Skip to content

Merge pull request #502 from nandhu-kumar/develop #181

Merge pull request #502 from nandhu-kumar/develop

Merge pull request #502 from nandhu-kumar/develop #181

Workflow file for this run

name: SonarQube checks
on:
push:
branches:
- develop
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Setup branch and env
run: |
# Strip git ref prefix from version
echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
- name: Setup branch and GPG public key
run: |
# Strip git ref prefix from version
echo ${{ env.BRANCH_NAME }}
echo ${{ env.GPG_TTY }}
sudo apt-get --yes install gnupg2
gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg
gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg
- name: Cache SonarQube packages
uses: actions/cache@v1
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@v1
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
run: mvn -Dgpg.skip -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=mimoto
- name: Install jq
run: sudo apt-get -y install jq
- name: Check for critical bugs
run: |
# Fetch SonarQube issues using the API
SONAR_HOST_URL=https://sonarcloud.io
SONAR_PROJECT_KEY=mosip_mimoto
# Fetch issues using the SonarQube API
response=$(curl -s "${SONAR_HOST_URL}/api/issues/search?componentKeys=${SONAR_PROJECT_KEY}&severities=CRITICAL&statuses=OPEN")
echo "The response is $response"
# Extract the value of "issues" field
issues_count=$(echo "$response" | jq '.issues | length')
echo "The number of issues $issues_count"
if [ "$issues_count" -eq 0 ]; then
echo "No critical issues found."
else
echo "Critical issues found. Failing the pipeline"
exit 1
fi