Separate SonarCloud step to safely run it on PRs
This commit is contained in:
Lars Strojny
parent
7c7673f1c2
commit
1d3452cdb0
2 changed files with 70 additions and 19 deletions
36
.github/workflows/build.yml
vendored
36
.github/workflows/build.yml
vendored
|
|
@ -10,23 +10,21 @@ jobs:
|
||||||
fail-fast: false
|
fail-fast: false
|
||||||
matrix:
|
matrix:
|
||||||
include:
|
include:
|
||||||
- { node-version: 10.x, lint: false, static-analysis: false, tests: false }
|
- { node-version: 10.x, lint: false, tests: false }
|
||||||
- { node-version: 11.x, lint: false, static-analysis: false, tests: false }
|
- { node-version: 11.x, lint: false, tests: false }
|
||||||
- { node-version: 12.x, lint: false, static-analysis: false, tests: false }
|
- { node-version: 12.x, lint: false, tests: false }
|
||||||
- { node-version: 13.x, lint: false, static-analysis: false, tests: false }
|
- { node-version: 13.x, lint: false, tests: false }
|
||||||
- { node-version: 14.x, lint: true, static-analysis: false, tests: true }
|
- { node-version: 14.x, lint: true, tests: true }
|
||||||
- { node-version: 15.x, lint: false, static-analysis: false, tests: true }
|
- { node-version: 15.x, lint: false, tests: true }
|
||||||
- { node-version: 16.x, lint: true, static-analysis: false, tests: true }
|
- { node-version: 16.x, lint: true, tests: true }
|
||||||
- { node-version: 17.x, lint: true, static-analysis: false, tests: true }
|
- { node-version: 17.x, lint: true, tests: true }
|
||||||
- { node-version: 18.x, lint: true, static-analysis: true, tests: true }
|
- { node-version: 18.x, lint: true, tests: true }
|
||||||
- { node-version: 19.x, lint: true, static-analysis: false, tests: true }
|
- { node-version: 19.x, lint: true, tests: true }
|
||||||
|
|
||||||
name: Node.js ${{ matrix.node-version }}${{ matrix.lint && ', lint' || '' }}${{ matrix.tests && ', test' || '' }}${{ matrix.static-analysis && ', static analysis' || ''}}, build
|
name: nodejs ${{ matrix.node-version }} (${{ matrix.lint && 'lint → ' || '' }}${{ matrix.tests && 'test → ' || '' }}build)
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Use Node.js ${{ matrix.node-version }}
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
uses: actions/setup-node@v3
|
uses: actions/setup-node@v3
|
||||||
|
|
@ -81,12 +79,12 @@ jobs:
|
||||||
run: npm test
|
run: npm test
|
||||||
if: ${{ matrix.tests }}
|
if: ${{ matrix.tests }}
|
||||||
|
|
||||||
- name: SonarCloud scan
|
- name: Upload code coverage
|
||||||
uses: SonarSource/sonarcloud-github-action@master
|
uses: actions/upload-artifact@v3
|
||||||
env:
|
with:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
name: code-coverage
|
||||||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
path: coverage/lcov.info
|
||||||
if: ${{ matrix.static-analysis }}
|
if: ${{ matrix.node-version == '18.x' }}
|
||||||
|
|
||||||
- name: Build the project
|
- name: Build the project
|
||||||
run: npm run build
|
run: npm run build
|
||||||
|
|
|
||||||
53
.github/workflows/sonar.yml
vendored
Normal file
53
.github/workflows/sonar.yml
vendored
Normal file
|
|
@ -0,0 +1,53 @@
|
||||||
|
on:
|
||||||
|
workflow_run:
|
||||||
|
workflows: [Build]
|
||||||
|
types: [completed]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
sonar:
|
||||||
|
name: Sonar
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
if: github.event.workflow_run.conclusion == 'success'
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
with:
|
||||||
|
repository: ${{ github.event.workflow_run.head_repository.full_name }}
|
||||||
|
ref: ${{ github.event.workflow_run.head_branch }}
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: 'Download code coverage'
|
||||||
|
uses: actions/github-script@v6
|
||||||
|
with:
|
||||||
|
script: |
|
||||||
|
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
|
||||||
|
owner: context.repo.owner,
|
||||||
|
repo: context.repo.repo,
|
||||||
|
run_id: context.payload.workflow_run.id,
|
||||||
|
});
|
||||||
|
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
|
||||||
|
return artifact.name == "code-coverage"
|
||||||
|
})[0];
|
||||||
|
let download = await github.rest.actions.downloadArtifact({
|
||||||
|
owner: context.repo.owner,
|
||||||
|
repo: context.repo.repo,
|
||||||
|
artifact_id: matchArtifact.id,
|
||||||
|
archive_format: 'zip',
|
||||||
|
});
|
||||||
|
let fs = require('fs');
|
||||||
|
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/code-coverage.zip`, Buffer.from(download.data));
|
||||||
|
|
||||||
|
- name: 'Unzip code coverage'
|
||||||
|
run: unzip code-coverage.zip -d coverage
|
||||||
|
|
||||||
|
- name: SonarCloud scan
|
||||||
|
uses: sonarsource/sonarcloud-github-action@master
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
||||||
|
with:
|
||||||
|
args: >
|
||||||
|
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
|
||||||
|
-Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }}
|
||||||
|
-Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }}
|
||||||
|
-Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }}
|
||||||
Loading…
Reference in a new issue