From b603b3309cf569e27c620a1ce402550425fb7cf4 Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 13:05:04 +0530 Subject: [PATCH 01/11] feat: onarQube integrated --- .github/workflows/cd.yml | 6 ++++++ .github/workflows/ci.yml | 6 ++++++ sonar-project.properties | 6 +++--- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 3ccf0cf..5fed980 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -60,3 +60,9 @@ jobs: token: ${{ secrets.PUSH_TO_PROTECTED_BRANCH }} branch: ${{ steps.vars.outputs.stage }} unprotect_reviews: true + + - name: SonarQube Scan + uses: sonarsource/sonarqube-scan-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 819051a..8104ffc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,3 +38,9 @@ jobs: # env: # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + - name: SonarQube Scan + uses: sonarsource/sonarqube-scan-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} diff --git a/sonar-project.properties b/sonar-project.properties index be5168c..4cde920 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,11 +1,11 @@ sonar.organization=wednesday-solutions -sonar.projectKey=wednesday-solutions_react-template +sonar.projectKey=wednesday-solutions_react-graphql-ts-template_AY7GxkO6B2n8RRmGoU1i -sonar.language=js +sonar.language=ts sonar.sources=. sonar.tests=app sonar.exclusions=*./.storybook,*./internals,*./server -sonar.test.inclusions=**/*.test.js +sonar.test.inclusions=**/*.test.ts sonar.javascript.lcov.reportPaths=./coverage/lcov.info sonar.testExecutionReportPaths=./reports/test-report.xml sonar.sourceEncoding=UTF-8 \ No newline at end of file From d55075365bb7f4924df4574de48ae98925ec4c4c Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 14:11:23 +0530 Subject: [PATCH 02/11] fix: updated ci.yml to support sonarqube --- .github/workflows/cd.yml | 4 ++-- .github/workflows/ci.yml | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 5fed980..a1101e9 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -64,5 +64,5 @@ jobs: - name: SonarQube Scan uses: sonarsource/sonarqube-scan-action@master env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8104ffc..3c2ddaf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,6 +41,8 @@ jobs: - name: SonarQube Scan uses: sonarsource/sonarqube-scan-action@master + with: + args: -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} From 007b12fd94199c6c4d7c5a77f37fa81648adb402 Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 14:15:42 +0530 Subject: [PATCH 03/11] fix: s/pull_rquest/pull_request_target --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3c2ddaf..ed2641e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,6 @@ name: React Template CI on: - pull_request_target: + pull_request: branches: [master, qa, develop] jobs: build-and-test: From b53b54845868940d2e7f83b0d9fdfa4421079d5d Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 15:01:00 +0530 Subject: [PATCH 04/11] feat: pull_request_target added --- .github/workflows/ci.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ed2641e..e72402b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,7 @@ name: React Template CI on: - pull_request: + pull_request_target: + types: [opened, synchronize, reopened, closed] branches: [master, qa, develop] jobs: build-and-test: @@ -41,8 +42,10 @@ jobs: - name: SonarQube Scan uses: sonarsource/sonarqube-scan-action@master - with: - args: -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + with: + args: > + -Dsonar.pullrequest.base=master + -Dsonar.pullrequest.key=${{github.event.number}} From e047428f6e4489bf9b397b5574aaed7d39690663 Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 16:15:12 +0530 Subject: [PATCH 05/11] feat: sonar.yml added --- .github/workflows/ci.yml | 31 +++++------- .github/workflows/sonar.yml | 97 +++++++++++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+), 20 deletions(-) create mode 100644 .github/workflows/sonar.