From be64f357263a9a69c6488e9bdc6f666f9783049b Mon Sep 17 00:00:00 2001 From: Julien HENRY Date: Mon, 13 May 2024 17:07:56 +0200 Subject: [PATCH] SQSCANGHA-25 Rewrite tests using GitHub Actions --- .github/workflows/qa.yml | 121 +++++++++++++++++++++++++++++++++++++-- entrypoint.sh | 4 +- test/assertFileContains | 10 ++++ test/assertFileExists | 8 +++ test/run-qa.sh | 112 ------------------------------------ 5 files changed, 137 insertions(+), 118 deletions(-) create mode 100755 test/assertFileContains create mode 100755 test/assertFileExists delete mode 100755 test/run-qa.sh diff --git a/.github/workflows/qa.yml b/.github/workflows/qa.yml index c906724..ed9695a 100644 --- a/.github/workflows/qa.yml +++ b/.github/workflows/qa.yml @@ -3,16 +3,129 @@ name: QA on: [push, pull_request] jobs: - run_qa: + argsInputTest: + name: > + 'args' input runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - - run: ./test/run-qa.sh - timeout-minutes: 5 + - name: Run action with args + uses: ./ + with: + args: -Dsonar.someArg=aValue -Dsonar.scanner.dumpToFile=./output.properties + env: + SONAR_HOST_URL: http://not_actually_used + - name: Assert + run: | + ./test/assertFileContains ./output.properties "sonar.someArg=aValue" + projectBaseDirInputTest: + name: > + 'projectBaseDir' input + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - run: mkdir -p ./baseDir + - name: Run action with projectBaseDir + uses: ./ + with: + args: -Dsonar.scanner.dumpToFile=./output.properties + projectBaseDir: ./baseDir + env: + SONAR_HOST_URL: http://not_actually_used + - name: Assert + run: | + ./test/assertFileContains ./output.properties "sonar.projectBaseDir=.*/baseDir" + sonarHostUrlRequiredTest: + name: > + 'SONAR_HOST_URL' is required + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run action without SONAR_HOST_URL + id: runTest + uses: ./ + continue-on-error: true + - name: Previous should have failed + if: ${{ steps.runTest.outcome == 'success'}} + run: | + echo "Expected previous step to fail" + exit 1 + failFastGradleTest: + name: > + Fail fast on Gradle project + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run action on Gradle project + id: runTest + uses: ./ + continue-on-error: true + env: + SONAR_HOST_URL: http://not_actually_used + with: + projectBaseDir: ./test/gradle-project + - name: Previous should have failed + if: ${{ steps.runTest.outcome == 'success'}} + run: | + echo "Expected previous step to fail" + exit 1 + failFastMavenTest: + name: > + Fail fast on Maven project + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run action on Maven project + id: runTest + uses: ./ + continue-on-error: true + env: + SONAR_HOST_URL: http://not_actually_used + with: + projectBaseDir: ./test/maven-project + - name: Previous should have failed + if: ${{ steps.runTest.outcome == 'success'}} + run: | + echo "Expected previous step to fail" + exit 1 + runAnalysisTest: + runs-on: ubuntu-latest services: sonarqube: - image: sonarqube:8.9-community + image: sonarqube:lts-community ports: - 9000:9000 + volumes: + - sonarqube_data:/opt/sonarqube/data + - sonarqube_logs:/opt/sonarqube/logs + - sonarqube_extensions:/opt/sonarqube/extensions + options: >- + --health-cmd "grep -Fq \"SonarQube is operational\" /opt/sonarqube/logs/sonar.log" + --health-interval 10s + --health-timeout 5s + --health-retries 10 + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run action on sample project + id: runTest + uses: ./ + env: + SONAR_HOST_URL: http://sonarqube:9000 + with: + args: -Dsonar.login=admin -Dsonar.password=admin + projectBaseDir: ./test/example-project + - name: Assert + run: | + ./test/assertFileExists ./test/example-project/.scannerwork/report-task.txt \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index 36873d1..d0b4e1e 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -20,12 +20,12 @@ if [[ -n "${SONAR_ROOT_CERT}" ]]; then keytool -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias sonarqube -file /tmp/tmpcert.pem fi -if [[ -f "${INPUT_PROJECTBASEDIR%/}pom.xml" ]]; then +if [[ -f "${INPUT_PROJECTBASEDIR%/}/pom.xml" ]]; then echo "Maven project detected. You should run the goal 'org.sonarsource.scanner.maven:sonar' during build rather than using this GitHub Action." exit 1 fi -if [[ -f "${INPUT_PROJECTBASEDIR%/}build.gradle" ]]; then +if [[ -f "${INPUT_PROJECTBASEDIR%/}/build.gradle" ]]; then echo "Gradle project detected. You should use the SonarQube plugin for Gradle during build rather than using this GitHub Action." exit 1 fi diff --git a/test/assertFileContains b/test/assertFileContains new file mode 100755 index 0000000..69380e1 --- /dev/null +++ b/test/assertFileContains @@ -0,0 +1,10 @@ +#!