diff --git a/.github/actions/sonar-scan/action.yml b/.github/actions/sonar-scan/action.yml new file mode 100644 index 0000000..ecfdc66 --- /dev/null +++ b/.github/actions/sonar-scan/action.yml @@ -0,0 +1,46 @@ +name: 'Sonar scan' +description: 'Triggers a Sonarqube scan' +inputs: + sonar-token: + description: 'Sonarqube token' + required: true + sonar-host-url: + description: 'Sonarqube host url' + required: false + default: 'https://sonarqube.amalgama.co' + sonar-scanner-version: + description: 'The version of the SonarScanner to use' + required: false + default: '5.0.1.3006' + working-directory: + description: 'The working directory where to run the action' + required: false + default: '.' +runs: + using: "composite" + steps: + - name: Download and install the SonarScanner + env: + SONAR_SCANNER_VERSION: ${{ inputs.sonar-scanner-version }} + shell: bash + run: | + mkdir -p $HOME/.sonar/ + curl -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip + unzip -qq -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/ + echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH + working-directory: ${{ inputs.working-directory }} + - name: SonarQube analysis + env: + SONAR_TOKEN: ${{ inputs.sonar-token }} + SONAR_HOST_URL: ${{ inputs.sonar-host-url }} + shell: bash + run: sonar-scanner + working-directory: ${{ inputs.working-directory }} + - name: SonarQube Quality Gate check + env: + SONAR_TOKEN: ${{ inputs.sonar-token }} + SONAR_HOST_URL: ${{ inputs.sonar-host-url }} + id: sonarqube-quality-gate-check + uses: sonarsource/sonarqube-quality-gate-action@master + with: + scanMetadataReportFile: ${{ inputs.working-directory }}/.scannerwork/report-task.txt \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3644b59..2803f7c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,47 +11,42 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: ./.github/actions/install-yarn-dependencies lint: runs-on: ubuntu-latest needs: [build] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: ./.github/actions/install-yarn-dependencies - run: yarn lint test: runs-on: ubuntu-latest needs: [lint] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: ./.github/actions/install-yarn-dependencies - run: yarn test --ci --forceExit --detectOpenHandles - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 with: name: reports path: reports/ sonar: + name: Run sonar scanner runs-on: ubuntu-latest - needs: [test] + needs: [ test ] steps: - - uses: actions/checkout@v3 - with: - # Disabling shallow clone is recommended for improving relevancy of reporting. - fetch-depth: 0 - - # Triggering SonarQube analysis as results of it are required by Quality Gate check. - - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@master - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - - # Check the Quality Gate status. - - name: SonarQube Quality Gate check - id: sonarqube-quality-gate-check - uses: sonarsource/sonarqube-quality-gate-action@master - # Force to fail step after specific time. - timeout-minutes: 5 - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Checking out + uses: actions/checkout@v4 + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + - name: Download test coverage report artifact + uses: actions/download-artifact@v4 + with: + name: test-coverage + path: reports/coverage/ + - name: Run scan + uses: ./.github/actions/sonar-scan + with: + sonar-token: ${{ secrets.SONAR_TOKEN }}