Audit #1318
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: SonarQube Scan | |
on: | |
pull_request: | |
jobs: | |
wait_for_workflows: | |
name: Wait for workflows | |
runs-on: ubuntu-latest | |
if: always() | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} | |
- name: Wait for Workflows | |
id: wait | |
uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@main | |
with: | |
max-timeout: "1200" | |
polling-interval: "30" | |
exclude-workflow-names: "Amarna Analysis,Changesets,Integration Contracts (Vendor, Examples),Integration Tests Publish,Integration Tests - Smoke,Integration Tests - Soak,Build and push on-chain monitor image to ECR,Contracts,Lint" | |
exclude-workflow-ids: "" | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
env: | |
DEBUG: "true" | |
sonarqube: | |
name: SonarQube Scan | |
needs: [ wait_for_workflows ] | |
runs-on: ubuntu-latest | |
if: always() | |
steps: | |
- name: Checkout the repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports | |
- name: Download Golangci unit tests reports | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 | |
with: | |
workflow: relayer.yml | |
workflow_conclusion: "" | |
name_is_regexp: true | |
name: go-unit-tests-results | |
if_no_artifact_found: warn | |
- name: Download Golangci Relayer report | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 | |
with: | |
workflow: golangci-lint.yml | |
workflow_conclusion: "" | |
name_is_regexp: true | |
name: golangci-lint-relayer-report | |
if_no_artifact_found: warn | |
- name: Download Golangcio Ops report | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 | |
with: | |
workflow: golangci-lint.yml | |
workflow_conclusion: "" | |
name_is_regexp: true | |
name: golangci-lint-ops-report | |
if_no_artifact_found: warn | |
- name: Download Golangci-lint Integration tests report | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 | |
with: | |
workflow: golangci-lint.yml | |
workflow_conclusion: "" | |
name_is_regexp: true | |
name: golangci-lint-integration-tests-report | |
if_no_artifact_found: warn | |
- name: Download gauntlet eslint reports | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 | |
with: | |
workflow: integration_gauntlet.yml | |
workflow_conclusion: "" | |
name_is_regexp: true | |
name: gauntlet-eslint-report | |
if_no_artifact_found: warn | |
- name: Set SonarQube Report Paths | |
id: sonarqube_report_paths | |
shell: bash | |
run: | | |
{ | |
echo "sonarqube_tests_report_paths=$(find . -type f -name output.txt | paste -sd "," -)" | |
echo "sonarqube_coverage_report_paths=$(find . -type f -name '*coverage.txt' | paste -sd "," -)" | |
echo "sonarqube_golangci_report_paths=$(find . -type f -name 'golangci-*-report.xml' -printf "%p,")" | |
echo "sonarqube_eslint_report_paths=$(find -type f -name 'eslint-report.json' -printf "%p")" >> $GITHUB_OUTPUT | |
} >> "$GITHUB_OUTPUT" | |
- name: Update ESLint report symlinks | |
continue-on-error: true | |
run: sed -i 's+/home/runner/work/feeds-manager/feeds-manager/+/github/workspace/+g' ${{ steps.sonarqube_report_paths.outputs.sonarqube_eslint_report_paths }} | |
- name: SonarQube Scan | |
uses: sonarsource/sonarqube-scan-action@86fe81775628f1c6349c28baab87881a2170f495 # v2.1.0 | |
with: | |
args: > | |
-Dsonar.go.tests.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_tests_report_paths }} | |
-Dsonar.go.coverage.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_coverage_report_paths }} | |
-Dsonar.go.golangci-lint.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_golangci_report_paths }} | |
-Dsonar.eslint.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_eslint_report_paths }} | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} |