    runs-on: github-ubuntu-latest-s
+    strategy:
+      fail-fast: false
+      matrix:
+        sonar-version:
+          - LATEST_RELEASE
+          - LATEST_RELEASE[2025.1]
+          - LATEST_RELEASE[9.9]
+        java-version:
+          - LATEST_RELEASE
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
+        with:
+          version: 2025.7.12
+
+      - name: Select Java 17
+        run: mise use java@17
+
+      - name: Getting Vault Secrets
+        uses: SonarSource/vault-action-wrapper@v3
+        with:
+          secrets: |
+            development/artifactory/token/SonarSource-sonar-scanner-java-library-private-reader access_token | ARTIFACTORY_ACCESS_TOKEN;
+            development/github/token/licenses-ro token | GITHUB_TOKEN
+
+      - name: Configure Maven
+        uses: SonarSource/ci-github-actions/config-maven@v1
+        with:
+          artifactory-reader-role: private-reader
+
+      - name: Run ITs
+        env:
+          BUILD_NUMBER: ${{ github.run_number }}
+        run: |
+          cd its
+          mvn -B -e verify -Prun-its -Dsonar.runtimeVersion=${{ matrix.sonar-version }} -DjavaVersion=${{ matrix.java-version }}
+
+      - name: Upload server logs
+        if: failure()
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: server-logs-${{ github.job }}-${{ strategy.job-index }}
+          path: "**/target/**/logs/**.log"
+          if-no-files-found: ignore
+
+      - name: Upload test results
+        if: failure()
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: test-results-${{ github.job }}-${{ strategy.job-index }}
+          path: "**/target/surefire-reports/**.xml"
+          if-no-files-found: ignore
+
+  promote:
+    needs:
+      - build
+    runs-on: github-ubuntu-latest-s
+    name: Promote
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0
+        with:
+          cache_save: false
+          version: 2025.7.12
+      - uses: SonarSource/ci-github-actions/get-build-number@v1
+      - uses: SonarSource/ci-github-actions/promote@v1
+        with:
+          promote-pull-request: true
@@ -13,10 +13,7 @@ jobs:
       id-token: write
       statuses: write
       contents: read
-    if: >-
-      (contains(fromJSON('["main", "master"]'), github.event.check_suite.head_branch) || startsWith(github.event.check_suite.head_branch, 'dogfood-') || startsWith(github.event.check_suite.head_branch, 'branch-'))
-      && github.event.check_suite.conclusion == 'success'
-      && github.event.check_suite.app.slug == 'cirrus-ci'
+    if: github.event.workflow_run.conclusion == 'success'
     steps:
       - uses: SonarSource/gh-action_releasability/releasability-status@v3
         with:
 
@@ -48,7 +48,7 @@ void execute_shouldConsummeProcessStdOut() {
     assertThat(runner.execute(List.of("--version"), "test", stdOut::add)).isTrue();
 
     assertThat(stdOut).isNotEmpty();
-    assertThat(logTester.logs(Level.ERROR)).isEmpty();
+    assertThat(logTester.logs(Level.ERROR)).allMatch(s -> s.startsWith("[stderr] "));
   }
 
   @Test
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ void execute_shouldConsummeProcessStdOut() {`
`48`	`48`	`assertThat(runner.execute(List.of("--version"), "test", stdOut::add)).isTrue();`
`49`	`49`
`50`	`50`	`assertThat(stdOut).isNotEmpty();`
`51`		`- assertThat(logTester.logs(Level.ERROR)).isEmpty();`
	`51`	`+ assertThat(logTester.logs(Level.ERROR)).allMatch(s -> s.startsWith("[stderr] "));`
`52`	`52`	`}`
`53`	`53`
`54`	`54`	`@Test`