From 04632fc0a5d748f2cd25d9cce1d8fa43ade5da93 Mon Sep 17 00:00:00 2001 From: Alexander Kaufmann Date: Thu, 19 Dec 2024 08:56:35 +0100 Subject: [PATCH] chore: invoke SonarQube via GitHub action --- .github/workflows/sonar-qube.yml | 38 ++++++++++++++++++++++++++++++++ sonar-project.properties | 8 +++++++ 2 files changed, 46 insertions(+) create mode 100644 .github/workflows/sonar-qube.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/sonar-qube.yml b/.github/workflows/sonar-qube.yml new file mode 100644 index 000000000..a38ac9bdb --- /dev/null +++ b/.github/workflows/sonar-qube.yml @@ -0,0 +1,38 @@ +name: SonarCloud Code Analysis + +on: + pull_request: + types: + - opened + - synchronize + - reopened + push: + branches: + - main + - next + +jobs: + sonarqube: + name: SonarQube + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Use Node.js 22.x + uses: actions/setup-node@v4 + with: + node-version: 22 + cache: "npm" + cache-dependency-path: "**/package-lock.json" + registry-url: "https://registry.npmjs.org" + + - name: Install dependencies + run: npm ci && npm --prefix api ci && npm --prefix create-app ci && npm --prefix admin ci && npm --prefix site ci + + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 000000000..8ba2f4c60 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,8 @@ +sonar.projectKey=vivid-planet_comet-starter +sonar.organization=vivid-planet +sonar.sources=admin/,api/,create-app/,site/ +sonar.tests=api/ +sonar.test.inclusions=api/**/__tests__/**,api/**/*.spec.ts +sonar.exclusions=api/**/__tests__/**,api/**/*.spec.ts +sonar.cpd.exclusions=packages/**/__tests__/**,packages/**/*.spec.ts +sonar.typescript.tsconfigPaths=admin/tsconfig.json,api/tsconfig.json,create-app/tsconfig.json,site/tsconfig.json