From f36799920a5ce76ce6d935beb4aa4f02cc52deda Mon Sep 17 00:00:00 2001 From: Vincent Le Quec Date: Fri, 21 Jun 2024 13:42:38 +0200 Subject: [PATCH 1/2] ci: Add SonarQube --- .github/workflows/sonarqube.yml | 33 +++++++++++++++++++++++++++++++++ .gitignore | 1 - sonar-project.properties | 19 +++++++++++++++++++ 3 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/sonarqube.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml new file mode 100644 index 0000000..c0c24a5 --- /dev/null +++ b/.github/workflows/sonarqube.yml @@ -0,0 +1,33 @@ +--- +name: SonarQube + +on: + push: + branches: + - main + +jobs: + sonarqube: + name: SonarQube + runs-on: ubuntu-latest + steps: + - name: Checkout the repository + uses: actions/checkout@v4 + with: + # Disabling shallow clones is recommended for improving the relevancy of reporting + fetch-depth: 0 + + # SonarQube scan + - name: Auth GCP 🔒 + uses: PrestaShopCorp/prestashop-github-action-gcp-auth@v1 + with: + auth-mode: 'json-file' + credentials-json: ${{ secrets.SONARQUBE_SECRET_KEY }} + gke-cluster-name: ${{ secrets.CLUSTER_NAME_INTEGRATION }} + setup-gcloud: false + registry-login: false + + - name: Launch quality test ✅ + uses: PrestaShopCorp/prestashop-github-action-sonarqube@v1 + with: + sonar-token: ${{ secrets.SONAR_TOKEN }} diff --git a/.gitignore b/.gitignore index 9306faa..9f019e3 100755 --- a/.gitignore +++ b/.gitignore @@ -30,4 +30,3 @@ allure-report # Sonar .scannerwork -sonar-project.properties diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..6a19e61 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,19 @@ +# Mandatory +sonar.projectName=PS Tech Vendor Boilerplate +sonar.projectKey=ps_tech_vendor_boilerplate + +sonar.qualitygate.wait=true +sonar.sourceEncoding=UTF-8 + +# SCM -> Git +sonar.scm.provider=git +## respects the .gitignore file. +sonar.scm.exclusions.disabled=false + + +# Define the same root directory for sources and tests +sonar.sources=config,sql,tools,translations,upgrade,views +sonar.tests=tests + +# Exclude test subdirectories & more from source scope +sonar.exclusions=**/vendor/** From 82fd8cbd89be027d8e5b74128ff1071ad9bd4354 Mon Sep 17 00:00:00 2001 From: Vincent Le Quec Date: Thu, 27 Jun 2024 10:10:12 +0200 Subject: [PATCH 2/2] ci: Rollback --- .github/workflows/sonarqube.yml | 33 --------------------------------- .gitignore | 1 + sonar-project.properties | 3 +++ 3 files changed, 4 insertions(+), 33 deletions(-) delete mode 100644 .github/workflows/sonarqube.yml diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml deleted file mode 100644 index c0c24a5..0000000 --- a/.github/workflows/sonarqube.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -name: SonarQube - -on: - push: - branches: - - main - -jobs: - sonarqube: - name: SonarQube - runs-on: ubuntu-latest - steps: - - name: Checkout the repository - uses: actions/checkout@v4 - with: - # Disabling shallow clones is recommended for improving the relevancy of reporting - fetch-depth: 0 - - # SonarQube scan - - name: Auth GCP 🔒 - uses: PrestaShopCorp/prestashop-github-action-gcp-auth@v1 - with: - auth-mode: 'json-file' - credentials-json: ${{ secrets.SONARQUBE_SECRET_KEY }} - gke-cluster-name: ${{ secrets.CLUSTER_NAME_INTEGRATION }} - setup-gcloud: false - registry-login: false - - - name: Launch quality test ✅ - uses: PrestaShopCorp/prestashop-github-action-sonarqube@v1 - with: - sonar-token: ${{ secrets.SONAR_TOKEN }} diff --git a/.gitignore b/.gitignore index 9f019e3..9306faa 100755 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,4 @@ allure-report # Sonar .scannerwork +sonar-project.properties diff --git a/sonar-project.properties b/sonar-project.properties index 6a19e61..f884a4b 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,6 +1,9 @@ # Mandatory sonar.projectName=PS Tech Vendor Boilerplate sonar.projectKey=ps_tech_vendor_boilerplate +# SonarCloud +#sonar.projectKey=PrestaShopCorp_ps_tech_vendor_boilerplate +#sonar.organization=prestashopcorp sonar.qualitygate.wait=true sonar.sourceEncoding=UTF-8