Skip to content

Commit cc253f5

Browse files
victor-makovsky-covergovictor-makovsky-covergo
authored
BE-774 Implement SonarCloud analysis for non-dotnet repos (#43)
1 parent 7ef27be commit cc253f5

File tree

6 files changed

+68
-15
lines changed

6 files changed

+68
-15
lines changed

.gflows/gflowspkg.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
"libs/job_integration_tests_legacy.lib.yml",
1919
"libs/job_publish_nuget.lib.yml",
2020
"libs/job_scan_code_net.lib.yml",
21+
"libs/job_scan_code.lib.yml",
2122
"libs/job_build_nuget.lib.yml",
2223
"libs/job_unit_test.lib.yml",
2324
"libs/job_version.lib.yml",

.gflows/libs/job_scan_code.lib.yml

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
---
2+
#@ def generate_scan_code_job(section):
3+
name: #@ section["name"]
4+
runs-on: ubuntu-latest
5+
timeout-minutes: 10
6+
steps:
7+
- uses: actions/checkout@v3
8+
with:
9+
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
10+
- name: downcase GITHUB_REPOSITORY_OWNER
11+
run: |
12+
echo "GITHUB_REPOSITORY_OWNER_DOWNCASE=${GITHUB_REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
13+
- name: SonarCloud Scan
14+
uses: SonarSource/sonarcloud-github-action@master
15+
with:
16+
args: >
17+
-Dsonar.organization=${{ env.GITHUB_REPOSITORY_OWNER_DOWNCASE }}
18+
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
19+
env:
20+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
21+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
22+
#@ end
23+
---

.gflows/workflow-configuration/build-publish/settings.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# Example build-publish settings file
2+
13
#@data/values
24
---
35

@@ -267,6 +269,9 @@ scan_code_net:
267269
project_name: Auth Service
268270
coverage_artifact_pooling_timeout_sec: '1200'
269271

272+
scan_code:
273+
name: Sonar scan
274+
270275
deploy_tenants:
271276
runner: self-hosted
272277
repository:

.gflows/workflows/build-publish/build-publish.template.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
#@ load("job_docker_publish_alicloud.lib.yml", "docker_publish_alicloud_job")
1212
#@ load("job_publish_nuget.lib.yml", "generate_nuget_publish_job")
1313
#@ load("job_scan_code_net.lib.yml", "generate_scan_code_net_job")
14+
#@ load("job_scan_code.lib.yml", "generate_scan_code_job")
1415
#@ load("job_build_nuget.lib.yml", "generate_nuget_build_job")
1516
#@ load("job_integration_tests_legacy.lib.yml", "generate_integration_test_legacy_small")
1617
#@ load("job_integration_tests_legacy.lib.yml", "generate_integration_test_legacy_big")
@@ -29,7 +30,11 @@
2930
#@ jobs = {"version": generate_version_job(data.values)}
3031

3132
#@ if hasattr(data.values,"scan_code_net"):
32-
#@ jobs["scan-code"] = generate_scan_code_net_job(data.values.scan_code_net, data.values)
33+
#@ jobs["scan-code-net"] = generate_scan_code_net_job(data.values.scan_code_net, data.values)
34+
#@ end
35+
36+
#@ if hasattr(data.values,"scan_code"):
37+
#@ jobs["scan-code"] = generate_scan_code_job(data.values.scan_code)
3338
#@ end
3439

3540
#@ if hasattr(data.values,"nuget"):

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
# Overview
22

33
Build-publish workflow template generates a GithubCI workflow which converts a repository source code into published Docker images.
4-
The template is designed for .Net backend microservice repositories.
4+
The template is mostly intended for .Net backend microservice repositories, however it can also be used for non-.Net services to implement some common logic like image versioning and code scanning.
55
Template produces hi-quality, production-ready workflow taking care of common aspect like unit, integration and acceptance testing,
66
nuget publishing, build cache, versioning, docker images tagging, test result collection and so on.
77
Template is designed for mid-size organisations to generate a workflow with gflows cli local tools using a configuration file.

