8000 Merge code coverage and analyze PRs with SonarQube · dnsjava/dnsjava@30ceab2 · GitHub
[go: up one dir, main page]
Skip to content

Commit 30ceab2

Browse files
ibauersachsibauersachs
committed
Merge code coverage and analyze PRs with SonarQube
1 parent 206a700 commit 30ceab2

File tree

6 files changed

+366
-26
lines changed

6 files changed

+366
-26
lines changed

.github/actions/download-artifact/action.yml

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
name: Download artifact
2+
description: Wrapper around GitHub's official action, with additional extraction before download
3+
4+
# https://github.com/actions/download-artifact/blob/main/action.yml
5+
inputs:
6+
name:
7+
description: Artifact name
8+
required: true
9+
path:
10+
description: Destination path
11+
required: false
12+
default: .
13+
14+
runs:
15+
using: composite
16+
steps:
17+
- name: Download artifacts
18+
if: github.event_name != 'workflow_run'
19+
uses: actions/download-artifact@v3
20+
with:
21+
name: ${{ inputs.name }}
22+
path: ${{ inputs.path }}
23+
24+
- name: Download artifacts
25+
if: github.event_name == 'workflow_run'
26+
uses: dawidd6/action-download-artifact@v2
27+
with:
28+
workflow: ${{ github.event.workflow_run.name }}
29+
run_id: ${{ github.event.workflow_run.id }}
30+
name: ${{ inputs.name }}
31+
path: ${{ inputs.path }}
32+
33+
- name: Extract artifacts
34+
run: |
35+
for t in ${{ inputs.name }}*.tar
36+
do
37+
tar -xvf "${t}"
38+
done
39+
shell: bash
40+
working-directory: ${{ inputs.path }}
41+
42+
- name: Remove archive
43+
run: rm -f ${{ inputs.name }}*.tar
44+
shell: bash
45+
working-directory: ${{ inputs.path }}

.github/actions/prepare-analysis/action.yml

Lines changed: 63 additions & 0 deletions
9E81
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
name: Prepare code analysis
2+
description: Prepare the working directory for SonarQube code analysis
3+
4+
inputs:
5+
cache:
6+
description: Cache type
7+
8+
runs:
9+
using: composite
10+
steps:
11+
- name: Get reports
12+
uses: ./.github/actions/download-artifact
13+
with:
14+
name: reports
15+
16+
- name: Get coverage
17+
uses: ./.github/actions/download-artifact
18+
with:
19+
name: merged-coverage
20+
21+
- name: Get classes
22+
uses: ./.github/actions/download-artifact
23+
with:
24+
name: classes
25+
26+
- name: Create paths for JUnit reporting
27+
id: junit_paths
28+
shell: bash
29+
run: |
30+
report_paths=""
31+
check_name=""
32+
for file in target/surefire-reports-*
33+
do
34+
report_paths="${file}/TEST-*.xml"$'\n'"${report_paths}"
35+
check_name="JUnit Report ${file##target/surefire-reports-}"$'\n'"${check_name}"
36+
done
37+
echo "report_paths<<EOF"$'\n'"${report_paths}EOF" >> $GITHUB_OUTPUT
38+
echo "check_name<<EOF"$'\n'"${check_name}EOF" >> $GITHUB_OUTPUT
39+
40+
- name: Publish Test Report
41+
uses: mikepenz/action-junit-report@v3
42+
with:
43+
commit: ${{ github.event.workflow_run.head_sha }}
44+
report_paths: ${{ steps.junit_paths.outputs.report_paths }}
45+
check_name: ${{ steps.junit_paths.outputs.check_name }}
46+
require_tests: true
47+
check_retries: true
48+
detailed_summary: true
49+
50+
- name: Set up JDK
51+
uses: actions/setup-java@v3
52+
with:
53+
java-version: ${{ env.BUILD_JAVA_VERSION }}
54+
distribution: temurin
55+
cache: ${{ inputs.cache }}
56+
57+
- name: Cache SonarCloud packages
58+
if: inputs.cache
59+
uses: actions/cache@v3
60+
with:
61+
path: ~/.sonar/cache
62+
key: ${{ runner.os }}-sonar
63+
restore-keys: ${{ runner.os }}-sonar

