diff --git a/.github/workflows/sonar-analysis.yml b/.github/workflows/sonar-analysis.yml new file mode 100644 index 0000000..36585b4 --- /dev/null +++ b/.github/workflows/sonar-analysis.yml @@ -0,0 +1,20 @@ +name: SonarCloud OpenLMIS-cce-ui Pipeline +on: + push: + branches: + - master + pull_request: + types: [opened, synchronize, reopened] +jobs: + sonarcloud: + name: SonarCloud Analyze + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file diff --git a/.gitignore b/.gitignore index 9aed5ea..14f6548 100644 --- a/.gitignore +++ b/.gitignore @@ -12,5 +12,4 @@ node_modules/ .env bower_components .tmp -.sonar yarn-error.log diff --git a/Jenkinsfile b/Jenkinsfile index b6622ae..c74e020 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -109,64 +109,6 @@ pipeline { } } } - stage('Sonar analysis') { - when { - expression { - return VERSION.endsWith("SNAPSHOT") - } - } - steps { - withSonarQubeEnv('Sonar OpenLMIS') { - withCredentials([string(credentialsId: 'SONAR_LOGIN', variable: 'SONAR_LOGIN'), string(credentialsId: 'SONAR_PASSWORD', variable: 'SONAR_PASSWORD')]) { - script { - sh ''' - set +x - - sudo rm -f .env - touch .env - - SONAR_LOGIN_TEMP=$(echo $SONAR_LOGIN | cut -f2 -d=) - SONAR_PASSWORD_TEMP=$(echo $SONAR_PASSWORD | cut -f2 -d=) - echo "SONAR_LOGIN=$SONAR_LOGIN_TEMP" >> .env - echo "SONAR_PASSWORD=$SONAR_PASSWORD_TEMP" >> .env - echo "SONAR_BRANCH=$GIT_BRANCH" >> .env - - docker-compose run --entrypoint ./sonar.sh cce-ui - docker-compose down --volumes - ''' - // workaround because sonar plugin retrieve the path directly from the output - sh 'echo "Working dir: ${WORKSPACE}/.sonar"' - } - } - } - timeout(time: 1, unit: 'HOURS') { - script { - def gate = waitForQualityGate() - if (gate.status != 'OK') { - echo 'Quality Gate FAILED' - currentBuild.result = 'UNSTABLE' - } - } - } - } - post { - unstable { - script { - notifyAfterFailure() - } - } - failure { - script { - notifyAfterFailure() - } - } - cleanup { - script { - sh "sudo rm -rf ${WORKSPACE}/{*,.*} || true" - } - } - } - } stage('Push image') { when { expression { diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..c53e858 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,5 @@ +sonar.projectKey=OpenLMIS_openlmis-cce-ui +sonar.organization=openlmis +sonar.projectName=openlmis-cce-ui +sonar.sources=src +sonar.sourceEncoding=UTF-8 \ No newline at end of file diff --git a/sonar.sh b/sonar.sh deleted file mode 100755 index 593418f..0000000 --- a/sonar.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -# Update everything (just in case) -npm rebuild -npm install --no-optional - -# Built and test -grunt -grunt sonar --sonarLogin=$SONAR_LOGIN --sonarPassword=$SONAR_PASSWORD --sonarBranch=$SONAR_BRANCH