From 727acf8e74ffb3a62b0f668e22d755526d09f3f9 Mon Sep 17 00:00:00 2001
From: Alex Flom <aflom@redhat.com>
Date: Thu, 9 Nov 2023 08:40:01 -0700
Subject: [PATCH] task(ci): add sonar (#77)

---
 .github/workflows/ci.yml           |  1 -
 .github/workflows/codecov.yml      | 41 +++++++++++++++++++++++++++---
 sonar-project.properties           | 13 ++++++++++
 trestlebot/entrypoints/autosync.py |  2 +-
 4 files changed, 52 insertions(+), 5 deletions(-)
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5cb9afd5..8a7df86c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -67,4 +67,3 @@ jobs:
 
       - name: Run tests
         run: make test
-
diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml
index 2fbed897..400d1485 100644
--- a/.github/workflows/codecov.yml
+++ b/.github/workflows/codecov.yml
@@ -2,9 +2,13 @@
 name: Code Coverage Check
 
 on:
+  push:
+    branches:
+      - main
   pull_request:
-    branches: 
-    - main
+    paths:
+      - '**.py'
+
 
 jobs:
   test:
@@ -26,4 +30,35 @@ jobs:
         with:
           name: coverage
           path: coverage.xml
-        
\ No newline at end of file
+  sonarcloud:
+    if: ${{ github.event.pull_request.base.repo.url == github.event.pull_request.head.repo.url }}
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Get coverage
+        uses: actions/download-artifact@v2
+        with:
+          name: coverage
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@c25d2e7e3def96d0d1781000d3c429da22cd6252
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.python.coverage.reportPaths=coverage.xml
+            -Dsonar.tests=tests/
+            -Dsonar.sources=trestlebot/ 
+            -Dsonar.python.version=3.10
+            -Dsonar.projectKey=rh-psce_trestle-bot
+            -Dsonar.organization=rh-psce
+      - name: SonarQube Quality Gate check
+        uses: sonarsource/sonarqube-quality-gate-action@f9fe214a5be5769c40619de2fff2726c36d2d5eb
+        # Force to fail step after specific time
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
\ No newline at end of file
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 00000000..3fe7f0eb
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,13 @@
+sonar.projectKey=rh-psce_trestle-bot
+sonar.organization=rh-psce
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=trestle-bot
+#sonar.projectVersion=1.0
+
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8
\ No newline at end of file
diff --git a/trestlebot/entrypoints/autosync.py b/trestlebot/entrypoints/autosync.py
index 85651735..b89c7bb1 100644
--- a/trestlebot/entrypoints/autosync.py
+++ b/trestlebot/entrypoints/autosync.py
@@ -80,7 +80,7 @@ def setup_autosync_arguments(self) -> None:
             "--skip-regenerate",
             required=False,
             action="store_true",
-            help="Skip regenerate task. Defaults to false.",
+            help="Skip regenerate task. Defaults to false",
         )
         self.parser.add_argument(
             "--ssp-index-path",