-
Notifications
You must be signed in to change notification settings - Fork 0
156 lines (143 loc) · 5.01 KB
/
sonar-step-dotnet-analyze.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Sonar analyze with artifacts
on:
workflow_call:
inputs:
RUN_ON:
required: false
type: string
default: "zupit-agents"
RUNNERS_CONTAINER_GROUP:
required: false
type: string
default: "Container"
WORKING_DIRECTORY:
required: true
type: string
SONAR_PROJECT_KEY:
required: true
type: string
SONAR_IMAGE:
required: false
type: string
default: "sonarsource/sonar-scanner-cli:10.0.2.1398_5.0.1"
SONAR_EXCLUSIONS:
required: false
type: string
default: ""
COVERAGE_EXCLUSIONS:
required: false
type: string
default: ""
DOTNET_VERSION:
required: false
type: string
default: "7"
SONAR_IMAGE_ENV_VARIABLES:
required: false
type: string
default: "{}"
COVERAGE_FILES:
required: false
type: string
default: ""
CHECK_QUALITY_GATE:
required: false
type: boolean
default: false
REPORTS_PATH:
required: false
type: string
default: "**/*.trx"
CHECK_WORKDIR_CHANGES:
required: true
type: boolean
default: false
CHECK_CUSTOM_DIR:
required: false
type: string
default: ""
CHECK_CHANGES_BY_JOBS:
required: false
type: string
default: "all"
env:
CHECK_DIR: ${{ inputs.WORKING_DIRECTORY }}
jobs:
workdir-has-changes:
runs-on: ubuntu-latest
outputs:
changes-detected: ${{ steps.filter.outputs.changes-detected }}
steps:
- name: Set CHECK_DIR to custom directory if provided
if: ${{ inputs.CHECK_CUSTOM_DIR != '' }}
run: echo "CHECK_DIR=${{ inputs.CHECK_CUSTOM_DIR }}" >> $GITHUB_ENV
- name: Set default CHECK_DIR
if: ${{ inputs.CHECK_CUSTOM_DIR == '' }}
run: echo "CHECK_DIR=${{ inputs.WORKING_DIRECTORY }}" >> $GITHUB_ENV
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
changes-detected:
- "${{ env.CHECK_DIR }}/**"
sonar-analyze:
needs: workdir-has-changes
if: ${{ !inputs.CHECK_WORKDIR_CHANGES || (needs.workdir-has-changes.outputs.changes-detected == 'true' && (inputs.CHECK_CHANGES_BY_JOBS == 'all' || contains(fromJson(inputs.CHECK_CHANGES_BY_JOBS), github.job))) }}
runs-on:
labels: ${{ inputs.RUN_ON }}
group: ${{ inputs.RUNNERS_CONTAINER_GROUP }}
container:
image: ${{ inputs.SONAR_IMAGE }}
env: ${{ fromJson(inputs.SONAR_IMAGE_ENV_VARIABLES) }}
options: --user root
defaults:
run:
working-directory: ${{ inputs.WORKING_DIRECTORY }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install .NET
uses: zupit-it/pipeline-templates/.github/actions/dotnet/[email protected]
with:
WORKING_DIRECTORY: ${{ inputs.WORKING_DIRECTORY }}
DOTNET_VERSION: ${{ inputs.DOTNET_VERSION }}
ALPINE_OS: true
- name: Install SonarSource for .NET
run: |
dotnet tool update --tool-path /tmp/dotnet-tools dotnet-sonarscanner
ln -s /tmp/dotnet-tools/dotnet-sonarscanner /usr/bin/dotnet-sonarscanner
- name: Begin .NET SonarScanner
shell: "bash"
run: |
params=()
[[ -n "${{ inputs.SONAR_EXCLUSIONS }}" ]] && params+=(/d:sonar.exclusions="${{ inputs.SONAR_EXCLUSIONS }}")
[[ -n "${{ inputs.COVERAGE_EXCLUSIONS }}" ]] && params+=(/d:sonar.coverage.exclusions="${{ inputs.COVERAGE_EXCLUSIONS }}")
[[ -n "${{ inputs.COVERAGE_FILES }}" ]] && params+=(/d:sonar.cs.opencover.reportsPaths="${{ inputs.COVERAGE_FILES }}")
[[ -z "${{ inputs.COVERAGE_FILES }}" ]] && params+=(/d:sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml)
dotnet-sonarscanner begin \
/k:"${{ inputs.SONAR_PROJECT_KEY }}" \
/d:sonar.token="${{ secrets.SONAR_TOKEN }}" \
/d:sonar.host.url="${{ secrets.SONAR_HOST_URL }}" \
/d:sonar.cs.vstest.reportsPaths=${{inputs.REPORTS_PATH}} \
/d:sonar.qualitygate.wait=${{ inputs.CHECK_QUALITY_GATE }} \
"${params[@]}"
- name: Build
uses: zupit-it/pipeline-templates/.github/actions/dotnet/build
with:
WORKING_DIRECTORY: ${{ inputs.WORKING_DIRECTORY }}
BUILD_CONFIG: "Debug"
- name: Run tests
uses: zupit-it/pipeline-templates/.github/actions/dotnet/[email protected]
with:
WORKING_DIRECTORY: ${{ inputs.WORKING_DIRECTORY }}
EXCLUDE_FILES: ${{ inputs.COVERAGE_EXCLUSIONS }}
- name: End .NET SonarScanner
run: dotnet-sonarscanner end /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
jobs-succeded:
needs: sonar-analyze
runs-on: ubuntu-latest
if: ${{ always()}}
steps:
- name: "Jobs: sonar-analyze didn't fail."
run: if [ "${{ needs.sonar-analyze.result }}" == "failure" ]; then exit 1; fi