Merge pull request #6647 from hdurix/improve-sonar

Improve Sonar analysis
jhipster · Jun 23, 2023 · 7c1c139 · 7c1c139
2 parents 2b30edd + 5b6b7ff
commit 7c1c139
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 43 deletions.
diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml
@@ -68,10 +68,9 @@ jobs:
       - name: 'Test: run backend tests'
         run: |
           chmod +x mvnw
-          ./mvnw clean verify sonar:sonar
+          ./mvnw clean verify -Dsonar.qualitygate.wait=true sonar:sonar
       - name: 'Analysis: local Sonar'
         run: |
-          ./tests-ci/wait_sonar_analysis.sh
           ./tests-ci/sonar.sh
       - name: 'Analysis: SonarCloud'
         if: github.repository == 'jhipster/jhipster-lite' && github.ref == 'refs/heads/main'
@@ -202,7 +201,7 @@ jobs:
         working-directory: /tmp/jhlite/${{ matrix.app }}/
         run: |
           if [ -f 'mvnw' ]; then
-            ./mvnw clean verify sonar:sonar
+            ./mvnw clean verify -Dsonar.qualitygate.wait=true sonar:sonar
           elif [ -f 'gradlew' ]; then
             ./gradlew build --no-daemon
           else
@@ -212,7 +211,6 @@ jobs:
       - name: 'Test: check local Sonar Analysis'
         run: |
           if [ -f '/tmp/jhlite/${{ matrix.app }}/src/main/docker/sonar.yml' ]; then
-            ${{ github.workspace }}/tests-ci/wait_sonar_analysis.sh
             ./tests-ci/sonar.sh ${{ matrix.app }}
           fi
       - name: 'Test: copy shell scripts'

diff --git a/tests-ci/sonar.sh b/tests-ci/sonar.sh
@@ -6,14 +6,19 @@ if [[ $application == '' ]]; then
   application='jhlite'
 fi
 
-sonar=$(curl -sX GET 'http://localhost:9001/api/measures/component?component='"$application"'&metricKeys=bugs%2Ccoverage%2Cvulnerabilities%2Cduplicated_lines_density%2Ccode_smells%2Csecurity_hotspots');
+sonar=$(curl -s 'http://localhost:9001/api/measures/component?component='"$application"'&metricKeys=bugs%2Ccoverage%2Cvulnerabilities%2Cduplicated_lines_density%2Ccode_smells%2Csecurity_hotspots');
 
-vul=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="vulnerabilities")][0]'|jq -r .value);
-cov=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="coverage")][0]'|jq -r .value);
-bug=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="bugs")][0]'|jq -r .value);
-dup=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="duplicated_lines_density")][0]'|jq -r .value);
-csm=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="code_smells")][0]'|jq -r .value);
-sec=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="security_hotspots")][0]'|jq -r .value);
+measure ()
+{
+  echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="'$1'")][0]'|jq -r .value
+}
+
+vul=$(measure "vulnerabilities")
+cov=$(measure "coverage")
+bug=$(measure "bugs")
+dup=$(measure "duplicated_lines_density")
+csm=$(measure "code_smells")
+sec=$(measure "security_hotspots")
 
 echo "----- Local Sonar Analysis -----"
 echo "  Coverage:          $cov"
@@ -24,27 +29,37 @@ echo "  Code smells:       $csm"
 echo "  Security Hotspots: $sec"
 echo "--------------------------------"
 
+fail ()
+{
+  echo
+  echo 'List of all errors:'
+  curl -s 'http://localhost:9001/api/issues/search?componentKeys='"$application"'&resolved=false' | jq '.issues[] | {file: "\(.component)#\(.line)", error: "[\(.rule)] \(.message)"}'
+  exit 1
+}
+
 if [[ $vul != "0" ]]; then
   echo "Sonar Analysis failed -> Vulnerabilities"
-  exit 1;
+  fail;
 fi
 
 if [[ $bug != "0" ]]; then
   echo "Sonar Analysis failed -> Bugs"
-  exit 1;
+  fail;
 fi
 
 if [[ $dup != "0.0" ]]; then
   echo "Sonar Analysis failed -> Duplication"
-  exit 1;
+  fail;
 fi
 
 if [[ $csm != "0" ]]; then
   echo "Sonar Analysis failed -> Code smells"
-  exit 1;
+  fail;
 fi
 
 if [[ $sec != "0" ]]; then
   echo "Sonar Analysis failed -> Security Hotspots"
-  exit 1;
+  fail;
 fi
+
+echo "Sonar Analysis is passed"
diff --git a/tests-ci/wait_sonar_analysis.sh b/tests-ci/wait_sonar_analysis.sh