Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'origin/develop' into feature_2729_tc_diag
- Loading branch information
Showing
598 changed files
with
12,625 additions
and
9,592 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
#! /bin/bash | ||
|
||
source ${GITHUB_WORKSPACE}/.github/jobs/bash_functions.sh | ||
|
||
DOCKERHUB_TAG=met-sonarqube-gha | ||
|
||
DOCKERFILE_PATH=${GITHUB_WORKSPACE}/internal/scripts/docker/Dockerfile.sonarqube | ||
|
||
CMD_LOGFILE=${GITHUB_WORKSPACE}/sonarqube_build.log | ||
|
||
# | ||
# Define the $SONAR_REFERENCE_BRANCH as the | ||
# - Target of any requests | ||
# - Manual setting for workflow dispatch | ||
# - Source branch for any pushes (e.g. develop) | ||
# | ||
if [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then | ||
export SONAR_REFERENCE_BRANCH=${GITHUB_BASE_REF} | ||
elif [ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]; then | ||
export SONAR_REFERENCE_BRANCH=${WD_REFERENCE_BRANCH} | ||
else | ||
export SONAR_REFERENCE_BRANCH=${SOURCE_BRANCH} | ||
fi | ||
|
||
echo SONAR_REFERENCE_BRANCH=${SONAR_REFERENCE_BRANCH} | ||
|
||
time_command docker build -t ${DOCKERHUB_TAG} \ | ||
--build-arg MET_BASE_REPO \ | ||
--build-arg MET_BASE_TAG \ | ||
--build-arg SOURCE_BRANCH \ | ||
--build-arg SONAR_SCANNER_VERSION \ | ||
--build-arg SONAR_HOST_URL \ | ||
--build-arg SONAR_TOKEN \ | ||
--build-arg SONAR_REFERENCE_BRANCH \ | ||
-f $DOCKERFILE_PATH ${GITHUB_WORKSPACE} | ||
if [ $? != 0 ]; then | ||
cat ${CMD_LOGFILE} | ||
exit 1 | ||
fi | ||
|
||
# Copy the .scannerwork directory from the image | ||
id=$(docker create ${DOCKERHUB_TAG}) | ||
time_command mkdir -p /tmp/scannerwork | ||
time_command docker cp $id:/met/.scannerwork/report-task.txt /tmp/scannerwork/report-task.txt | ||
docker rm -v $id |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
name: SonarQube Scan | ||
|
||
# Run SonarQube for Pull Requests and changes to the develop and main_vX.Y branches | ||
|
||
on: | ||
|
||
# Trigger analysis for pushes to develop and main_vX.Y branches | ||
push: | ||
branches: | ||
- develop | ||
- 'main_v**' | ||
paths-ignore: | ||
- 'docs/**' | ||
- '.github/pull_request_template.md' | ||
- '.github/ISSUE_TEMPLATE/**' | ||
- '.github/labels/**' | ||
- '**/README.md' | ||
- '**/LICENSE.md' | ||
|
||
# Trigger analysis for pull requests to develop and main_vX.Y branches | ||
pull_request: | ||
types: [opened, synchronize, reopened] | ||
branches: | ||
- develop | ||
- 'main_v**' | ||
paths-ignore: | ||
- 'docs/**' | ||
- '.github/pull_request_template.md' | ||
- '.github/ISSUE_TEMPLATE/**' | ||
- '.github/labels/**' | ||
- '**/README.md' | ||
- '**/LICENSE.md' | ||
|
||
workflow_dispatch: | ||
inputs: | ||
reference_branch: | ||
description: 'Reference Branch' | ||
default: develop | ||
type: string | ||
|
||
jobs: | ||
build: | ||
name: SonarQube Scan | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
|
||
- uses: actions/checkout@v4 | ||
with: | ||
# Disable shallow clones for better analysis | ||
fetch-depth: 0 | ||
|
||
- name: Create output directories | ||
run: mkdir -p ${RUNNER_WORKSPACE}/logs | ||
|
||
- name: Get branch name | ||
id: get_branch_name | ||
run: echo branch_name=${GITHUB_REF#refs/heads/} >> $GITHUB_OUTPUT | ||
|
||
- name: SonarQube Scan in Docker | ||
run: .github/jobs/build_sonarqube_image.sh | ||
env: | ||
MET_BASE_REPO: met-base | ||
MET_BASE_TAG: v3.2 | ||
SOURCE_BRANCH: ${{ steps.get_branch_name.outputs.branch_name }} | ||
WD_REFERENCE_BRANCH: ${{ github.event.inputs.reference_branch }} | ||
SONAR_SCANNER_VERSION: 5.0.1.3006 | ||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
|
||
- name: SonarQube Quality Gate check | ||
id: sonarqube-quality-gate-check | ||
uses: sonarsource/sonarqube-quality-gate-action@master | ||
with: | ||
scanMetadataReportFile: /tmp/scannerwork/report-task.txt | ||
timeout-minutes: 5 | ||
env: | ||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
|
||
- name: Copy log files into logs directory | ||
if: always() | ||
run: cp ${GITHUB_WORKSPACE}/*.log ${RUNNER_WORKSPACE}/logs/ | ||
|
||
- name: Upload logs as artifact | ||
if: always() | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: logs_sonarqube | ||
path: ${{ runner.workspace }}/logs | ||
if-no-files-found: ignore |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.