-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* Per #2537, add SonarQube workflow for METplus * Per #2537, update nightly build email list. * Per #2537, fix cut/paste error configure_sonarqube.sh * Per #2537, exclude test code from code coverage statistics.
- Loading branch information
1 parent
26deaa9
commit 63b4845
Showing
8 changed files
with
194 additions
and
45 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
#!/bin/bash | ||
|
||
# Constants | ||
SONAR_PROPERTIES_DIR=internal/scripts/sonarqube | ||
SONAR_PROPERTIES=sonar-project.properties | ||
|
||
# Check that this is being run from the top-level METplus directory | ||
if [ ! -e $SONAR_PROPERTIES_DIR/$SONAR_PROPERTIES ]; then | ||
echo "ERROR: ${0} -> must be run from the top-level METplus directory" | ||
exit 1 | ||
fi | ||
|
||
# Check required environment variables | ||
if [ -z ${SOURCE_BRANCH+x} ]; then | ||
echo "ERROR: ${0} -> \$SOURCE_BRANCH not defined!" | ||
exit 1 | ||
fi | ||
if [ -z ${WD_REFERENCE_BRANCH+x} ]; then | ||
echo "ERROR: ${0} -> \$WD_REFERENCE_BRANCH not defined!" | ||
exit 1 | ||
fi | ||
if [ -z ${SONAR_HOST_URL+x} ]; then | ||
echo "ERROR: ${0} -> \$SONAR_HOST_URL not defined!" | ||
exit 1 | ||
fi | ||
if [ -z ${SONAR_TOKEN+x} ]; then | ||
echo "ERROR: ${0} -> \$SONAR_TOKEN not defined!" | ||
exit 1 | ||
fi | ||
|
||
# Define the version string | ||
SONAR_PROJECT_VERSION=$(cat metplus/VERSION) | ||
|
||
# | ||
# Define the $SONAR_REFERENCE_BRANCH as the | ||
# - Target of any requests | ||
# - Manual setting for workflow dispatch | ||
# - Source branch for any pushes (e.g. develop) | ||
# | ||
if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then | ||
export SONAR_REFERENCE_BRANCH=$GITHUB_BASE_REF | ||
elif [ "$GITHUB_EVENT_NAME" == "workflow_dispatch" ]; then | ||
export SONAR_REFERENCE_BRANCH=$WD_REFERENCE_BRANCH | ||
else | ||
export SONAR_REFERENCE_BRANCH=$SOURCE_BRANCH | ||
fi | ||
|
||
# Configure the sonar-project.properties | ||
[ -e $SONAR_PROPERTIES ] && rm $SONAR_PROPERTIES | ||
sed -e "s|SONAR_PROJECT_KEY|METplus-GHA|" \ | ||
-e "s|SONAR_PROJECT_NAME|METplus GHA|" \ | ||
-e "s|SONAR_PROJECT_VERSION|$SONAR_PROJECT_VERSION|" \ | ||
-e "s|SONAR_HOST_URL|$SONAR_HOST_URL|" \ | ||
-e "s|SONAR_TOKEN|$SONAR_TOKEN|" \ | ||
-e "s|SONAR_BRANCH_NAME|$SOURCE_BRANCH|" \ | ||
$SONAR_PROPERTIES_DIR/$SONAR_PROPERTIES > $SONAR_PROPERTIES | ||
|
||
# Define new code when the source and reference branches differ | ||
if [ "$SOURCE_BRANCH" != "$SONAR_REFERENCE_BRANCH" ]; then | ||
echo "sonar.newCode.referenceBranch=${SONAR_REFERENCE_BRANCH}" >> $SONAR_PROPERTIES | ||
fi | ||
|
||
echo "Contents of the $SONAR_PROPERTIES file:" | ||
cat $SONAR_PROPERTIES | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
name: SonarQube Scan | ||
|
||
# Run SonarQube for Pull Requests and changes to the develop and main_vX.Y branches | ||
|
||
on: | ||
|
||
# Trigger analysis for pushes to develop and main_vX.Y branches | ||
push: | ||
branches: | ||
- develop | ||
- 'main_v**' | ||
paths-ignore: | ||
- 'docs/**' | ||
- '.github/pull_request_template.md' | ||
- '.github/ISSUE_TEMPLATE/**' | ||
- '.github/labels/**' | ||
- 'build_components/**' | ||
- 'manage_externals/**' | ||
- '**/README.md' | ||
- '**/LICENSE.md' | ||
|
||
# Trigger analysis for pull requests to develop and main_vX.Y branches | ||
pull_request: | ||
types: [opened, synchronize, reopened] | ||
branches: | ||
- develop | ||
- 'main_v**' | ||
paths-ignore: | ||
- 'docs/**' | ||
- '.github/pull_request_template.md' | ||
- '.github/ISSUE_TEMPLATE/**' | ||
- '.github/labels/**' | ||
- 'build_components/**' | ||
- 'manage_externals/**' | ||
- '**/README.md' | ||
- '**/LICENSE.md' | ||
|
||
workflow_dispatch: | ||
inputs: | ||
reference_branch: | ||
description: 'Reference Branch' | ||
default: develop | ||
type: string | ||
|
||
jobs: | ||
sonarqube: | ||
name: SonarQube Scan | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
|
||
- uses: actions/checkout@v4 | ||
with: | ||
# Disable shallow clones for better analysis | ||
fetch-depth: 0 | ||
|
||
- name: Get branch name | ||
id: get_branch_name | ||
run: echo branch_name=${GITHUB_REF#refs/heads/} >> $GITHUB_OUTPUT | ||
|
||
- name: Configure SonarQube | ||
run: .github/jobs/configure_sonarqube.sh | ||
env: | ||
SOURCE_BRANCH: ${{ steps.get_branch_name.outputs.branch_name }} | ||
WD_REFERENCE_BRANCH: ${{ github.event.inputs.reference_branch }} | ||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
|
||
- name: SonarQube Scan | ||
uses: sonarsource/sonarqube-scan-action@master | ||
env: | ||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
|
||
- name: SonarQube Quality Gate check | ||
id: sonarqube-quality-gate-check | ||
uses: sonarsource/sonarqube-quality-gate-action@master | ||
# Force to fail step after specific time. | ||
timeout-minutes: 5 | ||
env: | ||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |
File renamed without changes.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,12 @@ | ||
sonar.projectKey=org.sonarqube:METplus_NB | ||
sonar.projectName=METplus Nightly Build | ||
sonar.projectVersion=1.0 | ||
|
||
# Project and source code settings | ||
sonar.projectKey=SONAR_PROJECT_KEY | ||
sonar.projectName=SONAR_PROJECT_NAME | ||
sonar.projectVersion=SONAR_PROJECT_VERSION | ||
sonar.branch.name=SONAR_BRANCH_NAME | ||
sonar.sources=docs,internal,manage_externals,metplus,parm,produtil,ush | ||
|
||
# The build-wrapper output dir | ||
|
||
# Encoding of the source files | ||
sonar.coverage.exclusions=internal/tests/** | ||
sonar.sourceEncoding=UTF-8 | ||
|
||
#----- Default SonarQube server | ||
#sonar.host.url=http://localhost:9000 | ||
sonar.host.url=http://mandan:9000 | ||
|
||
sonar.login=met | ||
sonar.password=met@sonar.ucar | ||
# SonarQube server | ||
sonar.host.url=SONAR_HOST_URL | ||
sonar.token=SONAR_TOKEN |