Sonarcloud kiterunner

[matusso]

PR Type

enhancement, documentation

---

Description

• Added SonarCloud scanning capabilities for the Kiterunner project, including new workflow configurations and environment variables.
• Enhanced the README with better formatting and additional information about SonarCloud integration.
• Updated Dockerfile for Kiterunner to use build arguments instead of hardcoded values, improving flexibility.
• Corrected and clarified repository names and step descriptions in various workflow files.

---

Changes walkthrough 📝

	Relevant files
Enhancement	kiterunner.yml Add SonarCloud scanning and environment variables for Kiterunner .github/workflows/kiterunner.yml Added sonarcloud-kiterunner branch to trigger actions. Introduced environment variables RELEASE_VERSION and KR_DIR. Added a new job for SonarCloud scanning. Modified Docker build command to use new environment variables. +54/-7    mvt-project_sonarcloud.yml Update repository and step names for clarity                          .github/workflows/mvt-project_sonarcloud.yml Corrected repository name in checkout step. Updated step names for clarity. +4/-4      routersploit.yml Update branch and PR triggers for workflows                            .github/workflows/routersploit.yml Added sonarcloud-kiterunner branch to trigger actions. Updated pull request types to trigger actions. +2/-2      routersploit_sonarcloud.yml Update branch and PR triggers for SonarCloud workflow        .github/workflows/routersploit_sonarcloud.yml Added sonarcloud-kiterunner branch to trigger actions. Updated pull request types to trigger actions. +1/-0      Dockerfile Use build arguments for Kiterunner Dockerfile                        files/kiterunner/Dockerfile Replaced hardcoded environment variables with build arguments. Updated repository clone command to use RELEASE_VERSION. +7/-5
Documentation	README.md Enhance README with SonarCloud information and formatting README.md Improved formatting and indentation. Added SonarCloud badges for various tools. Introduced a section on SonarCloud scanning. +76/-62

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[qodo-merge-pro-for-open-source]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Error Handling SonarCloud scan is set to continue-on-error which might hide critical issues. Consider handling errors more explicitly. Build Argument Validation Build arguments KR_DIR and RELEASE_VERSION are used without validation. Missing default values could cause build failures. Version Management Hardcoded version number in environment variables could lead to maintenance issues. Consider using dynamic version management.

[qodo-merge-pro-for-open-source]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Score
Possible issue	Fix incorrect command splitting in Dockerfile RUN instruction that would cause build failure The RUN command is incorrectly split across multiple lines, causing the apk update and installation to fail. Merge the commands into a single RUN instruction. files/kiterunner/Dockerfile [11-15] -RUN KR_DIR="$KR_DIR" apk update && apk add --no-cache \ +RUN apk update && apk add --no-cache \ bash \ build-base \ git \ - go \ + go Apply this suggestion Suggestion importance[1-10]: 8 Why: The incorrect command splitting with KR_DIR prefix would cause the Docker build to fail. This is a critical fix for the build process functionality.	8
	Add default values for build arguments to prevent build failures when arguments are not provided The build arguments should have default values to ensure the build doesn't fail if they're not provided. Add default values that match the previous hardcoded values. files/kiterunner/Dockerfile [4-5] -ARG KR_DIR=${KR_DIR} \ - RELEASE_VERSION=${RELEASE_VERSION} +ARG KR_DIR="/usr/local/kiterunner" \ + RELEASE_VERSION="v1.0.2" Apply this suggestion Suggestion importance[1-10]: 7 Why: Missing default values for build arguments could cause build failures when arguments aren't provided. This improves build reliability and maintainability.	7
	Add missing required configuration parameter for external service integration The SonarCloud scan is missing a required SONAR_HOST_URL parameter, which could cause the scan to fail. Add the parameter to the sonarcloud-kiterunner job. .github/workflows/kiterunner.yml [113-117] - name: SonarCloud Scan uses: sonarsource/sonarqube-scan-action@v4 continue-on-error: true env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: https://sonarcloud.io Apply this suggestion Suggestion importance[1-10]: 6 Why: Adding SONAR_HOST_URL parameter improves the robustness of the SonarCloud integration, though the scan might work without it as it's implicitly set for sonarcloud.io.	6

💡 Need additional feedback ? start a PR chat