Update .gitea/workflows/qualitytest.yml
This commit is contained in:
@@ -11,8 +11,6 @@ on:
|
||||
required: true
|
||||
SONAR_TOKEN:
|
||||
required: true
|
||||
GITEA_TOKEN:
|
||||
required: true
|
||||
|
||||
jobs:
|
||||
sonarqube:
|
||||
@@ -23,81 +21,15 @@ jobs:
|
||||
options: --user root
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# ✅ Install jq (required for parsing)
|
||||
- name: Install jq
|
||||
- name: Run SonarQube Scan (with Quality Gate)
|
||||
run: |
|
||||
apt-get update
|
||||
apt-get install -y jq
|
||||
|
||||
# ✅ Run scan
|
||||
- name: Run SonarQube Scan
|
||||
run: |
|
||||
REPO_NAME=${{ inputs.project_key }}
|
||||
|
||||
sonar-scanner \
|
||||
-Dsonar.projectKey=$REPO_NAME \
|
||||
-Dsonar.projectName=$REPO_NAME \
|
||||
-Dsonar.projectKey=${{ inputs.project_key }} \
|
||||
-Dsonar.projectName=${{ inputs.project_key }} \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
|
||||
-Dsonar.token=${{ secrets.SONAR_TOKEN }} \
|
||||
-Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
|
||||
-Dsonar.qualitygate.wait=false
|
||||
|
||||
# ✅ Wait properly (poll instead of sleep)
|
||||
- name: Wait for Sonar processing
|
||||
if: gitea.event.pull_request != null
|
||||
run: |
|
||||
for i in {1..12}; do
|
||||
RESPONSE=$(curl -s -u ${{ secrets.SONAR_TOKEN }}: \
|
||||
"${{ secrets.SONAR_HOST_URL }}/api/qualitygates/project_status?projectKey=${{ inputs.project_key }}")
|
||||
|
||||
STATUS=$(echo "$RESPONSE" | jq -r '.projectStatus.status // empty')
|
||||
|
||||
if [ ! -z "$STATUS" ] && [ "$STATUS" != "null" ]; then
|
||||
echo "Sonar ready: $STATUS"
|
||||
echo "STATUS=$STATUS" >> $GITHUB_ENV
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "Waiting for Sonar... ($i)"
|
||||
sleep 5
|
||||
done
|
||||
|
||||
echo "STATUS=ERROR" >> $GITHUB_ENV
|
||||
|
||||
# ✅ Get summary safely
|
||||
- name: Get Sonar Summary
|
||||
if: gitea.event.pull_request != null
|
||||
run: |
|
||||
RESPONSE=$(curl -s -u ${{ secrets.SONAR_TOKEN }}: \
|
||||
"${{ secrets.SONAR_HOST_URL }}/api/measures/component?component=${{ inputs.project_key }}&metricKeys=bugs,vulnerabilities,code_smells")
|
||||
|
||||
echo "DEBUG SUMMARY RESPONSE:"
|
||||
echo "$RESPONSE"
|
||||
|
||||
BUGS=$(echo "$RESPONSE" | jq -r '.component.measures[] | select(.metric=="bugs") | .value // "0"')
|
||||
VULN=$(echo "$RESPONSE" | jq -r '.component.measures[] | select(.metric=="vulnerabilities") | .value // "0"')
|
||||
SMELLS=$(echo "$RESPONSE" | jq -r '.component.measures[] | select(.metric=="code_smells") | .value // "0"')
|
||||
|
||||
echo "BUGS=$BUGS" >> $GITHUB_ENV
|
||||
echo "VULN=$VULN" >> $GITHUB_ENV
|
||||
echo "SMELLS=$SMELLS" >> $GITHUB_ENV
|
||||
|
||||
# ✅ Comment on PR
|
||||
- name: Comment on PR
|
||||
if: gitea.event.pull_request != null
|
||||
run: |
|
||||
if [ "$STATUS" = "OK" ]; then
|
||||
MESSAGE="✅ SonarQube PASSED\n\n🐞 Bugs: $BUGS\n🔐 Vulnerabilities: $VULN\n🧹 Code Smells: $SMELLS"
|
||||
else
|
||||
MESSAGE="❌ SonarQube FAILED\n\n🐞 Bugs: $BUGS\n🔐 Vulnerabilities: $VULN\n🧹 Code Smells: $SMELLS"
|
||||
fi
|
||||
|
||||
curl -X POST \
|
||||
-H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "{\"body\": \"$MESSAGE\"}" \
|
||||
${{ gitea.api_url }}/repos/${{ gitea.repository }}/issues/${{ gitea.event.pull_request.number }}/comments
|
||||
-Dsonar.qualitygate.wait=true
|
||||
Reference in New Issue
Block a user