.github/actions/upload-artifact/action.yml

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
name: Upload artifact
2+
description: Wrapper around GitHub's official action, with additional archiving before upload
3+
4+
# https://github.com/actions/upload-artifact/blob/main/action.yml
5+
inputs:
6+
name:
7+
description: Artifact name
8+
required: true
9+
filename:
10+
description: Tar filename in artifact
11+
required: false
12+
default: ''
13+
path:
14+
description: One or more files, directories or wildcard pattern that describes what to upload
15+
required: true
16+
if-no-files-found:
17+
description: >
18+
The desired behavior if no files are found using the provided path.
19+
Available Options:
20+
warn: Output a warning but do not fail the action
21+
error: Fail the action with an error message
22+
ignore: Do not output any warnings or errors, the action does not fail
23+
required: false
24+
default: warn
25+
retention-days:
26+
description: >
27+
Duration after which artifact will expire in days. 0 means using default retention.
28+
Minimum 1 day.
29+
Maximum 90 days unless changed from the repository settings page.
30+
required: false
31+
default: '1'
32+
33+
runs:
34+
using: composite
35+
steps:
36+
- name: Archive artifacts
37+
run: tar -cvf "${{inputs.name}}${{ inputs.filename }}.tar" $(echo "${{ inputs.path }}" | tr '\n' ' ')
38+
shell: bash
39+
40+
- name: Upload artifacts
41+
uses: actions/upload-artifact@v3
42+
with:
43+
if-no-files-found: ${{ inputs.if-no-files-found }}
44+
name: ${{ inputs.name }}
45+
path: ${{ inputs.name }}${{ inputs.filename }}.tar
46+
retention-days: ${{ inputs.retention-days }}
47+
48+
- name: Remove archive
49+
run: rm -f ${{ inputs.name }}.tar
50+
shell: bash

.github/workflows/analyze.yml

Lines changed: 83 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
name: Analyze PR
2+
< 10000 code>3+
on:
4+
workflow_run:
5+
workflows:
6+
- 'Build'
7+
types:
8+
- completed
9+
10+
permissions:
11+
pull-requests: read
12+
contents: read
13+
checks: write
14+
15+
env:
16+
BUILD_JAVA_VERSION: '20'
17+
18+
jobs:
19+
analyze:
20+
name: Analyze Code
21+
# Only run on forks, in-repo PRs are analyzed directly
22+
if: github.event.workflow_run.head_repository.owner.login != 'dnsjava'
23+
runs-on: ubuntu-latest
24+
steps:
25+
- name: Download PR number artifact
26+
id: get_pr_number
27+
uses: dawidd6/action-download-artifact@v2
28+
with:
29+
workflow: ${{ github.event.workflow_run.name }}
30+
run_id: ${{ github.event.workflow_run.id }}
31+
name: pr_number
32+
33+
- name: Read Pull Request Number
34+
id: pr_number
35+
run: |
36+
PR=$(cat pr_number.txt)
37+
echo "pr_number=${PR}" >> "$GITHUB_OUTPUT"
38+
39+
- name: Request PR data from GitHub API
40+
id: get_pr_data
41+
if: steps.get_pr_number.outputs.found_artifact
42+
uses: octokit/request-action@v2.x
43+
env:
44+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
45+
with:
46+
route: GET /repos/{full_name}/pulls/{number}
47+
full_name: ${{ github.event.repository.full_name }}
48+
number: ${{ steps.pr_number.outputs.pr_number }}
49+
50+
- name: Checkout PR
51+
uses: actions/checkout@v3
52+
with:
53+
repository: ${{ github.event.workflow_run.head_repository.full_name }}
54+
ref: ${{ github.event.workflow_run.head_sha }}
55+
# for Sonar
56+
fetch-depth: 0
57+
58+
- name: Make sure 'base' doesn't exist
59+
shell: bash
60+
run: rm -rf base
61+
62+
- name: Checkout base
63+
uses: actions/checkout@v3
64+
with:
65+
repository: ${{ github.event.repository.full_name }}
66+
ref: ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
67+
path: base
68+
69+
- name: Get analysis data
70+
uses: ./base/.github/actions/prepare-analysis
71+
72+
- name: Run SonarQube
73+
env:
74+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
75+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
76+
run: |
77+
cp -f base/pom.xml .
78+
mvn -B \
79+
-Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} \
80+
-Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} \
81+
-Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} \
82+
-Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} \
83+
org.sonarsource.scanner.maven:sonar-maven-plugin:sonar

0 commit comments

Comments
 (0)
0