2023-03-28 08:23:56 -05:00
|
|
|
# This workflow requires the following configuration in Github
|
|
|
|
#
|
|
|
|
# Variables:
|
|
|
|
# SONARQUBE_PROJECT_KEY - The project key in SonarQube
|
|
|
|
#
|
|
|
|
# Secrets:
|
|
|
|
# SONARQUBE_TOKEN - SonarQube API token
|
|
|
|
# SONARQUBE_HOST - The URL of the SonarQube host
|
|
|
|
|
2023-03-23 08:19:58 -05:00
|
|
|
name: SonarQube scan
|
|
|
|
|
|
|
|
on:
|
|
|
|
push:
|
|
|
|
branches: [ "master" ]
|
|
|
|
|
2023-03-24 05:15:15 -05:00
|
|
|
concurrency:
|
|
|
|
group: sonarqube
|
|
|
|
cancel-in-progress: false
|
|
|
|
|
2023-03-23 08:19:58 -05:00
|
|
|
jobs:
|
|
|
|
build:
|
2023-03-28 08:23:56 -05:00
|
|
|
# Only run if the project key is set
|
2023-03-23 08:19:58 -05:00
|
|
|
if: vars.SONARQUBE_PROJECT_KEY != null
|
2023-03-24 05:15:15 -05:00
|
|
|
|
2023-03-23 08:19:58 -05:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
|
|
steps:
|
|
|
|
- uses: actions/checkout@v3
|
|
|
|
with:
|
|
|
|
fetch-depth: 0
|
2023-03-24 05:15:15 -05:00
|
|
|
|
2023-03-23 08:19:58 -05:00
|
|
|
- name: Create the scan properties file
|
|
|
|
run: |
|
|
|
|
cat <<EOF > sonar-project.properties
|
|
|
|
sonar.projectKey=${{ vars.SONARQUBE_PROJECT_KEY }}
|
|
|
|
sonar.projectName=pgAdmin 4
|
|
|
|
sonar.projectVersion=%VERSION%
|
|
|
|
|
|
|
|
# Ignore templates and SQL scripts as they confuse the scanner
|
|
|
|
sonar.exclusions=**/templates/**/*, **/*.sql
|
|
|
|
|
|
|
|
# Let SonarQube know where tests can be found
|
|
|
|
sonar.test.inclusions=**/tests/**, web/regression
|
|
|
|
|
|
|
|
# Python compatibility
|
|
|
|
sonar.python.version=3.7, 3.8, 3.9, 3.10, 3.11
|
|
|
|
EOF
|
|
|
|
|
|
|
|
APP_RELEASE=`grep "^APP_RELEASE" web/config.py | cut -d"=" -f2 | sed 's/ //g'`
|
|
|
|
APP_REVISION=`grep "^APP_REVISION" web/config.py | cut -d"=" -f2 | sed 's/ //g'`
|
|
|
|
APP_LONG_VERSION=${APP_RELEASE}.${APP_REVISION}
|
|
|
|
sed -i "s/%VERSION%/${APP_LONG_VERSION}/g" sonar-project.properties
|
2023-03-24 05:15:15 -05:00
|
|
|
|
2023-03-23 08:19:58 -05:00
|
|
|
- name: SonarQube Scan
|
|
|
|
uses: sonarsource/sonarqube-scan-action@master
|
|
|
|
env:
|
|
|
|
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|