Files
rinoa-docker/.gitea/workflows/build.yaml
T

118 lines
4.2 KiB
YAML

on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Scanning & Status
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@v4
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
# - name: SonarQube Scan
# uses: SonarSource/sonarqube-scan-action@v4.0.0
# env:
# SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
# SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# - name: Fetch SonarQube Project Status
# id: fetch-status
# uses: prasiman/gocurl@v1
# with:
# method: GET
# url: ${{ secrets.SONARQUBE_URL }}/api/qualitygates/project_status
# basic-auth-token: ${{ secrets.SONARQUBE_TOKEN }}
# params: '{{ "projectKey", "${{ gitea.repository.name }}" }}'
# log-response: true
# - name: Comment on PR with SonarQube Status
# uses: prasiman/gocurl@v1
# with:
# method: "POST"
# url: ${{ secrets.RINOA_GITEA_SERVER }}/api/v1/repos/${{ gitea.repository.owner.login }}/${{ gitea.repository.name }}/pulls/${{ gitea.pull_request.id }}/reviews
# headers: |
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
# Content-Type: application/json
# body:
# |
# {
# "body": "string",
# "comments": [
# {
# "body": "${{ steps.quality-gate.outputs.quality-gate-status }}",
# "new_position": 0,
# "old_position": 0,
# "path": "string"
# }
# ],
# "commit_id": "${{ gitea.pull_request.head.sha }}",
# "event": "COMMENT"
# }
- name: Run SonarQube and Gitea Action
uses: https://git.trez.wtf/Trez.One/sonar-gitea-pr-bot@v1.0.2
with:
sonar_server_url: ${{ secrets.SONARQUBE_HOST }}
sonar_auth_token: ${{ secrets.SONARQUBE_TOKEN }}
gitea_server_url: ${{ secrets.RINOA_GITEA_SERVER }}
gitea_token: ${{ secrets.BOT_GITEA_TOKEN }}
project_key: rinoa-docker
pull_request_id: ${{ gitea.event.pull_request.number }}
- name: SonarQube Quality Gate Check
id: quality-gate
uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
# - name: SonarQube Pull Request Comment
# if: always()
# uses: campos-pay/sonarqube-pr-comment@v0.1.5
# with:
# sonar_token: ${{ secrets.SONARQUBE_TOKEN }}
# sonar_host_url: ${{ secrets.SONARQUBE_HOST }}
# sonar_projectkey: ${{ gitea.event.repository.name }}
# github-token: ${{ secrets.BOT_GITEA_TOKEN }}
# repo_name: ${{ gitea.repository }}
# pr_number: ${{ gitea.event.pull_request.number }}
# github_api_base_url: "https://git.trez.wtf/api/v1"
# status-check:
# name: Validate SonarQube Bot Status
# needs: setup-sonarqube
# runs-on: self-hosted
# steps:
# - name: Fetch PR Status
# uses: prasiman/gocurl@v1
# with:
# method: GET
# url: ${{ secrets.GITEA_SERVER }}/api/v1/repos/${{ gitea.repository.owner.login }}/${{ gitea.repository.name }}/pulls/${{ gitea.pull_request.id }}/status
# headers: |
# Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}
# run: |
# echo "Validating SonarQube bot status..."
# echo ${{ steps.fetch-status.outputs.body }} | jq -e '.statuses[] | select(.creator.login == "gitea-sonarqube-bot" and .status == "success")' || exit 1
# echo "SonarQube bot status validation successful."
# dry-run:
# name: Dry Run Docker Compose
# runs-on: self-hosted
# needs: status-check
# steps:
# - name: Checkout Code
# uses: actions/checkout@v4
# - name: Validate Docker Compose
# run: |
# echo "Validating Docker Compose configuration..."
# docker compose config -f rinoa-docker-compose.yml
# echo "Docker Compose validation successful."