diff --git a/.gitea/workflows/build.yaml b/.gitea/workflows/build.yaml deleted file mode 100644 index cf890c3d..00000000 --- a/.gitea/workflows/build.yaml +++ /dev/null @@ -1,89 +0,0 @@ -on: - push: - branches: - - main - pull_request: - types: [opened, synchronize, reopened] - -name: Docker Scan, Lint, & Deploy via Compose -jobs: - sonarqube: - name: SonarQube Scanning & Quality Gate - runs-on: ubuntu-latest - steps: - - name: Checking out - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: SonarQube Scan - id: sonarqube-scan - uses: SonarSource/sonarqube-scan-action@v4.0.0 - env: - SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - # - name: SonarQube Quality Gate Check - # id: quality-gate - # uses: SonarSource/sonarqube-quality-gate-action@v1.1.0 - # env: - # SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} - # SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} - - docker-compose-dry-run: - name: Dry Run Docker Compose - runs-on: ubuntu-latest - needs: quality-gate - if: ${{ steps.quality-gate.outputs.quality-gate-status }} == 'PASSED' - steps: - - name: Checking out - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Generate ephemeral env - run: | - echo "${{ secrets.RINOA_DOCKER_ENV }}" > ./.env - - - name: Validate Docker Compose Configuration - id: docker-lint - run: | - docker compose config --no-interpolate --quiet --dry-run - EXIT_CODE=$? - if [ $? -ne 0 ]; then - echo "Docker Compose configuration validation failed." - exit 1 - else - echo "Docker Compose configuration is valid." - fi - echo "::set-output name=exit_code::$EXIT_CODE" - - deploy-changes: - name: Merge and Deploy Changes - runs-on: ubuntu-latest - needs: docker-lint - if: steps.docker-lint.outputs.exit_code == 0 - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - - name: Install & Setup Tea CLI - run: | - curl -sSL https://dl.gitea.com/tea/main/tea-main-linux-amd64 -o /usr/local/bin/tea - chmod +x /usr/local/bin/tea - tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_SERVER }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token "${{ secrets.BOT_GITEA_TOKEN }}" - - - name: Merge PR with Tea CLI - run: | - echo "${{ gitea.event.pull_request.number }}" - tea pr m --repo "${{ gitea.repository.name }}" --message "Automatically merged by GitHub Actions" --output table "${{ gitea.event.pull_request.number }}" - - - name: Deploy Docker Compose Changes - uses: 5eqn/docker-compose-remote-action@v0.0.7 - with: - ssh_host: 192.168.1.254 - ssh_user: gitea-deploy - ssh_private_key: ${{ secrets.DEPLOY_PRIVATE_SSH_KEY }} - ssh_host_public_key: ${{ secrets.DEPLOY_PUBLIC_SSH_KEY }} - docker_env: $ {{ secrets.RINOA_DOCKER_ENV }} - docker_args: -d --remove-orphans --build --dry-run \ No newline at end of file diff --git a/sonar-project.properties b/sonar-project.properties index 68b14a52..82d49718 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,18 +1,2 @@ sonar.projectKey=rinoa-docker - -# Source directories to analyze -sonar.sources=. - -# Include only the docker-compose.yml file for IaC analysis -sonar.inclusions=docker-compose.yml - -# Disable all other sensors explicitly -sonar.iac.enabled=true -sonar.iac.inclusions=**/docker-compose.yml -sonar.iac.exclusions=**/*.* # Exclude everything not explicitly included -sonar.exclusions=**/*.* - -# Explicitly include IaC file types (if required for broader IaC scanning) - -# Optional: Wait for quality gate in pipelines -sonar.qualitygate.wait=true \ No newline at end of file +sonar.analysis.sqbot= \ No newline at end of file