/bin/bash + +error() { echo -e "\\e[31m✗ $*\\e[0m"; } + +assertFileExists $1 + +if ! grep -q $2 $1; then + error "'$2' not found in '$1'" + exit 1 +fi \ No newline at end of file diff --git a/test/assertFileExists b/test/assertFileExists new file mode 100755 index 0000000..8f04686 --- /dev/null +++ b/test/assertFileExists @@ -0,0 +1,8 @@ +#!/bin/bash + +error() { echo -e "\\e[31m✗ $*\\e[0m"; } + +if [ ! -f $1 ]; then + error "File '$1' not found" + exit 1 +fi \ No newline at end of file diff --git a/test/run-qa.sh b/test/run-qa.sh deleted file mode 100755 index 397d3ba..0000000 --- a/test/run-qa.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/bash - -# Helper functions for coloring output. -info() { echo -e "\\e[36m$*\\e[0m"; } -error() { echo -e "\\e[31m✗ $*\\e[0m"; } -success() { echo -e "\\e[32m✔ $*\\e[0m"; } - -# Helper function to check if SonarQube is up and running. -check_sq_is_up() { - local statusCall="$(curl --silent --user admin:admin http://127.0.0.1:9000/api/system/status)" - local status="$(jq -r '.status' <<< "$statusCall")" - if [[ ! $? -eq 0 ]]; then - error "Failed to check if SonarQube is up and running." - exit 1 - fi - echo $status; -} - -_current_perm=$(stat -c "%u:%g" $(pwd)) - -info "Build scanner action..." -docker build --no-cache -t sonarsource/sonarqube-scan-action . -if [[ ! $? -eq 0 ]]; then - error "Failed to build the scanner action." - exit 1 -fi -success "Scanner action built." - -info "Find the network SonarQube is running on..." -network=$(docker network ls -f 'name=github_network' --format "{{.Name}}") -if [[ $network != "github_network_"* ]]; then - error "Failed to find the local Docker network." - exit 1 -fi -success "Found the network ($network)." - -info "Wait until SonarQube is up..." -sleep 10 -isUp=$(check_sq_is_up) -until [[ "$isUp" == "UP" ]]; do - sleep 1 - isUp=$(check_sq_is_up) -done -success "SonarQube is up and running." - -info "Generate a new token..." -tokenCall=$(curl --silent --user admin:admin -d "name=token" http://127.0.0.1:9000/api/user_tokens/generate) -token="$(jq -r '.token' <<< "$tokenCall")" -if [[ -z "$token" ]]; then - error "Failed to generate a new token." - exit 1 -fi -success "New token generated." - -info "Test fail-fast if SONAR_TOKEN is omitted..." -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network sonarsource/sonarqube-scan-action -if [[ $? -eq 0 ]]; then - error "Should have failed fast." - exit 1 -fi -success "Correctly failed fast." - -info "Test fail-fast if SONAR_HOST_URL is omitted..." -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token sonarsource/sonarqube-scan-action -if [[ $? -eq 0 ]]; then - error "Should have failed fast." - exit 1 -fi -success "Correctly failed fast." - -info "Test fail-fast on Gradle project..." -pushd test/gradle-project/ -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action -if [[ $? -eq 0 ]]; then - error "Should have failed fast." - exit 1 -fi -popd -success "Correctly failed fast." - -info "Test fail-fast on Maven project..." -pushd test/maven-project/ -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action -if [[ $? -eq 0 ]]; then - error "Should have failed fast." - exit 1 -fi -popd -success "Correctly failed fast." - -info "Analyze project..." -cd test/example-project/ -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env INPUT_PROJECTBASEDIR=/github/workspace --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action -docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env INPUT_PROJECTBASEDIR=/github/workspace --entrypoint /cleanup.sh sonarsource/sonarqube-scan-action -if [[ ! $? -eq 0 ]]; then - error "Couldn't run the analysis." - exit 1 -elif [[ ! -f ".scannerwork/report-task.txt" ]]; then - error "Couldn't find the report task file. Analysis failed." - exit 1 -elif [ ! "$(stat -c "%u:%g" ".scannerwork/report-task.txt")" == "$_current_perm" ]; then - error "File permissions differ from desired once" - error "desired: $_current_perm" - error "actual: $(stat -c "%u:%g" ".scannerwork/report-task.txt")" - exit 1 -fi -success "Analysis successful." - -echo "" # new line -echo "============================" -echo "" # new line -success "QA successful!"