SonarCloud CI-based analysis

No-Issue
ansible · Oct 9, 2024 · 4c14ef4 · 4c14ef4
1 parent 5730a61
commit 4c14ef4
Show file tree

Hide file tree

Showing 4 changed files with 95 additions and 14 deletions.
diff --git a/.github/workflows/ci_full.yml b/.github/workflows/ci_full.yml
@@ -1,6 +1,10 @@
 ---
 name: galaxy_ng/ci
-on: {pull_request: {branches: ['**']}, push: {branches: ['**']}}
+on:
+ pull_request:
+ branches: ['**']
+ push:
+ branches: ['**']
 
 jobs:
 
@@ -73,18 +77,29 @@ jobs:
  - name: run the unit test playbook
  run: cd dev/playbooks; ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook -i 'localhost,' --forks=1 -v run_unit_tests.yaml
 
+ - name: copy coverage report
+ run: |
+ docker cp pulp:/tmp/galaxy_ng-test-results.xml coverage.xml
+
+ - name: upload coverage as artifact
+ uses: actions/upload-artifact@v4
+ with:
+ name: coverage
+ path: coverage.xml
+
+ - name: SonarCloud Scan
+ uses: SonarSource/sonarcloud-github-action@master
+ if: github.event_name == 'push' && github.repository == 'ansible/galaxy_ng'
+ env:
+ SONAR_TOKEN: ${{ secrets.CICD_ORG_SONAR_TOKEN_CICD_BOT }}
+
  - name: upload jUnit XML test results
  if: github.event_name == 'push' && github.repository == 'ansible/galaxy_ng' && github.ref_name == 'master'
  continue-on-error: true
- run: >-
- docker exec pulp /bin/bash -c 'curl -v --user "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_USER }}:${{ secrets.PDE_ORG_RESULTS_UPLOAD_PASSWORD }}"
- --form "xunit_xml=@/tmp/galaxy_ng-test-results.xml"
- --form "component_name=hub"
- --form "git_commit_sha=${{ github.sha }}"
- --form "git_repository_url=https://github.com/${{ github.repository }}"
- "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_URL }}/api/results/upload/"'
-
-
- # FIXME: do we really care about these anymore ... ?
- #- name: run the functional test playbook
- # run: cd dev/playbooks; ANSIBLE_STDOUT_CALLBACK=yaml ansible-playbook -i 'localhost,' --forks=1 -v run_functional_tests.yaml
+ run: |
+ curl -v --user "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_USER }}:${{ secrets.PDE_ORG_RESULTS_UPLOAD_PASSWORD }}" \
+ --form "[email protected]" \
+ --form "component_name=hub" \
+ --form "git_commit_sha=${{ github.sha }}" \
+ --form "git_repository_url=https://github.com/${{ github.repository }}" \
+ "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_URL }}/api/results/upload/"
diff --git a/.github/workflows/sonar-pr.yaml b/.github/workflows/sonar-pr.yaml
@@ -0,0 +1,61 @@
+# With much help from:
+# https://community.sonarsource.com/t/how-to-use-sonarcloud-with-a-forked-repository-on-github/7363/30
+# https://community.sonarsource.com/t/how-to-use-sonarcloud-with-a-forked-repository-on-github/7363/32
+name: SonarCloud
+on:
+ workflow_run:
+ workflows:
+ - galaxy_ng/ci
+ types:
+ - completed
+jobs:
+ sonar:
+ name: Upload to SonarCloud
+ runs-on: ubuntu-latest
+ if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
+ steps:
+ - uses: actions/checkout@v4
+ with:
+ show-progress: false
+
+ - uses: actions/download-artifact@v4
+ with:
+ name: coverage
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ run-id: ${{ github.event.workflow_run.id }}
+
+ - name: Extract PR number from coverage.xml
+ run: |
+ echo "PR_NUMBER=$(grep -m 1 '<!-- PR' coverage.xml | awk '{print $3}')" >> $GITHUB_ENV
+
+ - name: Get PR info
+ uses: octokit/[email protected]
+ id: pr_info
+ with:
+ route: GET /repos/{repo}/pulls/{number}
+ repo: ${{ github.event.repository.full_name }}
+ number: ${{ env.PR_NUMBER }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Set PR info into env
+ run: |
+ echo "PR_BASE=${{ fromJson(steps.pr_info.outputs.data).base.ref }}" >> $GITHUB_ENV
+ echo "PR_HEAD=${{ fromJson(steps.pr_info.outputs.data).head.ref }}" >> $GITHUB_ENV
+
+ - name: Add base branch
+ run: |
+ gh pr checkout ${{ env.PR_NUMBER }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: SonarCloud Scan
+ uses: SonarSource/sonarcloud-github-action@master
+ env:
+ SONAR_TOKEN: ${{ secrets.CICD_ORG_SONAR_TOKEN_CICD_BOT }}
+ with:
+ args: >
+ -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
+ -Dsonar.pullrequest.key=${{ env.PR_NUMBER }}
+ -Dsonar.pullrequest.branch=${{ env.PR_HEAD }}
+ -Dsonar.pullrequest.base=${{ env.PR_BASE }}
diff --git a/MANIFEST.in b/MANIFEST.in
@@ -23,6 +23,6 @@ include galaxy_ng/tests/integration/utils/gpg/collection_sign.sh
 include galaxy_ng/tests/integration/utils/gpg/qe-sign-priv.gpg
 include galaxy-operator/bin/readyz.py
 exclude .coveragerc
-exclude .sonarcloud.properties
+exclude sonar-project.properties
 exclude aap_compose_dev.yaml
 prune .tekton
diff --git a/.sonarcloud.properties → sonar-project.properties b/.sonarcloud.properties → sonar-project.properties
@@ -1,3 +1,6 @@
+sonar.projectKey = ansible_galaxy_ng
+sonar.organization = ansible
+
 sonar.sources = galaxy_ng
 sonar.exclusions = \
  galaxy_ng/tests/**, \
@@ -6,3 +9,5 @@ sonar.exclusions = \
 sonar.tests = galaxy_ng/tests
 
 sonar.python.version = 3.11
+
+sonar.python.coverage.reportPaths = coverage.xml