157 lines
6.4 KiB
YAML
157 lines
6.4 KiB
YAML
name: Gitea Branch PR, SonarQube Analyze, and Merge Workflow
|
|
|
|
on:
|
|
push:
|
|
branches-ignore:
|
|
- main
|
|
|
|
jobs:
|
|
# Job 1: Check if PR exists and create one if the branch is new
|
|
check-and-create-pr:
|
|
name: Check and Create PR
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
pr_created: ${{ steps.check-pr.outputs.pr_created }}
|
|
pr_index: ${{ steps.create-pr.outputs.pr_index }}
|
|
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: PR Check/Create
|
|
id: cc-pr
|
|
run: |
|
|
echo "Checking for existing PR..."
|
|
pr_check=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/main/${{ github.ref_name }} \
|
|
-X 'GET' \
|
|
-H 'Accept: application/json' \
|
|
-H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
|
|
-s | jq '{index: .number, state: .state}')
|
|
pr_status=$(echo ${pr_check} | jq -r '.state')
|
|
if [ "${pr_status}" == "open" ]; then
|
|
echo "PR already exists. PR number: $(echo ${pr_check} | jq -r '.index')"
|
|
echo "pr_created=false" >> "$GITHUB_OUTPUT"
|
|
echo "pr_index=$(echo ${pr_check} | jq -r '.index')" >> "$GITHUB_OUTPUT"
|
|
elif [ "${pr_status}" == "closed" ]; then
|
|
echo "PR does not exist. Creating PR..."
|
|
pr_response=$(curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls -s \
|
|
-X 'POST' \
|
|
-H 'Accept: application/json' \
|
|
-H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
|
|
-H 'Content-Type: application/json' \
|
|
-d '{
|
|
"base": "main",
|
|
"head": "'"${{ github.ref_name }}"'",
|
|
"title": "Automated PR for branch '"${{ github.ref_name }}"'",
|
|
"body": "This is an automated PR created for branch '"${{ github.ref_name }}"'."
|
|
}')
|
|
pr_index=$(echo ${pr_response} | jq -r '.number')
|
|
echo "PR created. PR number: ${pr_index}"
|
|
echo "pr_created=true" >> "$GITHUB_OUTPUT"
|
|
echo "pr_index=${pr_index}" >> "$GITHUB_OUTPUT"
|
|
else
|
|
echo "Error checking for existing PR. Exiting..."
|
|
exit 1
|
|
fi
|
|
|
|
sonarqube-analysis:
|
|
name: SonarQube Analysis
|
|
runs-on: ubuntu-latest
|
|
needs: check-and-create-pr
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: SonarQube Scan
|
|
uses: sonarsource/sonarqube-scan-action@v4.1.0
|
|
env:
|
|
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
- name: SonarQube Quality Gate
|
|
id: quality-gate
|
|
uses: sonarsource/sonarqube-quality-gate-action@v1.1.0
|
|
env:
|
|
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
|
|
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
- name: Custom Quality Gate Check
|
|
uses: DesarrolloORT/sonarqube-quality-gate-action@v1.0.1
|
|
id: quality-gate-check
|
|
with:
|
|
sonar-project-key: rinoa-docker
|
|
sonar-host-url: ${{ secrets.SONARQUBE_HOST }}
|
|
sonar-token: ${{ secrets.SONARQUBE_TOKEN }}
|
|
|
|
- name: JSON clean-up for proccessing...
|
|
id: json-cleanup
|
|
run: |
|
|
echo "Cleaning up quality gate response..."
|
|
echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}'
|
|
echo '${{ steps.quality-gate-check.outputs.quality-gate-result }}' > qg_input.txt
|
|
sed -E 's/([a-zA-Z0-9_]+):/\\"\1\\":/g; s/:([^",{}\[\]]+)/:"\1"/g' qg_input.txt > qg_raw.json
|
|
jq -c '.' qg_raw.json > qg_fixed_json.json
|
|
projstatus=$(jq -r '.projectStatus.status' qg_fixed_json.json)
|
|
echo "${projstatus}"
|
|
caycStatus=$(jq -r '.projectStatus.caycStatus' qg_fixed_json.json)
|
|
echo "${caycStatus}"
|
|
conditions=$(jq -c '.projectStatus.conditions' qg_fixed_json.json)
|
|
echo "${conditions}"
|
|
echo "projstatus=${projstatus}" >> $GITHUB_OUTPUT
|
|
echo "caycStatus=${caycStatus}" >> $GITHUB_OUTPUT
|
|
echo "conditions=${conditions}" >> $GITHUB_OUTPUT
|
|
echo "qg_fixed_json=$(cat qg_fixed_json.json)" >> $GITHUB_ENV
|
|
|
|
- name: Convert JSON to Markdown Table
|
|
id: convert-json-to-md
|
|
uses: buildingcash/json-to-markdown-table-action@v1.1.0
|
|
with:
|
|
json: ${{ steps.json-cleanup.outputs.conditions }}
|
|
|
|
# - name: Start Gitea-Sonarqube Bot
|
|
# uses: docker://justusbunsi/gitea-sonarqube-bot:v0.3.3
|
|
# with:
|
|
# # Required inputs for the bot
|
|
# args: >
|
|
# --sonarqube-url ${{ secrets.SONARQUBE_URL }}
|
|
# --sonarqube-token ${{ secrets.SONARQUBE_TOKEN }}
|
|
# --git-provider github
|
|
# --git-api-url https://api.github.com
|
|
# --git-token ${{ secrets.GITHUB_TOKEN }}
|
|
# --repository my-org/my-repo
|
|
# --pull-request-id ${{ github.event.pull_request.number }}
|
|
|
|
# - name: Post SonarQube Results as Comment
|
|
# run: |
|
|
# curl ${{ vars.RINOA_GITEA_URL }}/api/v1/repos/${{ github.repository }}/pulls/${{ steps.cc-pr.outputs.pr_index }}/reviews \
|
|
# -X POST \
|
|
# -H 'Accept: application/json' \
|
|
# -H 'Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}' \
|
|
# -H 'Content-Type: application/json' \
|
|
# -d '{
|
|
# "body": "SonarQube analysis results:\n\n${{ steps.convert-json-to-md.outputs.table }}\n\n${{ steps.quality-gate.outputs.quality-gate-status }}"
|
|
# }'
|
|
|
|
# Job 3: Merge PR if Quality Gate passes
|
|
# merge-pr:
|
|
# runs-on: ubuntu-latest
|
|
# needs: [check-and-create-pr, sonarqube-analysis]
|
|
# if: needs.sonarqube-analysis.outputs.quality_gate_status == 'PASSED'
|
|
# steps:
|
|
# - name: Merge PR in Gitea
|
|
# uses: prasiman/gocurl@v1
|
|
# with:
|
|
# url: "${{ secrets.GITEA_INSTANCE_URL }}/repos/${{ github.repository_owner }}/${{ github.event.repository.name }}/pulls/${{ needs.check-and-create-pr.outputs.pr_index }}"
|
|
# method: "POST"
|
|
# headers: '{ "Authorization": "token ${{ secrets.GITEA_API_TOKEN }}", "Content-Type": "application/json" }'
|
|
# params: >-
|
|
# {
|
|
# "Do": "merge",
|
|
# "delete_branch_after_merge": true,
|
|
# "force_merge": true,
|
|
# "merge_when_checks_succeed": true
|
|
# }
|
|
|
|
# - name: Confirm Merge
|
|
# run: echo "PR has been successfully merged into main."
|