Trez/rinoa-docker
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions 1 Activity
Files
7b0d34b3a01588da7d69b54fc1c8bbf839035d54
rinoa-docker/.gitea/workflows/branch-sonarscan-pr-merge.yml
T
Trez.One 02b82b85cc Small fixes.
2024-12-21 13:23:11 -05:00

163 lines
6.6 KiB
YAML
Raw Blame History

name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
on:
push:
branches-ignore:
- main
jobs:
# Job 1: Check if PR exists and create one if the branch is new
check-and-create-pr:
name: Check and Create PR
runs-on: ubuntu-latest
outputs:
pr_created: ${{ steps.cc-pr.outputs.pr_created }}
pr_number: ${{ steps.cc-pr.outputs.pr_index }}
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: PR Check/Create
id: cc-pr
run: |
echo "Checking for existing PR..."
pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
-X 'GET' \
-H 'Accept: application/json' \
-H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-s | jq '{index: .number, state: .state}')
pr_status=$(echo ${pr_check} | jq -r '.state')
if [ "${pr_status}" == "open" ]; then
echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')"
echo "pr_created=false" >> "$GITHUB_OUTPUT"
echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT"
elif [ "${pr_status}" == "closed" ]; then
echo "PR does not exist. Creating PR..."
pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \
-X 'POST' \
-H 'Accept: application/json' \
-H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
-H 'Content-Type: application/json' \
-d '{
"base": "main",
"head": "'"${{ github.ref_name }}"'",
"title": "Automated PR for branch '"${{ github.ref_name }}"'",
"body": "This is an automated PR created for branch '"${{ github.ref_name }}"'."
}')
pr_index=$(echo ${pr_response} | jq -r '.number')
echo "PR created. PR number: ${pr_index}"
echo "pr_created=true" >> "$GITHUB_OUTPUT"
echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT"
else
echo "Error checking for existing PR. Exiting..."
exit 1
fi
sonarqube-analysis:
name: SonarQube Analysis
runs-on: ubuntu-latest
needs: check-and-create-pr
outputs:
qg_status: ${{ steps.quality-gate.outputs.quality-gate-status }}
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@v4.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: SonarQube Quality Gate
id: quality-gate
uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: Custom Quality Gate Check
uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1
id: quality-gate-check
with:
sonar-project-key: rinoa-docker
sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
sonar-token: ${{ secrets.SONARQUBE_TOKEN }}
- name: JSON clean-up for proccessing...
id: json-cleanup
run: |
echo "Cleaning up quality gate response..."
echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
jq -c '.' qg_raw.json > qg_fixed_json.json
projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
echo "conditions=${conditions}" >> $GITHUB_OUTPUT
- name: Convert JSON to Markdown Table
id: convert-json-to-md
uses: buildingcash/json-to-markdown-table-action@v1.1.0
with:
json: "${{ steps.json-cleanup.outputs.conditions }}"
- name: Post SonarQube Results as Comment
env:
PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }}
SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }}
QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }}
RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }}
GITHUB_REPOSITORY: ${{ github.repository }}
BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }}
run: |
formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\
/g')
payload=$(jq -n \
--arg body "SonarQube analysis results:
<br>
${{ env.SQ_RESULTS }}" \
'{ body: $body }')
response=$(curl -s -o response.json -w "%{http_code}" \
-X POST \
-H "Accept: application/json" \
-H "Authorization: token ${BOT_GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "$payload" \
"${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews")
dry-run-merge-pr:
runs-on: ubuntu-latest
name: Dry Run & PR Merge
needs: sonarqube-analysis
if: needs.sonarqube-analysis.outputs.qg_status == 'PASSED'
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Generate Ephemeral .env for Docker Compose Dry Run
run: |
echo "${{ secrets.RINOA_ENV }}" > .env
- name: Docker Compose Dry Run
uses: s3i7h/spin-up-docker-compose-action@v1.2
env:
DOCKER_HOST: tcp://dockerproxy:2375
with:
file: docker-compose.yml
pull: true
pull-opts: --dry-run
up: true
up-opts: -d --dry-run
- name: Tea CLI Setup & PR Merge
run: |
curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea
chmod +x /usr/local/bin/tea
echo "Merging PR..."
tea login add --name gitea-rinoa --url "${{ vars.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}"
pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --output csv | egrep "${{ gitea.ref_name }}" | awk -F, '{print $1}' | sed -e 's|"||g')
tea pr m --repo ${{ github.repository }} --title "Auto Merge" --message "Merged by ${{ gitea.actor }}" --output table ${pr_index}
Reference in New Issue View Git Blame Copy Permalink