neil/sonarqube-action
1
0
Fork 0
mirror of https://github.com/kitabisa/sonarqube-action.git synced 2025-11-02 22:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: neil:master
Branches Tags
neil:master
neil:development
neil:v1.2.1
neil:v1.2.0
neil:v1.1.2
neil:v1.1.1
neil:v1.1.0
neil:v1.0.1
neil:v1.0.1-dev
neil:v1.0.0
neil:v1.0.0-rc.1
neil:v0.1.2
neil:v0.0.1
..
compare: neil:v0.0.1
Branches Tags
neil:master
neil:development
neil:v1.2.1
neil:v1.2.0
neil:v1.1.2
neil:v1.1.1
neil:v1.1.0
neil:v1.0.1
neil:v1.0.1-dev
neil:v1.0.0
neil:v1.0.0-rc.1
neil:v0.1.2
neil:v0.0.1

No commits in common. "master" and "v0.0.1" have entirely different histories.
master ... v0.0.1

7 changed files with 41 additions and 213 deletions
Show Stats Expand all files Collapse all files

25
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@ -1,25 +0,0 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: bug
assignees: dwisiswant0
---
### Issue and Steps to Reproduce
<!-- Describe your issue and tell us how to reproduce it (include any useful information). -->
### Versions
### Screenshots
#### Expected
#### Actual
### Specifications
- Version:
- Platform:
- Subsystem:

1
CODEOWNERS
View File

@ -1 +0,0 @@
* @dwisiswant0

9
Dockerfile
View File

@ -1,15 +1,20 @@
FROM sonarsource/sonar-scanner-cli:4
FROM newtmitch/sonar-scanner:4.0.0-alpine
LABEL "com.github.actions.name"="SonarQube Scan"
LABEL "com.github.actions.description"="Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more than 25 programming languages."
LABEL "com.github.actions.icon"="check"
LABEL "com.github.actions.color"="green"
LABEL version="0.0.2"
LABEL version="0.0.1"
LABEL repository="https://github.com/kitabisa/sonarqube-action"
LABEL homepage="https://kitabisa.github.io"
LABEL maintainer="dwisiswant0"
RUN npm config set unsafe-perm true && \
npm install --silent --save-dev -g typescript@3.5.2 && \
npm config set unsafe-perm false
ENV NODE_PATH "/usr/lib/node_modules/"
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]

37
PULL_REQUEST_TEMPLATE.md
View File

@ -1,37 +0,0 @@
THIS PROJECT IS IN MAINTENANCE MODE. We accept pull-requests for Bug Fixes **ONLY**. NO NEW FEATURES ACCEPTED!
---
<!--- Provide a general summary of your changes in the Title above -->
### Description
<!--- Describe your changes in detail -->
### Related Issue
Fixes #
<!--- This project only accepts pull requests related to open issues -->
<!--- If suggesting a new feature or change, please discuss it in an issue first -->
<!--- If fixing a bug, there should be an issue describing it with steps to reproduce -->
<!--- Please link to the issue here: -->
### Motivation and Context
<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->
### Types of Changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] ~New feature (non-breaking change which adds functionality)~
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
- [ ] All new and existing tests passed.
### How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, and the tests you ran to -->
<!--- see how your change affects other areas of the code, etc. -->
### Screenshots (if appropriate):

82
README.md
View File

@ -1,80 +1,2 @@
# SonarQube GitHub Action
Using this GitHub Action, scan your code with SonarQube scanner to detects bugs, vulnerabilities and code smells in more than 20 programming languages!
<img src="https://assets-eu-01.kc-usercontent.com/d1e40bf0-65fc-01ef-5235-9aeaedac229b/12e3974b-220d-4cde-8f17-2ff9fa9d9c27/SonarQube_Logo.svg" width="320px">
SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.
## Requirements
* [SonarQube server](https://docs.sonarqube.org/latest/setup/install-server/).
* That's all!
## Usage
The workflow, usually declared in `.github/workflows/build.yaml`, looks like:
```yaml
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
name: SonarQube Scan
jobs:
sonarqube:
name: SonarQube Trigger
runs-on: ubuntu-latest
steps:
- name: Checking out
uses: actions/checkout@master
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarQube Scan
uses: kitabisa/sonarqube-action@v1.2.0
with:
host: ${{ secrets.SONARQUBE_HOST }}
login: ${{ secrets.SONARQUBE_TOKEN }}
```
You can change the analysis base directory and/or project key by using the optional input like this:
```yaml
uses: kitabisa/sonarqube-action@master
with:
host: ${{ secrets.SONARQUBE_HOST }}
login: ${{ secrets.SONARQUBE_TOKEN }}
projectBaseDir: "src/"
projectKey: "my-custom-project"
```
### Inputs
These are some of the supported input parameters of action.
| **Parameter** | **Description** | **Required?** | **Default** | **Note** |
|----------------------|---------------------------------------------------|---------------|-------------|-----------------------------------------------------------------------------------------------|
| **`host`** | SonarQube server URL | 🟢 | | |
| **`login`** | Login or authentication token of a SonarQube user | 🟢 | | `Execute Analysis` permission required. |
| **`password`** | The password that goes with the `login` username | 🔴 | | This should be left blank if an `login` are authentication token. |
| **`projectBaseDir`** | Set custom project base directory analysis | 🔴 | `.` | |
| **`projectKey`** | The project's unique key | 🔴 | | Allowed characters are: letters, numbers, `-`, `_`, `.` and `:`, with at least one non-digit. |
| **`projectName`** | Name of the project | 🔴 | | It will be displayed on the SonarQube web interface. |
| **`projectVersion`** | The project version | 🔴 | | |
| **`encoding`** | Encoding of the source code | 🔴 | `UTF-8` | |
> [!NOTE]
> If you opt to configure the project metadata and other related settings in a **`sonar-project.properties`** file (must be placed within the base directory, `projectBaseDir`) instead of using input parameters, this action is compatible with that approach!
## License
The Dockerfile and associated scripts and documentation in this project are released under the MIT License.
Container images built with this project include third party materials.
# sonarqube-action
Integrate SonarQube scanner to GitHub Actions

