diff --git a/.github/workflows/github-actions.yml b/.github/workflows/github-actions.yml index d55ad4dad5b..2b0343f008e 100644 --- a/.github/workflows/github-actions.yml +++ b/.github/workflows/github-actions.yml @@ -68,10 +68,9 @@ jobs: - name: 'Test: run backend tests' run: | chmod +x mvnw - ./mvnw clean verify sonar:sonar + ./mvnw clean verify -Dsonar.qualitygate.wait=true sonar:sonar - name: 'Analysis: local Sonar' run: | - ./tests-ci/wait_sonar_analysis.sh ./tests-ci/sonar.sh - name: 'Analysis: SonarCloud' if: github.repository == 'jhipster/jhipster-lite' && github.ref == 'refs/heads/main' @@ -202,7 +201,7 @@ jobs: working-directory: /tmp/jhlite/${{ matrix.app }}/ run: | if [ -f 'mvnw' ]; then - ./mvnw clean verify sonar:sonar + ./mvnw clean verify -Dsonar.qualitygate.wait=true sonar:sonar elif [ -f 'gradlew' ]; then ./gradlew build --no-daemon else @@ -212,7 +211,6 @@ jobs: - name: 'Test: check local Sonar Analysis' run: | if [ -f '/tmp/jhlite/${{ matrix.app }}/src/main/docker/sonar.yml' ]; then - ${{ github.workspace }}/tests-ci/wait_sonar_analysis.sh ./tests-ci/sonar.sh ${{ matrix.app }} fi - name: 'Test: copy shell scripts' diff --git a/tests-ci/sonar.sh b/tests-ci/sonar.sh index 38952b51d4f..b52e6abc4c1 100755 --- a/tests-ci/sonar.sh +++ b/tests-ci/sonar.sh @@ -6,14 +6,19 @@ if [[ $application == '' ]]; then application='jhlite' fi -sonar=$(curl -sX GET 'http://localhost:9001/api/measures/component?component='"$application"'&metricKeys=bugs%2Ccoverage%2Cvulnerabilities%2Cduplicated_lines_density%2Ccode_smells%2Csecurity_hotspots'); +sonar=$(curl -s 'http://localhost:9001/api/measures/component?component='"$application"'&metricKeys=bugs%2Ccoverage%2Cvulnerabilities%2Cduplicated_lines_density%2Ccode_smells%2Csecurity_hotspots'); -vul=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="vulnerabilities")][0]'|jq -r .value); -cov=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="coverage")][0]'|jq -r .value); -bug=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="bugs")][0]'|jq -r .value); -dup=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="duplicated_lines_density")][0]'|jq -r .value); -csm=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="code_smells")][0]'|jq -r .value); -sec=$(echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="security_hotspots")][0]'|jq -r .value); +measure () +{ + echo "$sonar"|jq -r .component|jq -r .measures|jq '[.[]|select(.metric=="'$1'")][0]'|jq -r .value +} + +vul=$(measure "vulnerabilities") +cov=$(measure "coverage") +bug=$(measure "bugs") +dup=$(measure "duplicated_lines_density") +csm=$(measure "code_smells") +sec=$(measure "security_hotspots") echo "----- Local Sonar Analysis -----" echo " Coverage: $cov" @@ -24,27 +29,37 @@ echo " Code smells: $csm" echo " Security Hotspots: $sec" echo "--------------------------------" +fail () +{ + echo + echo 'List of all errors:' + curl -s 'http://localhost:9001/api/issues/search?componentKeys='"$application"'&resolved=false' | jq '.issues[] | {file: "\(.component)#\(.line)", error: "[\(.rule)] \(.message)"}' + exit 1 +} + if [[ $vul != "0" ]]; then echo "Sonar Analysis failed -> Vulnerabilities" - exit 1; + fail; fi if [[ $bug != "0" ]]; then echo "Sonar Analysis failed -> Bugs" - exit 1; + fail; fi if [[ $dup != "0.0" ]]; then echo "Sonar Analysis failed -> Duplication" - exit 1; + fail; fi if [[ $csm != "0" ]]; then echo "Sonar Analysis failed -> Code smells" - exit 1; + fail; fi if [[ $sec != "0" ]]; then echo "Sonar Analysis failed -> Security Hotspots" - exit 1; + fail; fi + +echo "Sonar Analysis is passed" diff --git a/tests-ci/wait_sonar_analysis.sh b/tests-ci/wait_sonar_analysis.sh deleted file mode 100755 index 41f24a4f0e5..00000000000 --- a/tests-ci/wait_sonar_analysis.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -log() { - echo "*** $(date +'%Y-%m-%d %H:%M:%S')" "$@" -} - -log "Waiting SonarQube analysis" - -retryCount=1 -maxRetry=30 - -docker logs sonar 2>&1 | grep "Publish task results | status=SUCCESS" -status=$? -while [ "$status" -ne 0 ] && [ "$retryCount" -le "$maxRetry" ]; do - log "SonarQube analysis is not finished yet - sleep and retry (""$retryCount""/""$maxRetry"")" - retryCount=$((retryCount+1)) - sleep 5 - docker logs sonar 2>&1 | grep "Publish task results | status=SUCCESS" - status=$? -done - -if [ "$status" -ne 0 ]; then - log "SonarQube analysis is not finished after" "$retryCount" " retries." - return 1 -fi - -log "SonarQube analysis is finished"