From b52a53583864d8688e8635b92109c779a6a1feff Mon Sep 17 00:00:00 2001 From: Shamiul Mowla Date: Fri, 18 Oct 2024 13:07:55 -0400 Subject: [PATCH] Integrate sonarqube. --- .github/workflows/build.yml | 29 +++++++++++++++++++++++++++++ sonar-project.properties | 20 +------------------- 2 files changed, 30 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..e3bbefd02 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,29 @@ +name: Build + +on: + push: + branches: + - main + pull_request: + types: [opened, synchronize, reopened] + +jobs: + build: + name: Build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - uses: sonarsource/sonarqube-scan-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + # If you wish to fail your job when the Quality Gate is red, uncomment the + # following lines. This would typically be used to fail a deployment. + # We do not recommend to use this in a pull request. Prefer using pull request + # decoration instead. + # - uses: sonarsource/sonarqube-quality-gate-action@master + # timeout-minutes: 5 + # env: + # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file diff --git a/sonar-project.properties b/sonar-project.properties index 54fb33ad3..475d75aed 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,19 +1 @@ -#----- Default SonarQube server -sonar.host.url=https://sonarcloud.io -# must be unique in a given SonarQube instance -sonar.projectKey=adobe_alloy -sonar.organization=adobeinc -# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1. -sonar.projectName=alloy -sonar.projectVersion=1.0 - - -# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. -# This property is optional if sonar.modules is set. -sonar.sources=src - -#excluding a borrowed code -sonar.exclusions=src/utils/crc32.js - -# Encoding of the source code. Default is default system encoding -#sonar.sourceEncoding=UTF-8 +sonar.projectKey=Alloy \ No newline at end of file