github-sample/workflows/build-publish.yml

Lines changed: 32 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
- name: Checkout GitHub Action Repos
3131
uses: daspn/private-actions-checkout@v2
3232
with:
33-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
33+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
3434
checkout_base_path: ./.github/actions
3535
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
3636
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -54,7 +54,7 @@ jobs:
5454
if [[ ${{ steps.version.outputs.app_version }} =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
5555
echo ::set-output name=is_production::true
5656
fi
57-
scan-code:
57+
scan-code-net:
5858
name: Sonar scan
5959
timeout-minutes: 20
6060
runs-on: ubuntu-latest
@@ -81,6 +81,25 @@ jobs:
8181
coverage-artifact-pooling-timeout-sec: "1200"
8282
env:
8383
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
84+
scan-code:
85+
name: Sonar scan
86+
runs-on: ubuntu-latest
87+
timeout-minutes: 10
88+
steps:
89+
- uses: actions/checkout@v3
90+
with:
91+
fetch-depth: 0
92+
- name: downcase GITHUB_REPOSITORY_OWNER
93+
run: |
94+
echo "GITHUB_REPOSITORY_OWNER_DOWNCASE=${GITHUB_REPOSITORY_OWNER,,}" >>${GITHUB_ENV}
95+
- name: SonarCloud Scan
96+
uses: SonarSource/sonarcloud-github-action@master
97+
with:
98+
args: |
99+
-Dsonar.organization=${{ env.GITHUB_REPOSITORY_OWNER_DOWNCASE }} -Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
100+
env:
101+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
102+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
84103
nuget-build-auth-nuget:
85104
name: Build Auth client nuget
86105
timeout-minutes: 20
@@ -113,7 +132,7 @@ jobs:
113132
build-args: |-
114133
COMMIT_SHA=${{ github.sha }}
115134
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
116-
BUILD_DATETIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
135+
BUILD_DATETIME=${{ steps.meta.outputs.json && fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
117136
APP_VERSION=${{ needs.version.outputs.app_version }}
118137
FILE_VERSION=${{ needs.version.outputs.file_version }}
119138
INFORMATIONAL_VERSION=${{ needs.version.outputs.information_version }}
@@ -125,7 +144,7 @@ jobs:
125144
- name: Checkout GitHub Action Repos
126145
uses: daspn/private-actions-checkout@v2
127146
with:
128-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
147+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
129148
checkout_base_path: ./.github/actions
130149
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
131150
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -187,7 +206,7 @@ jobs:
187206
build-args: |-
188207
COMMIT_SHA=${{ github.sha }}
189208
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
190-
BUILD_DATETIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
209+
BUILD_DATETIME=${{ steps.meta.outputs.json && fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
191210
APP_VERSION=${{ needs.version.outputs.app_version }}
192211
FILE_VERSION=${{ needs.version.outputs.file_version }}
193212
INFORMATIONAL_VERSION=${{ needs.version.outputs.information_version }}
@@ -199,7 +218,7 @@ jobs:
199218
- name: Checkout GitHub Action Repos
200219
uses: daspn/private-actions-checkout@v2
201220
with:
202-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
221+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
203222
checkout_base_path: ./.github/actions
204223
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
205224
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -274,7 +293,7 @@ jobs:
274293
NOW="$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
275294
COMMIT_SHA=${{ github.sha }}
276295
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
277-
BUILD_DATETIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
296+
BUILD_DATETIME=${{ steps.meta.outputs.json && fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
278297
APP_VERSION=${{ needs.version.outputs.app_version }}
279298
FILE_VERSION=${{ needs.version.outputs.file_version }}
280299
INFORMATIONAL_VERSION=${{ needs.version.outputs.information_version }}
@@ -325,7 +344,7 @@ jobs:
325344
build-args: |-
326345
COMMIT_SHA=${{ github.sha }}
327346
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
328-
BUILD_DATETIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
347+
BUILD_DATETIME=${{ steps.meta.outputs.json && fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
329348
APP_VERSION=${{ needs.version.outputs.app_version }}
330349
FILE_VERSION=${{ needs.version.outputs.file_version }}
331350
INFORMATIONAL_VERSION=${{ needs.version.outputs.information_version }}
@@ -394,7 +413,7 @@ jobs:
394413
- name: Checkout GitHub Action Repos
395414
uses: daspn/private-actions-checkout@v2
396415
with:
397-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
416+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
398417
checkout_base_path: ./.github/actions
399418
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
400419
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -470,7 +489,7 @@ jobs:
470489
- name: Checkout GitHub Action Repos
471490
uses: daspn/private-actions-checkout@v2
472491
with:
473-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
492+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
474493
checkout_base_path: ./.github/actions
475494
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
476495
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -594,7 +613,7 @@ jobs:
594613
- name: Checkout GitHub Action Repos
595614
uses: daspn/private-actions-checkout@v2
596615
with:
597-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
616+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
598617
checkout_base_path: ./.github/actions
599618
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
600619
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -731,7 +750,7 @@ jobs:
731750
- name: Checkout GitHub Action Repos
732751
uses: daspn/private-actions-checkout@v2
733752
with:
734-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
753+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
735754
checkout_base_path: ./.github/actions
736755
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
737756
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}
@@ -1063,7 +1082,7 @@ jobs:
10631082
- name: Checkout GitHub Action Repos
10641083
uses: daspn/private-actions-checkout@v2
10651084
with:
1066-
actions_list: '[ "covergo/get-version@v1.7", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
1085+
actions_list: '[ "covergo/get-version@v1.8", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]", "covergo/[email protected]" ]'
10671086
checkout_base_path: ./.github/actions
10681087
app_id: ${{ secrets.PRIVATE_ACTION_APP_ID }}
10691088
app_private_key: ${{ secrets.PRIVATE_ACTION_APP_PRIVATE_KEY }}

0 commit comments

Comments
 (0)