-
Notifications
You must be signed in to change notification settings - Fork 776
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrate Sonarcloud and Nancy github action #3491
Conversation
Integrate Sonarcloud for static code analysis and Nancy for analysing dependencies Signed-off-by: Shubham Gupta <shubham.gupta2956@gmail.com>
Codecov Report
@@ Coverage Diff @@
## main #3491 +/- ##
=======================================
Coverage 30.69% 30.69%
=======================================
Files 167 167
Lines 20505 20505
=======================================
Hits 6295 6295
Misses 13461 13461
Partials 749 749 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
@wryonik - the two new tests failed, can you please take a look? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@wryonik - there are some failure in Sonar workflow looking for SONAR_TOKEN
, do we need to configure that ?
Yes @prateekpandey14. There is a |
What's needed to close this out? |
@realshuting @JimBugwadia @prateekpandey14 @vyankyGH shall we merge this ? |
This has been outstanding for too long for such a minor addition. Are we adding or rejecting? |
Some of the tests failed, @wryonik - are you able to take a look and fix them? |
Folks, this is 6 months old. I can fix the issues if we want to keep it. |
Yes @eddycharly - let's fix and merge the PR. |
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
@realshuting this should be good 🤞 |
Nancy and sonarcloud checks failed, are they required? |
They can't succeed, we don't share secrets with PRs coming from forks. |
ok, then do we want to enable them for PRs? |
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
c4e52ff
to
a310b40
Compare
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
a310b40
to
fb14560
Compare
removed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @eddycharly !
Related issue
#2617
Milestone of this PR
What type of PR is this
/kind enhancement
Proposed Changes
Integrate Sonarcloud for static code analysis and Nancy for analysing dependencies
Proof Manifests
Checklist
Further Comments
There are certain things that are needed to be set for this project:-
sonar-project.properties
files as well).ACCESS_TOKEN
- Github access tokenSONAR_TOKEN
- this is to be generated from the sonarcloud dashboardA testing version can be accessed here (for Sonarcloud) and here (for Nancy)