actions/sonarqube-scan-action
2
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2025-12-13 18:01:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

SQSCANGHA-25 Rewrite tests using GitHub Actions

Browse source
This commit is contained in:
Julien HENRY 2024-05-13 17:07:56 +02:00 committed by Antoine Vinot
parent 6abcb2537c
commit be64f35726
5 changed files with 137 additions and 118 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

121
.github/workflows/qa.yml vendored
View file

@ -3,16 +3,129 @@ name: QA
on: [push, pull_request] on: [push, pull_request]
jobs: jobs:
run_qa: argsInputTest:
name: >
'args' input
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
- run: ./test/run-qa.sh - name: Run action with args
timeout-minutes: 5 uses: ./
with:
args: -Dsonar.someArg=aValue -Dsonar.scanner.dumpToFile=./output.properties
env:
SONAR_HOST_URL: http://not_actually_used
- name: Assert
run: |
./test/assertFileContains ./output.properties "sonar.someArg=aValue"
projectBaseDirInputTest:
name: >
'projectBaseDir' input
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- run: mkdir -p ./baseDir
- name: Run action with projectBaseDir
uses: ./
with:
args: -Dsonar.scanner.dumpToFile=./output.properties
projectBaseDir: ./baseDir
env:
SONAR_HOST_URL: http://not_actually_used
- name: Assert
run: |
./test/assertFileContains ./output.properties "sonar.projectBaseDir=.*/baseDir"
sonarHostUrlRequiredTest:
name: >
'SONAR_HOST_URL' is required
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action without SONAR_HOST_URL
id: runTest
uses: ./
continue-on-error: true
- name: Previous should have failed
if: ${{ steps.runTest.outcome == 'success'}}
run: |
echo "Expected previous step to fail"
exit 1
failFastGradleTest:
name: >
Fail fast on Gradle project
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on Gradle project
id: runTest
uses: ./
continue-on-error: true
env:
SONAR_HOST_URL: http://not_actually_used
with:
projectBaseDir: ./test/gradle-project
- name: Previous should have failed
if: ${{ steps.runTest.outcome == 'success'}}
run: |
echo "Expected previous step to fail"
exit 1
failFastMavenTest:
name: >
Fail fast on Maven project
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on Maven project
id: runTest
uses: ./
continue-on-error: true
env:
SONAR_HOST_URL: http://not_actually_used
with:
projectBaseDir: ./test/maven-project
- name: Previous should have failed
if: ${{ steps.runTest.outcome == 'success'}}
run: |
echo "Expected previous step to fail"
exit 1
runAnalysisTest:
runs-on: ubuntu-latest
services: services:
sonarqube: sonarqube:
image: sonarqube:8.9-community image: sonarqube:lts-community
ports: ports:
- 9000:9000 - 9000:9000
volumes:
- sonarqube_data:/opt/sonarqube/data
- sonarqube_logs:/opt/sonarqube/logs
- sonarqube_extensions:/opt/sonarqube/extensions
options: >-
--health-cmd "grep -Fq \"SonarQube is operational\" /opt/sonarqube/logs/sonar.log"
--health-interval 10s
--health-timeout 5s
--health-retries 10
steps:
- uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on sample project
id: runTest
uses: ./
env:
SONAR_HOST_URL: http://sonarqube:9000
with:
args: -Dsonar.login=admin -Dsonar.password=admin
projectBaseDir: ./test/example-project
- name: Assert
run: |
./test/assertFileExists ./test/example-project/.scannerwork/report-task.txt

4
entrypoint.sh
View file

@ -20,12 +20,12 @@ if [[ -n "${SONAR_ROOT_CERT}" ]]; then
keytool -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias sonarqube -file /tmp/tmpcert.pem keytool -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -trustcacerts -importcert -alias sonarqube -file /tmp/tmpcert.pem
fi fi
if [[ -f "${INPUT_PROJECTBASEDIR%/}pom.xml" ]]; then if [[ -f "${INPUT_PROJECTBASEDIR%/}/pom.xml" ]]; then
echo "Maven project detected. You should run the goal 'org.sonarsource.scanner.maven:sonar' during build rather than using this GitHub Action." echo "Maven project detected. You should run the goal 'org.sonarsource.scanner.maven:sonar' during build rather than using this GitHub Action."
exit 1 exit 1
fi fi
if [[ -f "${INPUT_PROJECTBASEDIR%/}build.gradle" ]]; then if [[ -f "${INPUT_PROJECTBASEDIR%/}/build.gradle" ]]; then
echo "Gradle project detected. You should use the SonarQube plugin for Gradle during build rather than using this GitHub Action." echo "Gradle project detected. You should use the SonarQube plugin for Gradle during build rather than using this GitHub Action."
exit 1 exit 1
fi fi

