diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 62b1def32..000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Build CI with Gradle - -on: - push: - branches: - - master - paths: - - 'backend/**' - pull_request: - branches: - - master - paths: - - 'backend/**' - -jobs: - build: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./backend - - steps: - - name: Check out Git repository - uses: actions/checkout@v3 - - - name: Set up JDK 21 - uses: actions/setup-java@v3 - with: - java-version: 21 - distribution: temurin - - - name: Gradle CI - uses: gradle/gradle-build-action@v2 - with: - arguments: build - build-root-directory: backend diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9ef2a58d9..6e8511bc3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -4,13 +4,9 @@ on: push: branches: - master - paths: - - 'frontend/**' + - staging pull_request: - branches: - - master - paths: - - 'frontend/**' + types: [opened, synchronize, reopened] jobs: run-linters: @@ -42,3 +38,11 @@ jobs: - name: TSC run: yarn lint:typescript + + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + projectBaseDir: frontend diff --git a/.github/workflows/sonar-backend.yml b/.github/workflows/sonar-backend.yml new file mode 100644 index 000000000..59d40f04a --- /dev/null +++ b/.github/workflows/sonar-backend.yml @@ -0,0 +1,40 @@ +name: SonarCloud +on: + push: + branches: + - staging + - master + pull_request: + types: [opened, synchronize, reopened] + +jobs: + build: + name: Build and analyze + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: 21 + distribution: temurin + - name: Cache SonarCloud packages + uses: actions/cache@v4 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} + restore-keys: ${{ runner.os }}-gradle + - name: Build and analyze + working-directory: backend + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: sh ./gradlew build sonar --info diff --git a/backend/build.gradle.kts b/backend/build.gradle.kts index 84c70749d..dba25ac92 100644 --- a/backend/build.gradle.kts +++ b/backend/build.gradle.kts @@ -7,6 +7,7 @@ plugins { id("org.owasp.dependencycheck") version "10.0.4" kotlin("jvm") version "2.0.20" kotlin("plugin.spring") version "2.0.20" + id("org.sonarqube") version "4.4.1.3373" } group = "hu.bme.sch" @@ -23,6 +24,14 @@ tasks { } } +sonar { + properties { + property("sonar.projectKey", "kir-dev_cmsch-backend") + property("sonar.organization", "kir-dev") + property("sonar.host.url", "https://sonarcloud.io") + } +} + repositories { mavenCentral() } diff --git a/frontend/sonar-project.properties b/frontend/sonar-project.properties new file mode 100644 index 000000000..8e05304eb --- /dev/null +++ b/frontend/sonar-project.properties @@ -0,0 +1,13 @@ +sonar.projectKey=kir-dev_cmsch-frontend +sonar.organization=kir-dev + +# This is the name and version displayed in the SonarCloud UI. +#sonar.projectName=cmsch-frontend +#sonar.projectVersion=1.0 + + +# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. +sonar.sources=. + +# Encoding of the source code. Default is default system encoding +sonar.sourceEncoding=UTF-8