chore: enable all latest static analysis #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: SonarCloud analysis | |
on: | |
push: | |
branches: | |
- main | |
pull_request_target: # This exposes repo secrets to PR, so manual approval via authorize job is enforced via 'external' environment. | |
workflow_dispatch: | |
jobs: | |
# Blog https://iterative.ai/blog/testing-external-contributions-using-github-actions-secrets | |
authorize: | |
environment: | |
${{ (github.event_name == 'pull_request_target' && | |
github.event.pull_request.head.repo.full_name != github.repository) && | |
'external' || 'internal' }} | |
runs-on: ubuntu-latest | |
steps: | |
- run: echo ✓ | |
analysis: | |
needs: authorize | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
fetch-depth: 0 | |
- uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: | | |
6.0.x | |
3.1.x | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- uses: actions/setup-java@v3 | |
with: | |
distribution: "temurin" | |
java-version: "17" | |
- name: dotnet info | |
run: dotnet --info | |
# https://github.com/actions/runner-images/blob/ubuntu22/20230821.1/images/linux/Ubuntu2204-Readme.md | |
# There is an issue with latest SDK on Linux with .NET Framework: | |
# https://github.com/microsoft/vstest/issues/4549 | |
# Unfortunatey, it becomes preinstalled with latest GitHub runner images, so have to remove it for now. | |
- name: Remove latest .NET SDK (7.0.400) | |
run: sudo rm -rf ${DOTNET_ROOT}/sdk/7.0.400 | |
- name: Install Sonar scanner | |
run: dotnet tool install --global dotnet-sonarscanner | |
- name: Install Coverlet | |
run: | | |
find ./test -type f -name "*Tests.csproj" -exec dotnet add "{}" package coverlet.msbuild \; | |
- name: Set env | |
run: | | |
echo "GITHUB_REPOSITORY_NAME=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV | |
echo "SONAR_PROJECT_KEY=${GITHUB_REPOSITORY_OWNER}_${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV | |
echo "SONAR_ORG_KEY=${GITHUB_REPOSITORY_OWNER}" >> $GITHUB_ENV | |
- name: SonarCloud PR config | |
if: github.event_name == 'pull_request_target' | |
run: | | |
echo "SONAR_PR_ARGS=\ | |
/d:sonar.pullrequest.key=${{ github.event.pull_request.number }} \ | |
/d:sonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} \ | |
/d:sonar.pullrequest.base=${{ github.event.pull_request.base.ref }} \ | |
/d:sonar.scm.revision=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV | |
- name: Analyze with SonarCloud | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
run: | | |
dotnet sonarscanner begin /k:"$SONAR_PROJECT_KEY" /o:"$SONAR_ORG_KEY" /d:sonar.host.url=https://sonarcloud.io /d:sonar.token="$SONAR_TOKEN" /d:sonar.cs.opencover.reportsPaths="**/*opencover.xml" $SONAR_PR_ARGS | |
dotnet test -c Release /p:CollectCoverage=true /p:CoverletOutputFormat=opencover /p:ExcludeByFile="test/**/*.cs" | |
dotnet sonarscanner end /d:sonar.token="$SONAR_TOKEN" |