45
action.yaml
View File

@ -1,42 +1,23 @@
name: "SonarQube Scan"
description: "Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more than 25 programming languages."
author: "Dwi Siswanto"
name: 'SonarQube Scan'
description: 'Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more than 25 programming languages.'
author: 'Dwi Siswanto'
branding:
icon: "check"
color: "green"
icon: 'check'
color: 'green'
runs:
using: "docker"
image: "Dockerfile"
using: 'docker'
image: 'Dockerfile'
inputs:
host:
description: "SonarQube server URL."
description: 'SonarQube server URL'
required: true
projectKey:
description: "The project's unique key. Allowed characters are: letters, numbers, -, _, . and :, with at least one non-digit."
required: false
default: ""
projectName:
description: "Name of the project that will be displayed on the web interface."
required: false
default: ""
projectVersion:
description: "The project version."
required: false
default: ""
projectBaseDir:
description: "Set the sonar.projectBaseDir analysis property."
description: 'Set the sonar.projectBaseDir analysis property'
required: false
default: "."
default: '.'
login:
description: "Login or authentication token of a SonarQube user."
description: 'Login or authentication token of a SonarQube user'
required: true
password:
description: "Password that goes with the sonar.login username. This should be left blank if an authentication token is being used."
required: false
encoding:
description: "Encoding of the source code."
required: false
default: "UTF-8"
description: 'Password that goes with the sonar.login username. This should be left blank if an authentication token is being used.'
required: false

55
entrypoint.sh
View File

@ -2,44 +2,27 @@
set -e
REPOSITORY_NAME=$(basename "${GITHUB_REPOSITORY}")
if [[ "${GITHUB_EVENT_NAME}" == "pull_request" ]]; then
EVENT_ACTION=$(jq -r ".action" "${GITHUB_EVENT_PATH}")
if [[ "${EVENT_ACTION}" != "opened" ]]; then
echo "No need to run analysis. It is already triggered by the push event."
exit 78
fi
fi
if [[ ! -z "${INPUT_PASSWORD}" ]]; then
echo "::warning ::Running this GitHub Action without authentication token is NOT recommended!"
SONAR_PASSWORD="${INPUT_PASSWORD}"
if [[ -z "${INPUT_PASSWORD}" ]]; then
SONAR_PASSWORD="&& true"
else
SONAR_PASSWORD=""
SONAR_PASSWORD="${INPUT_PASSWORD}"
fi
if [[ -f "${INPUT_PROJECTBASEDIR%/}/pom.xml" ]]; then
echo "::error file=${INPUT_PROJECTBASEDIR%/}/pom.xml::Maven project detected. You should run the goal 'org.sonarsource.scanner.maven:sonar' during build rather than using this GitHub Action."
exit 1
fi
sonar-scanner \
-Dsonar.host.url=${INPUT_HOST} \
-Dsonar.projectKey=${PWD##*/} \
-Dsonar.projectBaseDir=${INPUT_PROJECTBASEDIR} \
-Dsonar.login=${INPUT_LOGIN} \
-Dsonar.password=${INPUT_PASSWORD} \
-Dsonar.sources=. \
-Dsonar.sourceEncoding=UTF-8 \
${SONAR_PASSWORD}
if [[ -f "${INPUT_PROJECTBASEDIR%/}/build.gradle" ]]; then
echo "::error file=${INPUT_PROJECTBASEDIR%/}/build.gradle::Gradle project detected. You should use the SonarQube plugin for Gradle during build rather than using this GitHub Action."
exit 1
fi
unset JAVA_HOME
if [[ ! -f "${INPUT_PROJECTBASEDIR%/}/sonar-project.properties" ]]; then
[[ -z "${INPUT_PROJECTKEY}" ]] && SONAR_PROJECTKEY="${REPOSITORY_NAME}" || SONAR_PROJECTKEY="${INPUT_PROJECTKEY}"
[[ -z "${INPUT_PROJECTNAME}" ]] && SONAR_PROJECTNAME="${REPOSITORY_NAME}" || SONAR_PROJECTNAME="${INPUT_PROJECTNAME}"
[[ -z "${INPUT_PROJECTVERSION}" ]] && SONAR_PROJECTVERSION="" || SONAR_PROJECTVERSION="${INPUT_PROJECTVERSION}"
sonar-scanner \
-Dsonar.host.url="${INPUT_HOST}" \
-Dsonar.projectKey="${SONAR_PROJECTKEY}" \
-Dsonar.projectName="${SONAR_PROJECTNAME}" \
-Dsonar.projectVersion="${SONAR_PROJECTVERSION}" \
-Dsonar.projectBaseDir="${INPUT_PROJECTBASEDIR}" \
-Dsonar.login="${INPUT_LOGIN}" \
-Dsonar.password="${SONAR_PASSWORD}" \
-Dsonar.sources="${INPUT_PROJECTBASEDIR}" \
-Dsonar.sourceEncoding="${INPUT_ENCODING}"
else
sonar-scanner \
-Dsonar.host.url="${INPUT_HOST}" \
-Dsonar.login="${INPUT_LOGIN}" \
-Dsonar.password="${SONAR_PASSWORD}"
fi