From 16bbd9848a2286b0d670553493126225172c8c37 Mon Sep 17 00:00:00 2001 From: Ivan Pomykacz <110462293+pomykaczi@users.noreply.github.com> Date: Thu, 21 Mar 2024 14:13:33 +0100 Subject: [PATCH] feat: Sonarcloud (#24) * feat: added sonarcloud scan * feat: added mask to include test files --- .gitattributes | 2 + .github/workflows/sonarcloud-report.yml | 38 +++++++++++++++ .gitignore | 3 ++ .projen/files.json | 2 + .projenrc.ts | 62 ++++++++++++++++++++++++- sonar-project.properties | 7 +++ 6 files changed, 113 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/sonarcloud-report.yml create mode 100644 sonar-project.properties diff --git a/.gitattributes b/.gitattributes index e85905d..30bac3c 100644 --- a/.gitattributes +++ b/.gitattributes @@ -8,6 +8,7 @@ /.github/workflows/pull-request-lint.yml linguist-generated /.github/workflows/release-beta.yml linguist-generated /.github/workflows/release.yml linguist-generated +/.github/workflows/sonarcloud-report.yml linguist-generated /.github/workflows/upgrade-beta.yml linguist-generated /.github/workflows/upgrade-main.yml linguist-generated /.gitignore linguist-generated @@ -21,4 +22,5 @@ /LICENSE linguist-generated /package-lock.json linguist-generated /package.json linguist-generated +/sonar-project.properties linguist-generated /tsconfig.dev.json linguist-generated \ No newline at end of file diff --git a/.github/workflows/sonarcloud-report.yml b/.github/workflows/sonarcloud-report.yml new file mode 100644 index 0000000..aa5670b --- /dev/null +++ b/.github/workflows/sonarcloud-report.yml @@ -0,0 +1,38 @@ +# ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen". + +name: sonarcloud-report +on: + push: + branches: + - main + - beta + pull_request: + types: + - opened + - synchronize + - reopened +jobs: + sonarcloud-report: + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/setup-node@v4 + with: {} + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: 18.x + - name: Install dependencies + run: npm ci + - name: Run tests + run: npm run test + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.gitignore b/.gitignore index 722d0ae..20302de 100644 --- a/.gitignore +++ b/.gitignore @@ -36,6 +36,7 @@ jspm_packages/ /examples/**/cdk.out /examples/**/.git TODO.md +.scannerwork/ /test-reports/ junit.xml /coverage/ @@ -57,4 +58,6 @@ junit.xml .jsii tsconfig.json !/API.md +!/.github/workflows/sonarcloud-report.yml +!/sonar-project.properties !/.projenrc.ts diff --git a/.projen/files.json b/.projen/files.json index 72cf11f..6e72cf6 100644 --- a/.projen/files.json +++ b/.projen/files.json @@ -7,6 +7,7 @@ ".github/workflows/pull-request-lint.yml", ".github/workflows/release-beta.yml", ".github/workflows/release.yml", + ".github/workflows/sonarcloud-report.yml", ".github/workflows/upgrade-beta.yml", ".github/workflows/upgrade-main.yml", ".gitignore", @@ -15,6 +16,7 @@ ".projen/files.json", ".projen/tasks.json", "LICENSE", + "sonar-project.properties", "tsconfig.dev.json" ], "//": "~~ Generated by projen. To modify, edit .projenrc.ts and run \"npx projen\"." diff --git a/.projenrc.ts b/.projenrc.ts index d4ab495..6b8fa4e 100644 --- a/.projenrc.ts +++ b/.projenrc.ts @@ -1,4 +1,6 @@ -import { awscdk, javascript } from 'projen'; +import { awscdk, javascript, TextFile } from 'projen'; +import { WorkflowSteps } from 'projen/lib/github'; +import { JobPermission } from 'projen/lib/github/workflows-model'; const project = new awscdk.AwsCdkConstructLibrary({ projenrcTs: true, @@ -52,8 +54,66 @@ const project = new awscdk.AwsCdkConstructLibrary({ '/examples/**/cdk.out', '/examples/**/.git', 'TODO.md', + '.scannerwork/', ], }); +/** + * Sonarcloud report workflow + */ +const sonarCloudReportWorkflow = project.github?.addWorkflow('sonarcloud-report'); +sonarCloudReportWorkflow?.on({ + push: { branches: ['main', 'beta'] }, + pullRequest: { + types: ['opened', 'synchronize', 'reopened'], + }, +}); +sonarCloudReportWorkflow?.addJob('sonarcloud-report', { + runsOn: ['ubuntu-latest'], + tools: { + node: { + version: project.minNodeVersion!, + }, + }, + permissions: { + contents: JobPermission.READ, + }, + steps: [ + WorkflowSteps.checkout({ + with: { + fetchDepth: 0, + }, + }), + ...project.renderWorkflowSetup(), + { + name: 'Run tests', + run: 'npm run test', + }, + { + name: 'SonarCloud Scan', + uses: 'SonarSource/sonarcloud-github-action@v2', + env: { + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}', + SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}', + }, + }, + ], +}); + +/** + * Sonarcloud properties file + */ +new TextFile(project, 'sonar-project.properties', { + lines: [ + 'sonar.host.url=https://sonarcloud.io', + `sonar.projectKey=${project.name.replace('@', '').replace('/', '_')}`, + `sonar.organization=${project.name.replace('@', '').split('/')[0]}`, + 'sonar.javascript.lcov.reportPaths=./coverage/lcov.info', + 'sonar.sources=./src', + 'sonar.tests=./test', + 'sonar.test.inclusions=**/*.test.*', + ], +}); + project.synth(); diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..704077b --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,7 @@ +sonar.host.url=https://sonarcloud.io +sonar.projectKey=alma-cdk_project +sonar.organization=alma-cdk +sonar.javascript.lcov.reportPaths=./coverage/lcov.info +sonar.sources=./src +sonar.tests=./test +sonar.test.inclusions=**/*.test.* \ No newline at end of file