feat(ZCH-66): cleanup sonar scan and quality gate steps (#84)

* feat(ZCH-66): pass working dir * fix: fix basedir * fix: update step * chore: simplify pipeline * chore: change default * chore: remove deprecated code * chore: add var for quality gate * chore: restore old sonar flutter * chore: remove old vars * chore: rename to flutter
zupit-it · Apr 2, 2024 · 4881e51 · 4881e51
1 parent 119a6b8
commit 4881e51
Show file tree

Hide file tree

Showing 7 changed files with 78 additions and 77 deletions.
diff --git a/.github/workflows/sonar-step-analyze.yml b/.github/workflows/sonar-step-analyze.yml
@@ -17,27 +17,15 @@ on:
       SONAR_IMAGE:
         required: false
         type: string
-        default: "ghcr.io/zupit-it/pipeline-templates/flutter-sonar-scanner-cli:5.0.1"
+        default: "sonarsource/sonar-scanner-cli"
       SONAR_HOST_URL:
         required: false
         type: string
         default: "https://sonarqube.zupit.software"
-      DOWNLOAD_ARTIFACT:
+      CHECK_QUALITY_GATE:
         required: false
         type: boolean
-        default: true
-      ARTIFACT_FILENAME:
-        required: false
-        type: string
-        default: ""
-      ARTIFACT_PATH:
-        required: false
-        type: string
-        default: ".coverage-reports/"
-      PRE_SCAN_COMMANDS:
-        required: false
-        type: string
-        default: ""
+        default: false
 
 env:
   SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -64,17 +52,6 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
         with:
+          projectBaseDir: ${{ inputs.WORKING_DIRECTORY }}
           args: >
-            -Dsonar.qualitygate.wait=true
-
-      - name: SonarQube Quality Gate check
-        id: sonarqube-quality-gate-check
-        uses: sonarsource/sonarqube-quality-gate-action@master
-        # Force to fail step after specific time.
-        timeout-minutes: 5
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-
-      - name: "Example show SonarQube Quality Gate Status value"
-        run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}"
+            -Dsonar.qualitygate.wait=${{ inputs.CHECK_QUALITY_GATE }}
diff --git a/.github/workflows/sonar-step-flutter-analyze.yml b/.github/workflows/sonar-step-flutter-analyze.yml
@@ -0,0 +1,68 @@
+name: Sonar analyze with artifacts
+
+on:
+  workflow_call:
+    inputs:
+      LABELS:
+        required: true
+        type: string
+      WORKING_DIRECTORY:
+        required: true
+        type: string
+      SONAR_IMAGE:
+        required: false
+        type: string
+        default: "sonarsource/sonar-scanner-cli"
+      SONAR_HOST_URL:
+        required: false
+        type: string
+        default: "https://sonarqube.zupit.software"
+      DOWNLOAD_ARTIFACT:
+        required: false
+        type: boolean
+        default: true
+      ARTIFACT_FILENAME:
+        required: false
+        type: string
+        default: ""
+      ARTIFACT_PATH:
+        required: false
+        type: string
+        default: ".coverage-reports/"
+      PRE_SCAN_COMMANDS:
+        required: false
+        type: string
+        default: ""
+      CHECK_QUALITY_GATE:
+        required: false
+        type: boolean
+        default: false
+
+env:
+  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+  SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+jobs:
+  sonar-analyze:
+    runs-on: ${{ fromJson(inputs.LABELS) }}
+    container: ${{ inputs.SONAR_IMAGE }}
+    defaults:
+      run:
+        working-directory: ${{ inputs.WORKING_DIRECTORY }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Download coverage artifact
+        if: ${{ inputs.DOWNLOAD_ARTIFACT }}
+        uses: actions/download-artifact@v3
+        with:
+          name: ${{inputs.ARTIFACT_FILENAME}}
+          path: ${{ inputs.WORKING_DIRECTORY }}/${{ inputs.ARTIFACT_PATH }}
+
+      - name: Run PRE_SCAN_COMMANDS commands
+        if: ${{ inputs.PRE_SCAN_COMMANDS != '' }}
+        run: ${{ inputs.PRE_SCAN_COMMANDS }}
+
+      - name: Run Sonar
+        run: sonar-scanner -Dsonar.host.url=${{ inputs.SONAR_HOST_URL }} -Dsonar.login=${{ secrets.SONAR_TOKEN }} -Dsonar.qualitygate.wait=${{ inputs.CHECK_QUALITY_GATE }}
diff --git a/docker/sonar-scanner-cli/Dockerfile → docker/flutter-sonar-scanner-cli/Dockerfile b/docker/sonar-scanner-cli/Dockerfile → docker/flutter-sonar-scanner-cli/Dockerfile
diff --git a/docker/flutter-sonar-scanner-cli/build.sh b/docker/flutter-sonar-scanner-cli/build.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+docker buildx build -t ghcr.io/zupit-it/pipeline-templates/flutter-sonar-scanner-cli:5.0.1 -t ghcr.io/zupit-it/pipeline-templates/flutter-sonar-scanner-cli:latest -f Dockerfile .
+docker push ghcr.io/zupit-it/pipeline-templates/flutter-sonar-scanner-cli:5.0.1
+docker push ghcr.io/zupit-it/pipeline-templates/flutter-sonar-scanner-cli:latest
diff --git a/docker/sonar-scanner-cli-luca/Dockerfile b/docker/sonar-scanner-cli-luca/Dockerfile
diff --git a/docker/sonar-scanner-cli-luca/build.sh b/docker/sonar-scanner-cli-luca/build.sh
diff --git a/docker/sonar-scanner-cli/build.sh b/docker/sonar-scanner-cli/build.sh