10
test/assertFileContains Executable file
View file

@ -0,0 +1,10 @@
#!/bin/bash
error() { echo -e "\\e[31m✗ $*\\e[0m"; }
assertFileExists $1
if ! grep -q $2 $1; then
error "'$2' not found in '$1'"
exit 1
fi

8
test/assertFileExists Executable file
View file

@ -0,0 +1,8 @@
#!/bin/bash
error() { echo -e "\\e[31m✗ $*\\e[0m"; }
if [ ! -f $1 ]; then
error "File '$1' not found"
exit 1
fi

112
test/run-qa.sh
View file

@ -1,112 +0,0 @@
#!/bin/bash
# Helper functions for coloring output.
info() { echo -e "\\e[36m$*\\e[0m"; }
error() { echo -e "\\e[31m✗ $*\\e[0m"; }
success() { echo -e "\\e[32m✔ $*\\e[0m"; }
# Helper function to check if SonarQube is up and running.
check_sq_is_up() {
local statusCall="$(curl --silent --user admin:admin http://127.0.0.1:9000/api/system/status)"
local status="$(jq -r '.status' <<< "$statusCall")"
if [[ ! $? -eq 0 ]]; then
error "Failed to check if SonarQube is up and running."
exit 1
fi
echo $status;
}
_current_perm=$(stat -c "%u:%g" $(pwd))
info "Build scanner action..."
docker build --no-cache -t sonarsource/sonarqube-scan-action .
if [[ ! $? -eq 0 ]]; then
error "Failed to build the scanner action."
exit 1
fi
success "Scanner action built."
info "Find the network SonarQube is running on..."
network=$(docker network ls -f 'name=github_network' --format "{{.Name}}")
if [[ $network != "github_network_"* ]]; then
error "Failed to find the local Docker network."
exit 1
fi
success "Found the network ($network)."
info "Wait until SonarQube is up..."
sleep 10
isUp=$(check_sq_is_up)
until [[ "$isUp" == "UP" ]]; do
sleep 1
isUp=$(check_sq_is_up)
done
success "SonarQube is up and running."
info "Generate a new token..."
tokenCall=$(curl --silent --user admin:admin -d "name=token" http://127.0.0.1:9000/api/user_tokens/generate)
token="$(jq -r '.token' <<< "$tokenCall")"
if [[ -z "$token" ]]; then
error "Failed to generate a new token."
exit 1
fi
success "New token generated."
info "Test fail-fast if SONAR_TOKEN is omitted..."
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network sonarsource/sonarqube-scan-action
if [[ $? -eq 0 ]]; then
error "Should have failed fast."
exit 1
fi
success "Correctly failed fast."
info "Test fail-fast if SONAR_HOST_URL is omitted..."
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token sonarsource/sonarqube-scan-action
if [[ $? -eq 0 ]]; then
error "Should have failed fast."
exit 1
fi
success "Correctly failed fast."
info "Test fail-fast on Gradle project..."
pushd test/gradle-project/
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action
if [[ $? -eq 0 ]]; then
error "Should have failed fast."
exit 1
fi
popd
success "Correctly failed fast."
info "Test fail-fast on Maven project..."
pushd test/maven-project/
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action
if [[ $? -eq 0 ]]; then
error "Should have failed fast."
exit 1
fi
popd
success "Correctly failed fast."
info "Analyze project..."
cd test/example-project/
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env INPUT_PROJECTBASEDIR=/github/workspace --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env INPUT_PROJECTBASEDIR=/github/workspace --entrypoint /cleanup.sh sonarsource/sonarqube-scan-action
if [[ ! $? -eq 0 ]]; then
error "Couldn't run the analysis."
exit 1
elif [[ ! -f ".scannerwork/report-task.txt" ]]; then
error "Couldn't find the report task file. Analysis failed."
exit 1
elif [ ! "$(stat -c "%u:%g" ".scannerwork/report-task.txt")" == "$_current_perm" ]; then
error "File permissions differ from desired once"
error "desired: $_current_perm"
error "actual: $(stat -c "%u:%g" ".scannerwork/report-task.txt")"
exit 1
fi
success "Analysis successful."
echo "" # new line
echo "============================"
echo "" # new line
success "QA successful!"