Skip to content

Sonar Scan

Sonar Scan #686

name: Sonar
on:
workflow_run:
workflows: [ pr-number-uploader ]
types: [ completed ]
jobs:
sonar:
name: Scan code with sonarCould
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
steps:
- name: Download PR number artifact
uses: dawidd6/action-download-artifact@v2
with:
workflow: prNumberUploader.yaml
run_id: ${{ github.event.workflow_run.id }}
name: PR_NUMBER
- name: Read PR_NUMBER.txt
id: pr_number
uses: juliangruber/read-file-action@v1
with:
path: ./PR_NUMBER.txt
- name: Request GitHub API for PR data
uses: octokit/[email protected]
id: get_pr_data
with:
route: GET /repos/{full_name}/pulls/{number}
number: ${{ steps.pr_number.outputs.content }}
full_name: ${{ github.event.repository.full_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout into the pr's branch
uses: actions/checkout@v4
with:
repository: ${{ github.event.workflow_run.head_repository.full_name }}
ref: ${{ github.event.workflow_run.head_branch }}
fetch-depth: 0
- name: Fetch base branch from upstream #step needed to calculate the "new lines of code metric" for the scan. Basically, the idea is to synch. with the base branch on the upstream because the fork could be not synched with it
run: |
git remote add upstream ${{ github.event.repository.clone_url }}
git fetch upstream
git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
git checkout ${{ github.event.workflow_run.head_branch }}
git clean -ffdx && git reset --hard HEAD
- uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: 11
- name: SonarCloud Scan
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -B compile org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-Dsonar.projectKey=org.eclipse_kapua
-Dsonar.organization=eclipse
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.pullrequest.provider=github
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }}
-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }}
-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}