Skip to content

Edit Contentlet: Allow User Write Code - fix SonarQube regex warning #4648

Edit Contentlet: Allow User Write Code - fix SonarQube regex warning

Edit Contentlet: Allow User Write Code - fix SonarQube regex warning #4648

Workflow file for this run

name: Frontend
on:
pull_request:
types: [synchronize, opened, reopened, ready_for_review]
paths:
- 'core-web/**'
push:
paths:
- 'core-web/**'
branches:
- master
- release-*
env:
EXCLUDED_PROJECTS: dot-rules,dot-layout-grid,dot-primeng-theme-styles,dot-rules,dotcms,dotcms-field-elements,dotcms-js,dotcms-models,dotcms-webcomponents,dotcdn-e2e,dotcms-block-editor,dotcms-block-editor-e2e,dotcms-ui-e2e,utils-testing,block-editor,utils,dojo-theme
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_TOKEN: ${{ secrets.CICD_GITHUB_TOKEN }}
PULL_REQUEST_URL: ${{ github.event.pull_request._links.html.href }}
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
HEAD_REF: ${{ github.head_ref }}
jobs:
sonar:
outputs:
message: ${{ steps.persist_results.outputs.message }}
status: ${{ steps.persist_results.outputs.status }}
color: ${{ steps.persist_results.outputs.color }}
sonar_url: ${{ steps.persist_results.outputs.sonar_url }}
runs-on: ubuntu-20.04
name: SonarQube
steps:
- uses: actions/checkout@v3
- uses: sonarsource/sonarqube-scan-action@master
with:
projectBaseDir: core-web
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_DOTCMS_UI }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
- uses: sonarsource/sonarqube-quality-gate-action@master
id: sonarqube-quality-gate-check
with:
scanMetadataReportFile: core-web/.scannerwork/report-task.txt
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_DOTCMS_UI }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
- name: "Set results"
id: "persist_results"
if: always()
run: |
pull_number=$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
final_sonar_url="dashboard?id=core-web&pullRequest=$pull_number"
echo "sonar_url=${final_sonar_url}" >>$GITHUB_OUTPUT
# Check the value of the quality-gate-status output
if [ "${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}" == "PASSED" ]; then
# Output success status, green color, and "All good!" message
echo "status=success" >>$GITHUB_OUTPUT
echo "color=#5E7D00" >>$GITHUB_OUTPUT
echo "message=All good!" >>$GITHUB_OUTPUT
elif [ "${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}" == "FAILED" ]; then
# Output failure status, red color, and "Please check your PR" message
echo "status=failure" >>$GITHUB_OUTPUT
echo "color=#ff2400" >>$GITHUB_OUTPUT
echo "message=Please check your PR" >>$GITHUB_OUTPUT
else
# Output warning status, orange color, and "Maybe you can fix this warning" message
echo "status=warning" >>$GITHUB_OUTPUT
echo "color=#FFC107" >>$GITHUB_OUTPUT
echo "message=Maybe you can fix this warning" >>$GITHUB_OUTPUT
fi
notify-sonar:
runs-on: ubuntu-20.04
name: Notify Slack
needs: sonar
env:
SONAR_BRANCH_REPORT: ${{ needs.sonar.outputs.sonar_url }}
if: always()
steps:
- name: Send Notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.UI_SLACK_WEBHOOK }}
SLACK_USERNAME: dotBot
SLACK_ICON: https://dotnet.libhunt.com/images/promo-ad-images/000/000/022/main.png?1640908816
SLACK_COLOR: ${{ needs.sonar.outputs.color }}
SLACK_TITLE: "SonarQube: ${{ needs.sonar.outputs.status }}"
SLACK_MESSAGE: ${{ needs.sonar.outputs.message }}
SLACK_FOOTER: ${{ env.PULL_REQUEST_URL }} - ${{ secrets.SONAR_HOST_URL }}/${{ env.SONAR_BRANCH_REPORT }}
check-all:
outputs:
name: ${{ steps.lint.outputs.name || steps.test.outputs.name || steps.build.outputs.name }}
status: ${{ steps.lint.outputs.status || steps.test.outputs.status || steps.build.outputs.status }}
color: ${{ steps.lint.outputs.color || steps.test.outputs.color || steps.build.outputs.color }}
message: ${{ steps.persist_results.outputs.message }}
runs-on: ubuntu-20.04
name: Frontend Checks
steps: # what steps it will perform
- uses: actions/checkout@v3 # checkout whatever branch the PR is using
with:
fetch-depth: 0
- uses: actions/setup-node@v3
with:
node-version: 16.14.2
cache: npm
cache-dependency-path: core-web/package-lock.json
- uses: bahmutov/npm-install@v1 # trigger an `npm install`
with:
working-directory: core-web
- name: Lint
id: lint
working-directory: core-web
run: |
if ! (npx nx affected --target=lint --base=origin/master --head=HEAD --parallel --exclude=${{ env.EXCLUDED_PROJECTS }}) then
echo "name=:x: Lint" >>$GITHUB_OUTPUT
echo "status=failure" >>$GITHUB_OUTPUT
echo "color=#ff2400" >>$GITHUB_OUTPUT
exit 1;
fi
- name: Test
id: test
working-directory: core-web
run: |
if ! (npx nx affected --target=test --base=origin/master --head=HEAD --parallel --exclude=${{ env.EXCLUDED_PROJECTS }}) then
echo "name=:x: Test" >>$GITHUB_OUTPUT
echo "status=failure" >>$GITHUB_OUTPUT
echo "color=#ff2400" >>$GITHUB_OUTPUT
exit 1;
fi
- name: Build
id: build
working-directory: core-web
run: |
if ! (npx nx build dotcms-ui) then
echo "name=:x: Build" >>$GITHUB_OUTPUT
echo "status=failure" >>$GITHUB_OUTPUT
echo "color=#ff2400" >>$GITHUB_OUTPUT
exit 1;
fi
notify-check-all:
runs-on: ubuntu-20.04
name: Notify Slack
needs: check-all
if: always()
steps:
- name: Slack Notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.UI_SLACK_WEBHOOK }}
SLACK_USERNAME: dotBot
SLACK_ICON: https://avatars.slack-edge.com/2020-09-21/1362682893351_5b474f175640cf5f5912_72.png
SLACK_COLOR: ${{ needs.check-all.outputs.color && needs.check-all.outputs.color || '#5E7D00' }}
SLACK_TITLE: "${{ needs.check-all.outputs.name && needs.check-all.outputs.name || ':white_check_mark: Frontend Checks' }}: (${{ needs.check-all.outputs.status && needs.check-all.outputs.status || 'Success' }})"
SLACK_MESSAGE: ${{ needs.check-all.outputs.message && needs.check-all.outputs.message || 'Everything went well, ready to merge'}}
SLACK_FOOTER: ${{ env.PULL_REQUEST_URL }}