-
Notifications
You must be signed in to change notification settings - Fork 126
119 lines (113 loc) · 4.25 KB
/
sonarcloud.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
name: SonarCloud
on:
push:
branches: [ dev ]
pull_request:
branches: [ dev ]
env:
SONAR_SCANNER_VERSION: 4.7.0.2747
REGION: eu-west-1
jobs:
aws_creds:
name: Get ECR Access
runs-on: [ self-hosted, corefront, sandbox ]
outputs:
token: ${{ steps.ecr_token.outputs.token }}
steps:
- id: ecr_token
name: Get ECR Token
run: |
echo token=$(aws ecr get-login-password --region $REGION) >> $GITHUB_OUTPUT
static_analysis:
runs-on: [self-hosted, corefront, sandbox]
needs: aws_creds
container:
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-debian11_dev:latest
credentials:
username: AWS
password: ${{ needs.aws_creds.outputs.token }}
volumes:
- /usr/share/dotnet:/usr/share/dotnet
# Mount /dotnet so we can delete files from docker and free up space (>20GB)
services:
rabbitmq:
image: rabbitmq:3-alpine
ports:
- 5672:5672
redis:
image: redis:6-alpine
ports:
- 6379:6379
steps:
- name: force chown to avoid errors
run: chown -R $USER:$USER .
- name: Free up space
run: rm -rf /usr/share/dotnet/*
- name: Display remaining space
run: df -h
- name: Generate github private access token
id: ci-core-app-token
uses: getsentry/[email protected]
with:
app_id: ${{ secrets.CI_CORE_APP_ID }}
private_key: ${{ secrets.CI_CORE_APP_PEM }}
- uses: actions/checkout@v3
with:
submodules: recursive
token: ${{ steps.ci-core-app-token.outputs.token }}
- name: Install Gcov and SonarCloud's dependencies for C++ analysis
run : |
rm -rf "$AGENT_TOOLSDIRECTORY"
apt update -y
pip install gcovr
apt install -y unzip wget
wget https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
unzip -u build-wrapper-linux-x86.zip
unzip -u sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
- name: Cache Sonar
id: cache-sonar
uses: actions/cache@v3
with:
path: sonar_cache
key: sonar-cache-${{ github.event.head_commit.id }}
restore-keys: |
sonar-cache-
- name: Configure
run: cmake -DCMAKE_BUILD_TYPE=Profile -DSTRIP_SYMBOLS=ON source
- name: Build
run: build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir build-wrapper-output-dir make -j $(nproc)
- name: Tests python3
run: |
virtualenv -p python3.9 navitia_py3
. navitia_py3/bin/activate
pip install -r source/jormungandr/requirements_dev.txt
export JORMUNGANDR_BROKER_URL='amqp://guest:guest@rabbitmq:5672//'
export KRAKEN_RABBITMQ_HOST='rabbitmq'
ctest --output-on-failure
deactivate
- name: docker_test python3
run: |
. navitia_py3/bin/activate
pip install -r source/jormungandr/requirements_dev.txt
pip install -r source/tyr/requirements_dev.txt
pip install -r source/sql/requirements.txt
export NAVITIA_CHAOS_DUMP_PATH=$(echo $GITHUB_WORKSPACE/source/tests/chaos/chaos_loading.sql.gz | sed -e 's#__w#/opt/actions-runner/_work#')
echo $NAVITIA_CHAOS_DUMP_PATH
make docker_test
deactivate
env:
NAVITIA_DOCKER_NETWORK: ${{ job.container.network }}
TYR_CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672//'
TYR_REDIS_HOST: 'redis'
- name: Coverage
run: gcovr -k -r . -f source -e source/third_party --sonarqube cov.xml
- name: SonarCloud Scan
# We only want 1 scan as it would bloat sonarcube otherwise
# And only on an internal merge (to dev/master) as SonarCloud's token uses Secrets that not available from a fork :( (eg. https://docs.github.com/en/actions/reference/encrypted-secrets#using-encrypted-secrets-in-a-workflow)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner-$SONAR_SCANNER_VERSION-linux/bin/sonar-scanner \
-Dsonar.login=$SONAR_TOKEN \
-Dsonar.cfamily.threads=$(nproc)