Skip to content

fix(STREETCO): NAV-2466 #2489

fix(STREETCO): NAV-2466

fix(STREETCO): NAV-2466 #2489

Workflow file for this run

name: SonarCloud
on:
push:
branches: [ dev ]
pull_request:
branches: [ dev ]
env:
SONAR_SCANNER_VERSION: 5.0.1.3006
REGION: eu-west-1
jobs:
aws_creds:
name: Get ECR Access
runs-on: [ self-hosted, corefront, sandbox ]
outputs:
token: ${{ steps.ecr_token.outputs.token }}
steps:
- id: ecr_token
name: Get ECR Token
run: |
echo token=$(aws ecr get-login-password --region $REGION) >> $GITHUB_OUTPUT
static_analysis:
runs-on: [self-hosted, corefront, sandbox]
needs: aws_creds
container:
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-debian11_dev:latest
credentials:
username: AWS
password: ${{ needs.aws_creds.outputs.token }}
volumes:
- /usr/share/dotnet:/usr/share/dotnet
# Mount /dotnet so we can delete files from docker and free up space (>20GB)
services:
rabbitmq:
image: rabbitmq:3-alpine
ports:
- 5672:5672
redis:
image: redis:6-alpine
ports:
- 6379:6379
steps:
- name: force chown to avoid errors
run: chown -R $USER:$USER .
- name: Git config
run: git config --global --add safe.directory /__w/navitia/navitia
- name: Free up space
run: rm -rf /usr/share/dotnet/*
- name: Display remaining space
run: df -h
- name: Generate github private access token
id: ci-core-app-token
uses: getsentry/[email protected]
with:
app_id: ${{ secrets.CI_CORE_APP_ID }}
private_key: ${{ secrets.CI_CORE_APP_PEM }}
- uses: actions/checkout@v3
with:
submodules: recursive
token: ${{ steps.ci-core-app-token.outputs.token }}
- name: Install Gcov and SonarCloud's dependencies for C++ analysis
run : |
rm -rf "$AGENT_TOOLSDIRECTORY"
apt update -y
pip install gcovr
apt install -y unzip wget
wget https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
unzip -u build-wrapper-linux-x86.zip
unzip -u sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
- name: Cache Sonar
id: cache-sonar
uses: actions/cache@v3
with:
path: sonar_cache
key: sonar-cache-${{ github.event.head_commit.id }}
restore-keys: |
sonar-cache-
- name: Configure
run: cmake -DCMAKE_BUILD_TYPE=Profile -DSTRIP_SYMBOLS=ON source
- name: Build
run: build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir build-wrapper-output-dir make -j $(nproc)
- name: Tests python3
run: |
virtualenv -p python3.9 navitia_py3
. navitia_py3/bin/activate
pip install -r source/jormungandr/requirements_dev.txt
export JORMUNGANDR_BROKER_URL='amqp://guest:guest@rabbitmq:5672//'
export KRAKEN_RABBITMQ_HOST='rabbitmq'
ctest --output-on-failure
deactivate
- name: docker_test python3
run: |
. navitia_py3/bin/activate
pip install -r source/jormungandr/requirements_dev.txt
pip install -r source/tyr/requirements_dev.txt
pip install -r source/sql/requirements.txt
export NAVITIA_CHAOS_DUMP_PATH=$(echo $GITHUB_WORKSPACE/source/tests/chaos/chaos_loading.sql.gz | sed -e 's#__w#/opt/actions-runner/_work#')
echo $NAVITIA_CHAOS_DUMP_PATH
make docker_test
deactivate
rm -rf navitia_py3
env:
NAVITIA_DOCKER_NETWORK: ${{ job.container.network }}
TYR_CELERY_BROKER_URL: 'amqp://guest:guest@rabbitmq:5672//'
TYR_REDIS_HOST: 'redis'
- name: Coverage
run: gcovr -k -r . -f source -e source/third_party --sonarqube cov.xml
- name: SonarCloud Scan
# We only want 1 scan as it would bloat sonarcube otherwise
# And only on an internal merge (to dev/master) as SonarCloud's token uses Secrets that not available from a fork :( (eg. https://docs.github.com/en/actions/reference/encrypted-secrets#using-encrypted-secrets-in-a-workflow)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner-$SONAR_SCANNER_VERSION-linux/bin/sonar-scanner \
-Dsonar.cfamily.threads=$(nproc)
- name: clean up workspace
if: ${{ always() }}
run: |
rm -rf ./*
rm -rf ./.??*