Merge pull request #45 from Chisanan232/develop

Chisanan232 · web-flow · commit 420e400a0382 · 2023-10-19T16:57:23.000+08:00
🎉🎊🍾 [New Feature] Add new reusable GA workflow about SonarQube scan and analyze.
diff --git a/.github/workflows/sonarqube_scan.yaml b/.github/workflows/sonarqube_scan.yaml
@@ -0,0 +1,53 @@
+###################################################################################################################################
+#
+# Workflow Description:
+#     Trigger SonarQube cloud service to scan entire project to check code quality, security, etc.
+#
+# Workflow input parameters:
+#     * General arguments:
+#         * download_path: The path to download testing coverage reports via 'actions/download-artifact@v3'.
+#
+#     * Secret arguments:
+#         * sonar_token: The API token for triggering SonarQube cloud service.
+#
+# Workflow running output:
+#     No and do nothing.
+#
+###################################################################################################################################
+
+name: SoarQube cloud scan and analyse project
+
+on:
+  workflow_call:
+    inputs:
+      download_path:
+        description: "The path to download testing coverage reports via 'actions/download-artifact@v3'."
+        type: string
+        required: false
+        default: ./
+
+    secrets:
+      sonar_token:
+        description: "The API token for uploading testing coverage report to Coveralls."
+        required: true
+
+
+jobs:
+  upload_test_cov_report:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+
+      - name: Download code coverage result files which has be handled by different test type process
+        uses: actions/download-artifact@v3
+        with:
+          name: test_coverage_xml_report
+          path: ${{ inputs.download_path }}
+
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.sonar_token }}
diff --git a/.github/workflows/test_pyproject_ci_multi-tests_by_poetry.yaml b/.github/workflows/test_pyproject_ci_multi-tests_by_poetry.yaml
@@ -112,6 +112,16 @@ jobs:
       upload-to-codacy: true
 
 
+  sonarqube_finish:
+#    name: Trigger SoarQube service to scan and analyse project
+    needs: [all-test_codecov]
+    uses: ./.github/workflows/sonarqube_scan.yaml
+    secrets:
+      sonar_token: ${{ secrets.SONAR_TOKEN }}
+#    with:
+#      download_path: ${{ inputs.download_path }}
+
+
   pre-building_test:
 #    name: Check about it could work finely by installing the Python package with setup.py file
 #    if: github.event_name == 'push' && (github.ref_name == 'release' || github.ref_name == 'master')
diff --git a/.github/workflows/test_python_project_ci_one-test.yaml b/.github/workflows/test_python_project_ci_one-test.yaml
@@ -91,6 +91,16 @@ jobs:
       upload-to-codacy: true
 
 
+  sonarqube_finish:
+#    name: Trigger SoarQube service to scan and analyse project
+    needs: [unit-test_codecov]
+    uses: ./.github/workflows/sonarqube_scan.yaml
+    secrets:
+      sonar_token: ${{ secrets.SONAR_TOKEN }}
+#    with:
+#      download_path: ${{ inputs.download_path }}
+
+
   pre-building_test:
 #    name: Check about it could work finely by installing the Python package with setup.py file
     needs: [codecov_finish, coveralls_finish, codacy_finish]
diff --git a/scripts/ci/get-all-tests.sh b/scripts/ci/get-all-tests.sh
@@ -30,7 +30,8 @@ get_all_test_subpackage() {
     then
         # Still has test subpackage won't scan
         declare test_path="$test_subpkg*/"
-        declare -a test_subpkg_array=( $(ls -d "$test_path" | grep -v '__pycache__') )
+        # shellcheck disable=SC2086
+        declare -a test_subpkg_array=( $(ls -d $test_path | grep -v '__pycache__') )
 
         if [ ${#test_subpkg_array[@]} != 0 ];
         then
diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,15 @@
+sonar.projectKey=Chisanan232_GitHub-Action_Reusable_Workflows-Python
+sonar.organization=chisanan232
+
+# This is the name and version displayed in the SonarCloud UI.
+sonar.projectName=GitHub-Action_Reusable_Workflows-Python
+sonar.projectVersion=4.0.0
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+sonar.sources=.github/workflows/,scripts/,test_gh_workflow/
+
+# Python test coverage settings
+sonar.python.coverage.reportPaths=coverage*.xml
+
+# Encoding of the source code. Default is default system encoding
+sonar.sourceEncoding=UTF-8
