-
Notifications
You must be signed in to change notification settings - Fork 14
109 lines (100 loc) · 4.22 KB
/
central_code_quality_check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
# Contact @moabu
# Sonar cloud https://sonarcloud.io/organizations/janssenproject/projects
name: Code quality check
on:
push:
branches:
- main
paths-ignore:
- 'docker-**/CHANGELOG.md'
- 'docker-**/version.txt'
- '**.md'
# TODO: Optimize so that workflow is only triggered for `opened` and `synchronize` actions
pull_request:
branches:
- main
paths-ignore:
- 'docker-**/CHANGELOG.md'
- 'docker-**/version.txt'
- '**.md'
workflow_dispatch:
permissions:
contents: read
jobs:
sonar-scan:
name: sonar scan
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
module: [admin-ui, flex-linux-setup]
env:
NON_JVM_PROJECTS: |
admin-ui
flex-linux-setup
steps:
- name: check out code
uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of sonarqube analysis
- name: find changed directories
run: |
if [ $GITHUB_BASE_REF ]; then
# Pull Request
echo "Triggerring event: pull request"
echo Pull request base ref: $GITHUB_BASE_REF
git fetch origin $GITHUB_BASE_REF --depth=1
if [ ${{ github.event.action }} = "opened" ]; then
echo "Triggerring action: opened"
echo "CHANGED_DIR=$( git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV}
fi
if [ ${{ github.event.action }} = "synchronize" ]; then
echo "Triggerring action: synchronize"
echo "CHANGED_DIR=$( git diff --name-only ${{ github.event.before }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >>${GITHUB_ENV}
fi
else
# Push
echo "Triggerring event: push"
git fetch origin ${{ github.event.before }} --depth=1
echo "CHANGED_DIR=$( git diff --name-only ${{ github.event.before }} $GITHUB_SHA | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV}
fi
- name: check env
run: |
echo changed dir list: ${{ env.CHANGED_DIR }}
echo Matrix module: ${{ matrix.module }}
echo GH event action: ${{ github.event.action }}
echo PR base sha: ${{ github.event.pull_request.base.sha }}
echo PR head sha: ${{ github.event.pull_request.head.sha }}
echo event before: ${{ github.event.before }}
echo GH sha: $GITHUB_SHA
- name: Set up JDK 11
if: contains(env.CHANGED_DIR, matrix.module) && contains(env.JVM_PROJECTS, matrix.module)
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'adopt'
- name: Cache SonarCloud packages for JVM based project
if: contains(env.CHANGED_DIR, matrix.module) && contains(env.JVM_PROJECTS, matrix.module)
uses: actions/cache@v3
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Convert repo org name to lowercase for non JVM projects
if: contains(env.CHANGED_DIR, matrix.module) && contains(env.NON_JVM_PROJECTS, matrix.module)
env:
REPO_OWNER: ${{ github.repository_owner }}
run: |
echo "REPO_ORG=${REPO_OWNER,,}" >>${GITHUB_ENV}
- name: SonarCloud Scan for non-JVM project
if: contains(env.CHANGED_DIR, matrix.module) && contains(env.NON_JVM_PROJECTS, matrix.module)
uses: SonarSource/sonarcloud-github-action@master
with:
args: >
-Dsonar.organization=${{ env.REPO_ORG }}
-Dsonar.projectKey=${{ github.repository_owner }}_${{ matrix.module }}
projectBaseDir: ${{ matrix.module }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}