Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create sonarcloud.yml #365

Merged
merged 4 commits into from
Nov 12, 2024
+61 βˆ’0
Merged

Create sonarcloud.yml #365

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a6875e3
Create sonarcloud.yml
guibranco Nov 12, 2024
c396b1a
Update sonarcloud.yml
guibranco Nov 12, 2024
97f5fc6
Merge branch 'main' into guibranco-patch-8
gstraccini[bot] Nov 12, 2024
cf9b98c
Merge branch 'main' into guibranco-patch-8
gstraccini[bot] Nov 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 64 additions & 0 deletions .github/workflows/sonarcloud.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
name: SonarCloud Analysis

on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]

jobs:
SonarCloudAnalysis:
name: SonarCloud Analysis
runs-on: ubuntu-latest

steps:
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 21

- uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Docker compose up
run: docker compose up -d && sleep 10

- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar

- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner

- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
run: dotnet tool update dotnet-sonarscanner --tool-path ~/.sonar/cache/
Comment on lines +26 to +43
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix conflicting cache paths.

Both cache steps are using the same path (~/.sonar/cache), which will cause conflicts. The scanner should use a different path.

  - name: Cache SonarCloud scanner
    id: cache-sonar-scanner
    uses: actions/cache@v4
    with:
-     path: ~/.sonar/cache
+     path: ./.sonar/scanner
      key: ${{ runner.os }}-sonar-scanner
      restore-keys: ${{ runner.os }}-sonar-scanner

  - name: Install SonarCloud scanner
    if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
-   run: dotnet tool update dotnet-sonarscanner --tool-path ~/.sonar/cache/
+   run: dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner/
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner
- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
run: dotnet tool update dotnet-sonarscanner --tool-path ~/.sonar/cache/
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache SonarCloud scanner
id: cache-sonar-scanner
uses: actions/cache@v4
with:
path: ./.sonar/scanner
key: ${{ runner.os }}-sonar-scanner
restore-keys: ${{ runner.os }}-sonar-scanner
- name: Install SonarCloud scanner
if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
run: dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner/
🧰 Tools
πŸͺ› yamllint

[error] 32-32: trailing spaces

(trailing-spaces)

[error] 40-40: trailing spaces

(trailing-spaces)


- name: Set SonarCloud variables
shell: bash
run: |
KEY="${{ github.repository_owner }}_${{ github.event.repository.name }}"
ORG="${{ github.repository_owner }}"
echo "KEY=${KEY}" >> "${GITHUB_ENV}" # Keep the variable KEY as it
echo "ORG=${ORG@L}" >> "${GITHUB_ENV}" # Lowercase the ORG variable
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
~/.sonar/cache/dotnet-sonarscanner begin /k:"${{ env.KEY }}" /o:"${{ env.ORG }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.scanner.scanAll=false /d:sonar.cs.opencover.reportsPaths="Tests/**/coverage.net8.0.opencover.xml"
dotnet build -c Release --verbosity minimal
dotnet test -c Release --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="opencover"
~/.sonar/cache/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
Comment on lines +58 to +61
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ› οΈ Refactor suggestion

Add explicit restore step and make coverage path more flexible.

The current configuration has several potential improvements:

  1. Add an explicit dotnet restore step
  2. Make the coverage path pattern more flexible to support multiple .NET versions
-         ~/.sonar/cache/dotnet-sonarscanner begin /k:"${{ env.KEY }}" /o:"${{ env.ORG }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.scanner.scanAll=false /d:sonar.cs.opencover.reportsPaths="Tests/**/coverage.net8.0.opencover.xml"
+         ~/.sonar/cache/dotnet-sonarscanner begin /k:"${{ env.KEY }}" /o:"${{ env.ORG }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.scanner.scanAll=false /d:sonar.cs.opencover.reportsPaths="Tests/**/coverage.*.opencover.xml"
+         dotnet restore
          dotnet build -c Release --verbosity minimal
          dotnet test -c Release --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="opencover"
          ~/.sonar/cache/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
~/.sonar/cache/dotnet-sonarscanner begin /k:"${{ env.KEY }}" /o:"${{ env.ORG }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.scanner.scanAll=false /d:sonar.cs.opencover.reportsPaths="Tests/**/coverage.net8.0.opencover.xml"
dotnet build -c Release --verbosity minimal
dotnet test -c Release --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="opencover"
~/.sonar/cache/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
~/.sonar/cache/dotnet-sonarscanner begin /k:"${{ env.KEY }}" /o:"${{ env.ORG }}" /d:sonar.token="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.scanner.scanAll=false /d:sonar.cs.opencover.reportsPaths="Tests/**/coverage.*.opencover.xml"
dotnet restore
dotnet build -c Release --verbosity minimal
dotnet test -c Release --verbosity minimal --no-build --no-restore /p:CollectCoverage=true /p:CoverletOutputFormat="opencover"
~/.sonar/cache/dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"

Loading