-
Notifications
You must be signed in to change notification settings - Fork 3
93 lines (84 loc) · 3.74 KB
/
sonarscan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
name: SonarScan
env:
NPMRC: ${{ secrets.NPMRC }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MAVEN_OPTS: "-Xmx10000m"
NODE_OPTIONS: "--max-old-space-size=4096"
on:
push:
branches: [ main, feature/* ]
pull_request_target:
branches: [ main, feature/* ]
types: [opened, synchronize, reopened]
jobs:
sonarcloud:
name: SonarCloud Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: 'recursive'
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: 21
distribution: 'temurin'
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'yarn'
cache-dependency-path: './client/wfprev-war/src/main/angular/yarn.lock'
- name: Install dependencies and Angular CLI
working-directory: ./client/wfprev-war/src/main/angular
run: |
yarn install
yarn global add @angular/cli
- name: Run client tests with coverage
working-directory: ./client/wfprev-war/src/main/angular
run: $(yarn global bin)/ng test --no-watch --code-coverage
- name: Build, Test, and Analyze
run: |
mvn clean --settings server/wfprev-api/mvn_settings/settings.xml -B \
org.jacoco:jacoco-maven-plugin:prepare-agent verify \
org.jacoco:jacoco-maven-plugin:report \
-Pcoverage \
-Drepo.login=${{ secrets.IDIR_AS_EMAIL }} \
-Drepo.password=${{ secrets.IDIR_PASSWORD }} \
-DWFPREV_CLIENT_ID=${{ vars.WFPREV_CLIENT_ID }} \
-DWFPREV_CLIENT_SECRET=${{ secrets.WFPREV_CLIENT_SECRET }} \
-DWEBADE_OAUTH2_CHECK_TOKEN_URL=${{ vars.WEBADE_OAUTH2_CHECK_TOKEN_URL }} \
-DWEBADE_OAUTH2_CHECK_AUTHORIZE_URL=${{ vars.WEBADE_OAUTH2_CHECK_TOKEN_URL }} \
-DWFPREV_DATASOURCE_URL=${{ vars.WFPREV_DATASOURCE_URL }} \
-DWFPREV_DATASOURCE_USERNAME=${{ secrets.WFPREV_USERNAME }} \
-DWFPREV_DATASOURCE_PASSWORD=${{ secrets.DB_PASS }}
- name: SonarCloud Scan Action
uses: SonarSource/sonarcloud-github-action@master
- name: Check SonarCloud Quality Gate
id: sonarcloud_quality_gate
run: |
status=$(curl -s -u ${{ secrets.SONAR_TOKEN }}: "https://sonarcloud.io/api/qualitygates/project_status?projectKey=bcgov_nr-bcws-wfprev" | jq -r '.projectStatus.status')
echo "SonarCloud Quality Gate status: $status"
if [ "$status" != "OK" ]; then
echo "quality_gate_failed=true" >> $GITHUB_OUTPUT
else
echo "quality_gate_failed=false" >> $GITHUB_OUTPUT
fi
- name: Notify Slack on Failure
if: failure() || steps.sonarcloud_quality_gate.outputs.quality_gate_failed == 'true'
uses: ravsamhq/[email protected]
with:
status: 'failure'
notification_title: "SonarScan - Failed on ${{github.ref_name}} - <${{ vars.SONARCLOUD_NEW_CODE_URL }}|View SonarCloud Failure>"
message_format: ":fire: *SonarScan* failed in <${{github.server_url}}/${{github.repository}}/${{github.ref_name}}|${{github.repository}}>"
footer: "Linked Repo <${{github.server_url}}/${{github.repository}}|${{github.repository}}> | <${{github.server_url}}/${{github.repository}}/actions/runs/${{github.run_id}}|View Failure>"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}