diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index 9a5223bbe..beff54124 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -25,15 +25,23 @@ on: - master_odex25_ensan - master_odex25_donation + pull_request: + branches: + - "**" + + pull_request_target: + types: [closed] jobs: - sonar: + # ========= Branch Analysis ========= + sonar-branches: + if: github.event_name == 'push' runs-on: sonarqube steps: - name: Checkout code uses: actions/checkout@v4 - - name: Run SonarScanner + - name: Run SonarScanner for Branch run: | export BRANCH_NAME="${GITHUB_REF#refs/heads/}" export SAFE_BRANCH_NAME="${BRANCH_NAME//\//_}" @@ -43,19 +51,63 @@ jobs: export PROJECT_VERSION="1.0" export SONAR_HOST_URL=${{ secrets.SONAR_HOST_URL }} export SONAR_TOKEN=${{ secrets.SONAR_TOKEN }} - + sonar-scanner \ -Dsonar.projectKey="$PROJECT_KEY" \ -Dsonar.projectName="$PROJECT_NAME" \ -Dsonar.projectVersion="$PROJECT_VERSION" \ -Dsonar.sources="$SOURCE_FOLDER_NAME" \ - -Dsonar.inclusions="**/*.py, **/*.xml, **/*.js, **/*.html, **/*.css" \ - -Dsonar.exclusions="**/__manifest__.py, **/migrations/**, **/__pycache__/**" \ + -Dsonar.inclusions="**/*.py,**/*.xml,**/*.js,**/*.html,**/*.css" \ + -Dsonar.exclusions="**/__manifest__.py,**/migrations/**,**/__pycache__/**" \ -Dsonar.sourceEncoding="UTF-8" \ -Dsonar.host.url="$SONAR_HOST_URL" \ -Dsonar.login="$SONAR_TOKEN" - - name: Cleanup workspace - if: always() + # ========= PR Analysis ========= + sonar-prs: + if: github.event_name == 'pull_request' + runs-on: sonarqube + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Run SonarScanner for PR run: | - rm -rf $GITHUB_WORKSPACE/* + BRANCH_NAME="${GITHUB_HEAD_REF}" + BASE_BRANCH="${GITHUB_BASE_REF}" + PR_KEY="${{ github.event.pull_request.number }}" + + SONAR_HOST_URL=${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN=${{ secrets.SONAR_TOKEN }} + + echo "๐Ÿ”Ž Running SonarQube analysis for PR #$PR_KEY ($BRANCH_NAME -> $BASE_BRANCH)" + + sonar-scanner \ + -Dsonar.projectKey="odex25_standard_modules_prs" \ + -Dsonar.projectName="Odex25 Standard Modules - PRs" \ + -Dsonar.sources=. \ + -Dsonar.inclusions=**/*.py,**/*.xml,**/*.js,**/*.html,**/*.css \ + -Dsonar.exclusions=**/__manifest__.py,**/migrations/**,**/__pycache__/** \ + -Dsonar.sourceEncoding=UTF-8 \ + -Dsonar.host.url=$SONAR_HOST_URL \ + -Dsonar.token=$SONAR_TOKEN \ + -Dsonar.branch.name="pr-$PR_KEY-$BRANCH_NAME" + + # # ========= Cleanup Closed PRs ========= + # sonar-prs-cleanup: + # if: github.event_name == 'pull_request_target' && github.event.action == 'closed' + # runs-on: sonarqube + # steps: + # - name: Delete PR branch from SonarQube + # run: | + # PR_KEY="${{ github.event.pull_request.number }}" + # BRANCH_NAME="${{ github.event.pull_request.head.ref }}" + # SONAR_HOST_URL=${{ secrets.SONAR_HOST_URL }} + # SONAR_TOKEN=${{ secrets.SONAR_TOKEN }} + + # echo "๐Ÿงน Cleaning up SonarQube branch for PR #$PR_KEY ($BRANCH_NAME)" + + # curl -u "$SONAR_TOKEN:" -X POST \ + # "$SONAR_HOST_URL/api/project_branches/delete?project=odex25_standard_modules_prs&branch=pr-$PR_KEY-$BRANCH_NAME"