chore(ci): enable code coverage on Sonarcloud #1518
Conversation
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
.github/workflows/ci-test-go.yml
Outdated
| @@ -101,6 +101,15 @@ jobs: | |||
| run: | | |||
| go install gotest.tools/gotestsum@latest | |||
| make test-unit | |||
|
|
|||
| - name: Analyze with SonarCloud | |||
| if: ${{ always() && inputs.run-tests && inputs.project-directory == '.' }} | |||
There was a problem hiding this comment.
Once this is working for the parent go module we can do the same for each submodule.
| sonar.projectKey=testcontainers_testcontainers-go | ||
|
|
||
| sonar.projectName=testcontainers-go |
There was a problem hiding this comment.
I imagine that for modulegen, it could be :
sonar.projectKey=testcontainers_testcontainers-go_modulegen
sonar.projectName=testcontainers-go/modulegenFor examples/bigtable it could be :
sonar.projectKey=testcontainers_testcontainers-go_examples_bigtable
sonar.projectName=testcontainers-go/examples/bigtable
|
Let me check internally with other maintainers how it's done in their language projects. Will ping you back here once I have it clear how to proceed with Sonarqube, as it'd be a great improvement seeing the code coverage alongside the "defects" it finds (although I dislike a bit how the Go rules are processed). |
I'm going to create the secret in the project to make this work. |
Signed-off-by: Matthieu MOREL <[email protected]>
mdelapenya
changed the title
|
There seems to be an option to share secrets with pull request from forks. Have you read this ? |
I'm not sure if that will work for PRs from forks not from the organisation: https://community.sonarsource.com/t/sonar-token-permissions-in-pull-request-github-actions/90614/9 I'll double check with other maintainers now |
|
@mmorel-35 it seems that .NET uses it but only for merges to develop or main branches: https://github.com/testcontainers/testcontainers-dotnet/blob/develop/.github/workflows/cicd.yml#L74 I think we should go with the same approach for the moment |
|
Kudos, SonarCloud Quality Gate passed!
|
|
Hi @mdelapenya , |
|
Merging it now |
|
Hi @mdelapenya , |
|
I've just disabled the automatic analysis from the service. It's unfortunate that they do not provide a graceful alternative, like not failing that hard 🤷♂️ |
…containerd-1.7.5 * main: chore: always generate the examples including a explicit image (#1611) chore: support linting all modules locally (#1609) ci(sonarcloud): run only when not root-less (#1608) remove extra equal in sonar.organization (#1607) chore(ci): enable code coverage on Sonarcloud (#1518) docs: use Go testable examples in modules (#1603)
* main: chore: always generate the examples including a explicit image (testcontainers#1611) chore: support linting all modules locally (testcontainers#1609) ci(sonarcloud): run only when not root-less (testcontainers#1608) remove extra equal in sonar.organization (testcontainers#1607) chore(ci): enable code coverage on Sonarcloud (testcontainers#1518) docs: use Go testable examples in modules (testcontainers#1603) ci(lint): enable errorlint linter (testcontainers#1604) ci(lint): enable gocritic linter (testcontainers#1605) chore(deps): bump github.com/hashicorp/vault-client-go in /modules/vault (testcontainers#1566) ci(security): setup codeql scan (testcontainers#1606) chore(deps): bump github.com/cyphar/filepath-securejoin (testcontainers#1601) chore: generate Go examples for new modules (testcontainers#1600) chore: generate Go examples for new modules (testcontainers#1600)
Hi @mdelapenya,
It seems like sonar requires a SONAR_TOKEN secret, I tried to compare with testcontainers-donet and testcontainers-node that reports code coverage on their sonarcloud reports but I couldn’t find anything comparable as they are not using the sonarcloud action to upload their test results.
I tried to provide my own SONAR_TOKEN but it seems it not possible to use it in a fork repository.
Any idea ? Or you prefer to keep things as it is now ?