SonarQube integration (#307)

* SonarQube integration
smartcontractkit · Sep 11, 2023 · b8ec6b3 · b8ec6b3
1 parent bbabe54
commit b8ec6b3
Show file tree

Hide file tree

Showing 6 changed files with 148 additions and 10 deletions.
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
@@ -38,6 +38,12 @@ jobs:
           nix_path: nixpkgs=channel:nixos-unstable
       - name: Lint relayer
         run: nix develop -c make lint-go-relayer
+      - name: Store Golangci lint relayer report artifact
+        if: always()
+        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        with:
+          name: golangci-lint-relayer-report
+          path: ./relayer/golangci-lint-relayer-report.xml
 
   golang_lint_ops:
     name: Golang Lint Ops
@@ -52,6 +58,12 @@ jobs:
           nix_path: nixpkgs=channel:nixos-unstable
       - name: Lint ops
         run: nix develop -c make lint-go-ops
+      - name: Store Golangci lint ops report artifact
+        if: always()
+        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        with:
+          name: golangci-lint-ops-report
+          path: ./ops/golangci-lint-ops-report.xml
 
   golang_lint_integration_tests:
     name: Golang Lint Integration Tests
@@ -66,6 +78,12 @@ jobs:
           nix_path: nixpkgs=channel:nixos-unstable
       - name: Lint integration-tests
         run: nix develop -c make lint-go-test
+      - name: Store Golangci lint integration tests report artifact
+        if: always()
+        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        with:
+          name: golangci-lint-integration-tests-report
+          path: ./integration-tests/golangci-lint-integration-tests-report.xml
       # Note: I could not figure out why the golangci-lint-action would not work even though it is technically running the same as above, error message is this:
       # Running [/home/runner/golangci-lint-1.50.1-linux-amd64/golangci-lint run --out-format=github-actions --path-prefix=integration-tests --exclude=dot-imports] in [/home/runner/work/chainlink-starknet/chainlink-starknet/integration-tests] ...
       # level=warning msg="[runner] Can't run linter goanalysis_metalinter: inspect: failed to load package client: could not load export data: no export data for \"github.com/smartcontractkit/chainlink-testing-framework/client\""

diff --git a/.github/workflows/relayer.yml b/.github/workflows/relayer.yml
@@ -24,6 +24,16 @@ jobs:
 
       - name: Unit Test
         run: nix develop -c make test-unit-go
+
+      - name: Upload Golangci relayer results
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: go-unit-tests-results
+          path: |
+            ./relayer/output.txt
+            ./relayer/coverage.txt
+            ./relayer/race_coverage.txt
 
       - name: Install starknet-devnet (via venv+pip)
         run: nix develop -c pip install -r contracts/requirements.txt -c contracts/constraints.txt

diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml
@@ -0,0 +1,97 @@
+name: SonarQube Scan
+
+on:
+  push:
+    branches:
+      - develop
+  pull_request:
+
+jobs:
+  wait_for_workflows:
+    name: Wait for workflows
+    runs-on: ubuntu-latest
+    if: always()
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }}
+
+      - name: Wait for Workflows
+        id: wait
+        uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@main
+        with:
+          max-timeout: "1200"
+          polling-interval: "30"
+          exclude-workflow-names: "Amarna Analysis,Changesets,Integration Contracts (Vendor, Examples),Integration Gauntlet,Integration Tests Publish,Integration Tests - Smoke,Integration Tests - Soak,Build and push on-chain monitor image to ECR,Contracts,Lint"
+          exclude-workflow-ids: ""
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        env:
+          DEBUG: "true"
+
+  sonarqube:
+    name: SonarQube Scan
+    needs: [ wait_for_workflows ]
+    runs-on: ubuntu-latest
+    if: always()
+    steps:
+      - name: Checkout the repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports
+
+      - name: Download Golangci unit tests reports
+        uses: dawidd6/[email protected]
+        with:
+          workflow: relayer.yml
+          workflow_conclusion: ""
+          name_is_regexp: true
+          name: go-unit-tests-results
+          if_no_artifact_found: warn
+
+      - name: Download Golangci Relayer report
+        uses: dawidd6/[email protected]
+        with:
+          workflow: golangci-lint.yml
+          workflow_conclusion: ""
+          name_is_regexp: true
+          name: golangci-lint-relayer-report
+          if_no_artifact_found: warn
+
+      - name: Download Golangcio Ops report
+        uses: dawidd6/[email protected]
+        with:
+          workflow: golangci-lint.yml
+          workflow_conclusion: ""
+          name_is_regexp: true
+          name: golangci-lint-ops-report
+          if_no_artifact_found: warn
+
+      - name: Download Golangci-lint Integration tests report
+        uses: dawidd6/[email protected]
+        with:
+          workflow: golangci-lint.yml
+          workflow_conclusion: ""
+          name_is_regexp: true
+          name: golangci-lint-integration-tests-report
+          if_no_artifact_found: warn
+
+      - name: Set SonarQube Report Paths
+        id: sonarqube_report_paths
+        shell: bash
+        run: |
+          {
+            echo "sonarqube_tests_report_paths=$(find . -type f -name output.txt | paste -sd "," -)"
+            echo "sonarqube_coverage_report_paths=$(find . -type f -name '*coverage.txt' | paste -sd "," -)"
+            echo "sonarqube_golangci_report_paths=$(find . -type f -name 'golangci-*-report.xml' -printf "%p,")"
+          } >> "$GITHUB_OUTPUT"
+      - name: SonarQube Scan
+        uses: sonarsource/sonarqube-scan-action@a6ba0aafc293e03de5437af7edbc97f7d3ebc91a # v1.2.0
+        with:
+          args: >
+            -Dsonar.go.tests.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_tests_report_paths }}
+            -Dsonar.go.coverage.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_coverage_report_paths }}
+            -Dsonar.go.golangci-lint.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_golangci_report_paths }}
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
diff --git a/.gitignore b/.gitignore
@@ -14,8 +14,6 @@ bin
 
