Files
rinoa-docker/.gitea/workflows/branch-sonarscan-pr-merge.yml
T
2024-12-19 11:56:36 -05:00

158 lines
6.3 KiB
YAML

name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
on:
push:
branches-ignore:
- main
jobs:
# Job 1: Check if PR exists and create one if the branch is new
check-and-create-pr:
name: Check and Create PR
runs-on: ubuntu-latest
outputs:
pr_created: ${{ steps.check-pr.outputs.pr_created }}
pr_index: ${{ steps.create-pr.outputs.pr_index }}
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Find Current PR
id: findPr
uses: jwalton/gh-find-current-pr@v1.3.3
with:
state: open
# - name: Check if PR Exists
# id: check-pr
# run: |
# echo "Checking for existing PR..."
# curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
# -X 'GET' \
# -H 'Accept: application/json' \
# -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
# -s | jq '{index: .number, state: .state}' > pr_status.json
# echo "pr_status=$(jq -c . pr_status.json)" >> "$GITHUB_OUTPUT"
# - name: Create PR in Gitea
# if: ${{ steps.check-pr.outputs.pr_status.state }} == 'closed'
# id: create-pr
# run: |
# echo "Creating PR..."
# curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls \
# -X 'POST' \
# -H 'Accept: application/json' \
# -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
# -H 'Content-Type: application/json' \
# -d '{
# "title": "PR: ${{ github.ref_name }} -> main",
# "body": "This is an automated PR created by Gitea Actions.",
# "base": "main",
# "head": "${{ github.ref_name }}"
# }' | jq '{index: .number}' > pr_created.json
# echo "pr_created=$(jq -c . pr_created.json)" >> "$GITHUB_OUTPUT"
# # Job 2: Run SonarQube Analysis
# sonarqube-analysis:
# name: SonarQube Analysis
# runs-on: ubuntu-latest
# needs: check-and-create-pr
# steps:
# - name: Checkout Code
# uses: actions/checkout@v4
# # - name: Start Gitea-Sonarqube Bot
# # uses: docker://justusbunsi/gitea-sonarqube-bot:v0.3.3
# # with:
# # # Required inputs for the bot
# # args: >
# # --sonarqube-url ${{ secrets.SONARQUBE_URL }}
# # --sonarqube-token ${{ secrets.SONARQUBE_TOKEN }}
# # --git-provider github
# # --git-api-url https://api.github.com
# # --git-token ${{ secrets.GITHUB_TOKEN }}
# # --repository my-org/my-repo
# # --pull-request-id ${{ github.event.pull_request.number }}
# - name: SonarQube Scan
# uses: sonarsource/sonarqube-scan-action@v4.1.0
# env:
# SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# - name: SonarQube Quality Gate
# id: quality-gate
# uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
# env:
# SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# - name: Custom Quality Gate Check
# uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1
# id: quality-gate-check
# with:
# sonar-project-key: rinoa-docker
# sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
# sonar-token: ${{ secrets.SONARQUBE_TOKEN }}
# - name: JSON clean-up for proccessing...
# id: json-cleanup
# run: |
# echo "Cleaning up quality gate response..."
# echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
# sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
# jq -c '.' qg_raw.json > qg_fixed_json.json
# projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
# echo "${projstatus}"
# caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
# echo "${caycStatus}"
# conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
# echo "${conditions}"
# echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
# echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
# echo "conditions=${conditions}" >> $GITHUB_OUTPUT
# echo "qg_fixed_json=$(cat qg_fixed_json.json)" >> $GITHUB_ENV
# - name: Convert JSON to Markdown Table
# id: convert-json-to-md
# uses: buildingcash/json-to-markdown-table-action@v1.1.0
# with:
# json: ${{ steps.json-cleanup.outputs.conditions }}
- name: Verify PR number
run: |
echo "PR number: ${{ steps.findPr.outputs.pr }}"
# - name: Post SonarQube Results as Comment
# run: |
# curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/${{ github.pull_request.number }}/reviews \
# -X POST \
# -H 'Accept: application/json' \
# -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
# -H 'Content-Type: application/json' \
# -d '{
# "body": "SonarQube analysis results:\n\n${{ steps.convert-json-to-md.outputs.table }}\n\n${{ steps.quality-gate.outputs.quality-gate-status }}"
# }'
# # Job 3: Merge PR if Quality Gate passes
# merge-pr:
# runs-on: ubuntu-latest
# needs: [check-and-create-pr, sonarqube-analysis]
# if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED'
# steps:
# - name: Merge PR in Gitea
# uses: prasiman/gocurl@v1
# with:
# url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}"
# method: "POST"
# headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }'
# params: >-
# {
# "Do": "merge",
# "delete_branch_after_merge": true,
# "force_merge": true,
# "merge_when_checks_succeed": true
# }
# - name: Confirm Merge
# run: echo "PR has been successfully merged into main."