-
Notifications
You must be signed in to change notification settings - Fork 655
58 lines (46 loc) · 1.7 KB
/
sonarqube-scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# This workflow requires the following configuration in Github
#
# Variables:
# SONARQUBE_PROJECT_KEY - The project key in SonarQube
#
# Secrets:
# SONARQUBE_TOKEN - SonarQube API token
# SONARQUBE_HOST - The URL of the SonarQube host
name: SonarQube scan
on:
push:
branches: [ "master" ]
concurrency:
group: sonarqube
cancel-in-progress: false
jobs:
run-sonarqube-scan:
# Only run if the project key is set
if: vars.SONARQUBE_PROJECT_KEY != null
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Create the scan properties file
run: |
cat <<EOF > sonar-project.properties
sonar.projectKey=${{ vars.SONARQUBE_PROJECT_KEY }}
sonar.projectName=pgAdmin 4
sonar.projectVersion=%VERSION%
# Ignore templates and SQL scripts as they confuse the scanner
sonar.exclusions=**/templates/**/*, **/*.sql
# Let SonarQube know where tests can be found
sonar.test.inclusions=**/tests/**, web/regression
# Python compatibility
sonar.python.version=3.7, 3.8, 3.9, 3.10, 3.11
EOF
APP_RELEASE=`grep "^APP_RELEASE" web/config.py | cut -d"=" -f2 | sed 's/ //g'`
APP_REVISION=`grep "^APP_REVISION" web/config.py | cut -d"=" -f2 | sed 's/ //g'`
APP_LONG_VERSION=${APP_RELEASE}.${APP_REVISION}
sed -i "s/%VERSION%/${APP_LONG_VERSION}/g" sonar-project.properties
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}