 .DS_Store
 .temp/
-coverage/
-coverage.json
 
 # Byte-compiled / optimized / DLL files
 __pycache__/
@@ -60,11 +58,13 @@ pip-delete-this-directory.txt
 htmlcov/
 .tox/
 .nox/
-.coverage
-.coverage.*
+*report.xml
+*report.json
+*.out
+*coverage*
+testdata/
 .cache
 nosetests.xml
-coverage.xml
 *.cover
 *.py,cover
 .hypothesis/

diff --git a/Makefile b/Makefile
@@ -157,15 +157,15 @@ format-ts-check:
 
 .PHONY: lint-go-ops
 lint-go-ops:
-	cd ./ops && golangci-lint --color=always run
+	cd ./ops && golangci-lint --color=always --out-format checkstyle:golangci-lint-ops-report.xml run
 
 .PHONY: lint-go-relayer
 lint-go-relayer:
-	cd ./relayer && golangci-lint --color=always run
+	cd ./relayer && golangci-lint --color=always --out-format checkstyle:golangci-lint-relayer-report.xml run
 
 .PHONY: lint-go-test
 lint-go-test:
-	cd ./integration-tests && golangci-lint --color=always --exclude=dot-imports run
+	cd ./integration-tests && golangci-lint --color=always --exclude=dot-imports --out-format checkstyle:golangci-lint-integration-tests-report.xml run
 
 .PHONY: test-go
 test-go: test-unit-go test-integration-go
@@ -175,8 +175,8 @@ test-unit: test-unit-go
 
 .PHONY: test-unit-go
 test-unit-go:
-	cd ./relayer && go test -v ./...
-	cd ./relayer && go test -v ./... -race -count=10
+	cd ./relayer && go test -v ./... -covermode=atomic -coverpkg=./... -coverprofile=coverage.txt
+	cd ./relayer && go test -v ./... -race -count=10 -coverpkg=./... -coverprofile=race_coverage.txt
 
 .PHONY: test-integration-go
 # only runs tests with TestIntegration_* + //go:build integration

diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,13 @@
+# required (may be found under "Project Information" in SonarQube)
+sonar.projectKey=smartcontractkit_chainlink-starknet
+sonar.sources=.
+
+# Full exclusions from the static analysis
+sonar.exclusions=**/vendor/**/*, **/contracts/**/*, **/mocks/**/*, **/examples/**/*, **/node_modules/**/*, **/docs/**/*, **/scripts/**/*, **/*.config.ts, **/*.config.js, **/*.txt
+# Coverage exclusions
+sonar.coverage.exclusions=**/*.test.ts, **/*_test.go, **/integration-tests/**/*, **/ops/**/*, **/test/**/*, **/testdata/**/*
+
+# Tests' root folder, inclusions (tests to check and count) and exclusions
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go, **/*.test.ts, **/test/**/*
+sonar.test.exclusions=**/integration-tests/**/*