From e5e4622b895eb9c8ac76c8f708fc62b910346d75 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 20 Dec 2024 09:53:12 -0500 Subject: [PATCH] Running SQ scan and Docker dry run in same job. --- .../workflows/branch-sonarscan-pr-merge.yml | 146 +++++++++--------- 1 file changed, 75 insertions(+), 71 deletions(-) diff --git a/.gitea/workflows/branch-sonarscan-pr-merge.yml b/.gitea/workflows/branch-sonarscan-pr-merge.yml index 94dde973..73d21059 100644 --- a/.gitea/workflows/branch-sonarscan-pr-merge.yml +++ b/.gitea/workflows/branch-sonarscan-pr-merge.yml @@ -11,7 +11,6 @@ jobs: name: Check and Create PR runs-on: ubuntu-latest outputs: - pr_created: ${{ steps.cc-pr.outputs.pr_created }} pr_number: ${{ steps.cc-pr.outputs.pr_index }} steps: - name: Checkout Code @@ -53,10 +52,14 @@ jobs: exit 1 fi - sonarqube-analysis: + sonarqube-analysis-dry-run: name: SonarQube Analysis runs-on: ubuntu-latest needs: check-and-create-pr + outputs: + qg_status_status: ${{ steps.quality-gate.outputs.quality-gate-status }} + qg_results: ${{ steps.quality-gate-check.outputs.quality-gate-result }} + steps: - name: Checkout Code uses: actions/checkout@v4 @@ -82,60 +85,6 @@ jobs: sonar-host-url: ${{ secrets.SONARQUBE_HOST }} sonar-token: ${{ secrets.SONARQUBE_TOKEN }} - - name: JSON clean-up for proccessing... - id: json-cleanup - run: | - echo "Cleaning up quality gate response..." - echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt - sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json - jq -c '.' qg_raw.json > qg_fixed_json.json - projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json) - caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json) - conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json) - echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT - echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT - echo "conditions=${conditions}" >> $GITHUB_OUTPUT - - - name: Convert JSON to Markdown Table - id: convert-json-to-md - uses: buildingcash/json-to-markdown-table-action@v1.1.0 - with: - json: "${{ steps.json-cleanup.outputs.conditions }}" - - - name: Post SonarQube Results as Comment - env: - PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} - SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }} - QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }} - RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }} - GITHUB_REPOSITORY: ${{ github.repository }} - BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} - run: | - formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\ - /g') - payload=$(jq -n \ - --arg body "SonarQube analysis results: -
- ${{ env.SQ_RESULTS }}" \ - '{ body: $body }') - - response=$(curl -s -o response.json -w "%{http_code}" \ - -X POST \ - -H "Accept: application/json" \ - -H "Authorization: token ${BOT_GITEA_TOKEN}" \ - -H "Content-Type: application/json" \ - -d "$payload" \ - "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews") - - # Job 3: Merge PR if Quality Gate passes - dry-run-merge-pr: - runs-on: ubuntu-latest - needs: [check-and-create-pr, sonarqube-analysis] - if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED' - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - name: Docker Compose Dry Run uses: s3i7h/spin-up-docker-compose-action@v1.2 with: @@ -144,20 +93,75 @@ jobs: pull-opts: --dry-run up: true up-opts: -d --dry-run + # Job 3: Merge PR if Quality Gate passes + # dry-run-merge-pr: + # runs-on: ubuntu-latest + # needs: [check-and-create-pr, sonarqube-analysis] + # if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED' + # steps: + # - name: Checkout Code + # uses: actions/checkout@v4 - - name: Merge PR in Gitea - uses: prasiman/gocurl@v1 - with: - url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}" - method: "POST" - headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }' - params: >- - { - "Do": "merge", - "delete_branch_after_merge": true, - "force_merge": true, - "merge_when_checks_succeed": true - } + # - name: JSON clean-up for Custom Quality Gate Check... + # id: json-cleanup + # run: | + # echo "Cleaning up quality gate response..." + # echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt + # sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json + # jq -c '.' qg_raw.json > qg_fixed_json.json + # echo "qgfixedjson=$(cat qg_fixed_json.json)" >> $GITHUB_OUTPUT + # echo "JSON cleanup complete. + # projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json) + # caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json) + # conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json) + # echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT + # echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT + # echo "conditions=${conditions}" >> $GITHUB_OUTPUT + # - name: Post SonarQube Results as Comment + # env: + # PR_NUMBER: ${{ needs.check-and-create-pr.outputs.pr_number }} + # SQ_RESULTS: ${{ steps.convert-json-to-md.outputs.table }} + # QG_STATUS: ${{ steps.quality-gate.outputs.quality-gate-status }} + # RINOA_GITEA_URL: ${{ vars.RINOA_GITEA_URL }} + # GITHUB_REPOSITORY: ${{ github.repository }} + # BOT_GITEA_TOKEN: ${{ secrets.BOT_GITEA_TOKEN }} + # run: | + # formatted_results=$(echo "${SQ_RESULTS}" | sed 's/\\n/\ + # /g') + # payload=$(jq -n \ + # --arg body "SonarQube analysis results: + #
+ # ${{ env.SQ_RESULTS }}" \ + # '{ body: $body }') + + # response=$(curl -s -o response.json -w "%{http_code}" \ + # -X POST \ + # -H "Accept: application/json" \ + # -H "Authorization: token ${BOT_GITEA_TOKEN}" \ + # -H "Content-Type: application/json" \ + # -d "$payload" \ + # "${RINOA_GITEA_URL}/api/v1/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}/reviews") - - name: Confirm Merge - run: echo "PR has been successfully merged into main." + # - name: Convert JSON to Markdown Table + # id: convert-json-to-md + # uses: buildingcash/json-to-markdown-table-action@v1.1.0 + # with: + # json: "${{ steps.json-cleanup.outputs.conditions }}" + + + # - name: Merge PR in Gitea + # uses: prasiman/gocurl@v1 + # with: + # url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}" + # method: "POST" + # headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }' + # params: >- + # { + # "Do": "merge", + # "delete_branch_after_merge": true, + # "force_merge": true, + # "merge_when_checks_succeed": true + # } + + # - name: Confirm Merge + # run: echo "PR has been successfully merged into main."