Skip to content

chore: reorganize internals #220

chore: reorganize internals

chore: reorganize internals #220

Workflow file for this run

on:
push:
branches:
- main
release:
types:
- published
pull_request_target: # This exposes repo secrets to PR, so manual approval via authorize job is enforced via 'external' environment.
workflow_dispatch:
name: sonarcloud
env:
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_NOLOGO: true
dotnet-version: |
8.0.x
6.0.x
5.0.x
3.1.x
2.1.x
jobs:
# Blog https://iterative.ai/blog/testing-external-contributions-using-github-actions-secrets
authorize:
environment:
${{ (github.event_name == 'pull_request_target' &&
github.event.pull_request.head.repo.full_name != github.repository) &&
'external' || 'internal' }}
runs-on: ubuntu-latest
steps:
- run: echo ✓
analysis:
needs: authorize
runs-on: ubuntu-latest
steps:
- uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.dotnet-version }}
- run: dotnet --info
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: "17"
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
fetch-depth: 0
- name: Install Sonar scanner
run: dotnet tool install --global dotnet-sonarscanner
- name: Install Coverlet
run: |
find ./test -type f -name "*Tests.csproj" -exec dotnet add "{}" package coverlet.msbuild \;
- name: Set env
run: |
echo "GITHUB_REPOSITORY_NAME=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "SONAR_PROJECT_KEY=${GITHUB_REPOSITORY_OWNER}_${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
echo "SONAR_ORG_KEY=${GITHUB_REPOSITORY_OWNER}" >> $GITHUB_ENV
- name: SonarCloud PR config
if: github.event_name == 'pull_request_target'
run: |
echo "SONAR_PR_ARGS=\
/d:sonar.pullrequest.key=${{ github.event.pull_request.number }} \
/d:sonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} \
/d:sonar.pullrequest.base=${{ github.event.pull_request.base.ref }} \
/d:sonar.scm.revision=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
- name: Analyze with SonarCloud
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
dotnet sonarscanner begin /k:"$SONAR_PROJECT_KEY" /o:"$SONAR_ORG_KEY" /d:sonar.host.url=https://sonarcloud.io /d:sonar.token="$SONAR_TOKEN" /d:sonar.cs.opencover.reportsPaths="**/*opencover.xml" $SONAR_PR_ARGS
dotnet test -c Release /p:CollectCoverage=true /p:CoverletOutputFormat=opencover /p:ExcludeByFile="test/**/*.cs" /p:VerifyPublicApi=false
dotnet sonarscanner end /d:sonar.token="$SONAR_TOKEN"