ci: fail PR on quality gate error, add scan on push to main

phwt · Sep 13, 2023 · 75d1ca9 · 75d1ca9
1 parent f73b36d
commit 75d1ca9
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 18 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,48 @@
+name: Check code quality
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  SONAR_HOST_URL: https://sonarcloud.io
+  SONAR_PROJECT_KEY: sonarqube-quality-gate-action
+
+jobs:
+  sonar-scan:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=phwt
+            -Dsonar.projectKey=sonarqube-quality-gate-action
+            -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info
+
+      - name: Wait for the quality gate result
+        run: sleep 5
+
+      - name: Verify the quality gate result
+        uses: ./
+        id: quality-gate-check
+        with:
+          sonar-host-url: ${{ env.SONAR_HOST_URL }}
+          sonar-project-key: ${{ env.SONAR_PROJECT_KEY }}
+          sonar-token: ${{ secrets.SONAR_TOKEN }}
+          disable-pr-comment: true
+          fail-on-quality-gate-error: true
+
+      - run: |
+          echo "${{ steps.quality-gate-check.outputs.project-status }}"
+          echo "${{ steps.quality-gate-check.outputs.quality-gate-result }}"
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -10,7 +10,7 @@ env:
 
 jobs:
   sonar-scan:
-    name: SonarCloud
+    name: Check code quality on pull request branch
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -29,7 +29,7 @@ jobs:
             -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info
             -Dsonar.branch.name=${{ github.event.pull_request.head.ref }}
 
-      - name: Wait quality gate result
+      - name: Wait for the quality gate result
         run: sleep 5
 
       - name: Create a comment with the result
@@ -41,34 +41,21 @@ jobs:
           sonar-token: ${{ secrets.SONAR_TOKEN }}
           github-token: ${{ secrets.GITHUB_TOKEN }}
           branch: ${{ github.event.pull_request.head.ref }}
+          fail-on-quality-gate-error: true
 
       - run: |
           echo "${{ steps.quality-gate-check.outputs.project-status }}"
           echo "${{ steps.quality-gate-check.outputs.quality-gate-result }}"
 
   sonar-scan-main:
-    name: SonarCloud (Main)
+    name: Retrieve quality gate result of the main branch
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 0
 
-      - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        with:
-          args: >
-            -Dsonar.organization=phwt
-            -Dsonar.projectKey=sonarqube-quality-gate-action
-            -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info
-
-      - name: Wait quality gate result
-        run: sleep 5
-
-      - name: Create a comment with the result
+      - name: Retrieve quality gate result
         uses: ./
         id: quality-gate-check
         with: