on: push: branches: - main pull_request: types: [opened, synchronize, reopened] name: SonarQube Scan jobs: sonarqube: name: SonarQube Trigger runs-on: ubuntu-latest steps: - name: Checking out uses: actions/checkout@v4 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 - name: SonarQube Scan uses: kitabisa/sonarqube-action@v1.2.0 with: host: ${{ secrets.SONARQUBE_HOST }} login: ${{ secrets.SONARQUBE_TOKEN }} - name: Fetch SonarQube Project Status id: fetch-status uses: cytopia/gocurl@v3 with: method: GET url: ${{ secrets.SONARQUBE_URL }}/api/qualitygates/project_status headers: Authorization: Basic ${{ secrets.SONARQUBE_TOKEN }} query: projectKey=${{ gitea.repository.name }} - name: Comment on PR with SonarQube Status uses: cytopia/gocurl@v3 with: method: POST url: ${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ gitea.repository.owner.login }}/${{ gitea.repository.name }}/issues/${{ gitea.pull_request.id }}/comments headers: | Authorization: token ${{ secrets.RINOA_GITEA_TOKEN }} Content-Type: application/json body: | { "body": "SonarQube Analysis: ${{ steps.fetch-status.outputs.body | fromJson | get('projectStatus.status') }}\n[View in SonarQube](${{ secrets.SONARQUBE_URL }}/dashboard?id=${{ gitea.repository.name }})" } status-check: name: Validate SonarQube Bot Status needs: setup-sonarqube runs-on: self-hosted steps: - name: Fetch PR Status uses: cytopia/gocurl@v3 with: method: GET url: ${{ secrets.GITEA_SERVER }}/api/v1/repos/${{ gitea.repository.owner.login }}/${{ gitea.repository.name }}/pulls/${{ gitea.pull_request.id }}/status headers: "Authorization: token ${{ secrets.GITEA_TOKEN }}"" run: | echo "Validating SonarQube bot status..." echo ${{ steps.fetch-status.outputs.body }} | jq -e '.statuses[] | select(.creator.login == "gitea-sonarqube-bot" and .status == "success")' || exit 1 echo "SonarQube bot status validation successful." dry-run: name: Dry Run Docker Compose runs-on: self-hosted needs: status-check steps: - name: Checkout Code uses: actions/checkout@v3 - name: Validate Docker Compose run: | echo "Validating Docker Compose configuration..." docker compose config -f rinoa-docker-compose.yml echo "Docker Compose validation successful."