ci: add restore-keys to the maven-verify Maven cache#1399
Draft
joaodinissf wants to merge 2 commits into
Draft
Conversation
Replace the pmd/checkstyle jobs with a parallel shape that gives early,
inline feedback and stops re-running analysis inside the build:
- lint: compile + pmd:pmd + checkstyle:checkstyle (SARIF) + pmd:cpd-check,
-T 2C, --fail-never; gates by counting the merged SARIF (+ cpd.xml grep).
Fails in ~3-5 min on its own check, independent of the build.
- spotbugs: compile + spotbugs:spotbugs (SARIF), -Xmx4g, own parallel lane
(the slow analysis).
- maven-verify: build + tests only; the redundant checkstyle/pmd/spotbugs
goals are dropped (now owned by lint/spotbugs).
- line-endings: unchanged.
All three emit SARIF 2.1.0, merged per tool and uploaded to Code Scanning
(security-events: write) for inline annotations on the PR diff + Security tab.
No custom Python annotator.
Count-gate rather than the *:check goals: the check goals @Execute-fork a
second analysis and cannot emit SARIF, and without the full compile classpath
they false-positive on type-resolving rules. Each report goal runs once
(full-reactor compile -> correct + SARIF) and the gate counts the result.
Rationale + tables in docs/ci-static-analysis-design.md; measurement protocol
in docs/ci-measurement-protocol.md.
CPD gating is wired but inert until dsldevkit#1339 lowers the token threshold.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The lint and spotbugs jobs fall back to a restore-key prefix on a pom.xml change; maven-verify lacked it, so any pom change gave it a hard cache miss and a full ~/.m2 re-download. Add the same restore-keys for parity across all three Maven jobs. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This was referenced May 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
Stacked on #1396. Against
masterthe diff includes #1396's commit (it drops out once #1396 merges) — review only therestore-keyscommit.The
lintandspotbugsjobs fall back to arestore-keysprefix on apom.xmlchange;maven-verifywas missing it, so any pom change gave it a hard cache miss → full~/.m2re-download. Adds the samerestore-keysfor parity across all three Maven jobs.🤖 Generated with Claude Code