Running SQ scan and Docker dry run in same job.

2024-12-20 09:53:12 -05:00
parent 501808583c
commit e5e4622b89
1 changed files with 75 additions and 71 deletions
@@ -11,7 +11,6 @@ jobs:
    name: Check and Create PR
    runs-on: ubuntu-latest
    outputs:
-      pr_created: ${{ steps.cc-pr.outputs.pr_created }}
      pr_number: ${{ steps.cc-pr.outputs.pr_index }}
    steps:
      - name: Checkout Code
@@ -53,10 +52,14 @@ jobs:
            exit 1
          fi

-  sonarqube-analysis:
+  sonarqube-analysis-dry-run:
    name: SonarQube Analysis
    runs-on: ubuntu-latest
    needs: check-and-create-pr
+    outputs:
+      qg_status_status: ${{ steps.quality-gate.outputs.quality-gate-status }}
+      qg_results: ${{ steps.quality-gate-check.outputs.quality-gate-result }}
+
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
@@ -82,60 +85,6 @@ jobs:
          sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
          sonar-token: ${{ secrets.SONARQUBE_TOKEN }}

-      - name: JSON clean-up for proccessing...
-        id: json-cleanup
-        run: |
-          echo "Cleaning up quality gate response..."
-          echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
-          sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
-          jq -c '.' qg_raw.json > qg_fixed_json.json
-          projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
-          caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
-          conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
-          echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
-          echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
-          echo "conditions=${conditions}" >> $GITHUB_OUTPUT
-
-      - name: Convert JSON to Markdown Table
-        id: convert-json-to-md
-        uses: buildingcash/json-to-markdown-table-action@v1.1.0
-        with:
-          json: "${{ steps.json-cleanup.outputs.conditions }}"
-
-      - name: Post SonarQube Results as Comment
-        env:
-          PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }}
-          SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }}
-          QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }}
-          RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }}
-          GITHUB_REPOSITORY: ${{ github.repository }}
-          BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }}
-        run: |
-          formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\
-          /g')
-          payload=$(jq -n \
-            --arg body "SonarQube analysis results:
-                <br>
-                ${{ env.SQ_RESULTS }}" \
-            '{ body: $body }')
-            
-          response=$(curl -s -o response.json -w "%{http_code}" \
-            -X POST \
-            -H "Accept: application/json" \
-            -H "Authorization: token ${BOT_GITEA_TOKEN}" \
-            -H "Content-Type: application/json" \
-            -d "$payload" \
-            "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews")
-
-  # Job 3: Merge PR if Quality Gate passes
-  dry-run-merge-pr:
-    runs-on: ubuntu-latest
-    needs: [check-and-create-pr, sonarqube-analysis]
-    if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED'
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-        
      - name: Docker Compose Dry Run
        uses: s3i7h/spin-up-docker-compose-action@v1.2
        with:
@@ -144,20 +93,75 @@ jobs:
          pull-opts: --dry-run
          up: true
          up-opts: -d --dry-run
+  # Job 3: Merge PR if Quality Gate passes
+  # dry-run-merge-pr:
+  #   runs-on: ubuntu-latest
+  #   needs: [check-and-create-pr, sonarqube-analysis]
+  #   if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED'
+  #   steps:
+  #     - name: Checkout Code
+  #       uses: actions/checkout@v4

-      - name: Merge PR in Gitea
-        uses: prasiman/gocurl@v1
-        with:
-          url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}"
-          method: "POST"
-          headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }'
-          params: >-
-            {
-              "Do": "merge",
-              "delete_branch_after_merge": true,
-              "force_merge": true,
-              "merge_when_checks_succeed": true
-            }
+  #     - name: JSON clean-up for Custom Quality Gate Check...
+  #       id: json-cleanup
+  #       run: |
+  #         echo "Cleaning up quality gate response..."
+  #         echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
+  #         sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
+  #         jq -c '.' qg_raw.json > qg_fixed_json.json
+  #         echo "qgfixedjson=$(cat qg_fixed_json.json)" >> $GITHUB_OUTPUT
+  #         echo "JSON cleanup complete.
+  #         projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
+  #         caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
+  #         conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
+  #         echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
+  #         echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
+  #         echo "conditions=${conditions}" >> $GITHUB_OUTPUT
+  #     - name: Post SonarQube Results as Comment
+  #       env:
+  #         PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }}
+  #         SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }}
+  #         QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }}
+  #         RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }}
+  #         GITHUB_REPOSITORY: ${{ github.repository }}
+  #         BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }}
+  #       run: |
+  #         formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\
+  #         /g')
+  #         payload=$(jq -n \
+  #           --arg body "SonarQube analysis results:
+  #               <br>
+  #               ${{ env.SQ_RESULTS }}" \
+  #           '{ body: $body }')
+            
+  #         response=$(curl -s -o response.json -w "%{http_code}" \
+  #           -X POST \
+  #           -H "Accept: application/json" \
+  #           -H "Authorization: token ${BOT_GITEA_TOKEN}" \
+  #           -H "Content-Type: application/json" \
+  #           -d "$payload" \
+  #           "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews")

-      - name: Confirm Merge
-        run: echo "PR has been successfully merged into main."
+  #     - name: Convert JSON to Markdown Table
+  #       id: convert-json-to-md
+  #       uses: buildingcash/json-to-markdown-table-action@v1.1.0
+  #       with:
+  #         json: "${{ steps.json-cleanup.outputs.conditions }}"
+
+
+  #     - name: Merge PR in Gitea
+  #       uses: prasiman/gocurl@v1
+  #       with:
+  #         url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}"
+  #         method: "POST"
+  #         headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }'
+  #         params: >-
+  #           {
+  #             "Do": "merge",
+  #             "delete_branch_after_merge": true,
+  #             "force_merge": true,
+  #             "merge_when_checks_succeed": true
+  #           }
+
+  #     - name: Confirm Merge
+  #       run: echo "PR has been successfully merged into main."