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e72402b..2ec94e8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,10 @@ name: React Template CI + on: - pull_request_target: - types: [opened, synchronize, reopened, closed] + pull_request: + types: [opened, synchronize, reopened] branches: [master, qa, develop] + jobs: build-and-test: name: Build & Test @@ -13,6 +15,7 @@ jobs: steps: - uses: actions/checkout@v2 + - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v2 with: @@ -21,6 +24,7 @@ jobs: - name: Install dependencies run: yarn + - name: Lint run: yarn lint @@ -30,22 +34,9 @@ jobs: - name: Build run: yarn build:prod - # - name: SonarCloud Scan - # uses: sonarsource/sonarcloud-github-action@master + # Upload coverage artifacts if needed (optional) + # - name: Upload code coverage + # uses: actions/upload-artifact@v2 # with: - # args: > - # -Dsonar.organization=${{ secrets.SONAR_ORG}} - # -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY}} - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@master - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - with: - args: > - -Dsonar.pullrequest.base=master - -Dsonar.pullrequest.key=${{github.event.number}} + # name: coverage + # path: coverage/ diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml new file mode 100644 index 0000000..f8afa34 --- /dev/null +++ b/.github/workflows/sonar.yml @@ -0,0 +1,97 @@ +name: SonarCloud Analysis + +on: + workflow_run: + workflows: ["React Template CI"] + types: [completed] + +jobs: + sonar-analysis: + name: SonarCloud Analysis + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download code coverage + uses: actions/github-script@v4 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const { data: artifacts } = await github.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: context.payload.workflow_run.id + }); + + const coverageArtifact = artifacts.find(artifact => artifact.name === 'coverage'); + + if (!coverageArtifact) { + console.log('Coverage artifact not found.'); + return; + } + + const downloadUrl = coverageArtifact.archive_download_url; + const downloadPath = `${{ github.workspace }}/coverage.zip`; + + await downloadFile(downloadUrl, downloadPath); + + const unzipCmd = `unzip ${downloadPath} -d coverage`; + await execCmd(unzipCmd); + + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + with: + args: > + -Dsonar.organization=wednesday-solutions + -Dsonar.projectKey=wednesday-solutions_react-graphql-ts-template_AY7GxkO6B2n8RRmGoU1i + -Dsonar.language=ts + -Dsonar.sources=. + -Dsonar.tests=app + -Dsonar.exclusions=**/.storybook,**/internals,**/server + -Dsonar.test.inclusions=**/*.test.ts + -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info + -Dsonar.testExecutionReportPaths=./reports/test-report.xml + -Dsonar.sourceEncoding=UTF-8 + +# Helper function to download and extract artifacts +async function downloadFile(url, path) { + const https = require('https'); + const fs = require('fs'); + + const file = fs.createWriteStream(path); + + return new Promise((resolve, reject) => { + https.get(url, response => { + response.pipe(file); + file.on('finish', () => { + file.close(); + resolve(); + }); + }).on('error', error => { + fs.unlinkSync(path); + reject(error.message); + }); + }); +} + +# Helper function to execute shell commands +async function execCmd(cmd) { + const { exec } = require('child_process'); + + return new Promise((resolve, reject) => { + exec(cmd, (error, stdout, stderr) => { + if (error) { + console.error(`exec error: ${error}`); + reject(error); + } else { + console.log(stdout); + resolve(); + } + }); + }); +} From e8b83b6a82146c2ba99cd94708a176a8ba0bc854 Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 16:18:54 +0530 Subject: [PATCH 06/11] fix: sonar updated --- .github/workflows/sonar.yml | 68 +++---------------------------------- 1 file changed, 5 insertions(+), 63 deletions(-) diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index f8afa34..72f240c 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -14,33 +14,13 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Download code coverage - uses: actions/github-script@v4 + - name: Download code coverage artifact + uses: actions/download-artifact@v2 with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const { data: artifacts } = await github.actions.listWorkflowRunArtifacts({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: context.payload.workflow_run.id - }); + name: coverage + path: coverage - const coverageArtifact = artifacts.find(artifact => artifact.name === 'coverage'); - - if (!coverageArtifact) { - console.log('Coverage artifact not found.'); - return; - } - - const downloadUrl = coverageArtifact.archive_download_url; - const downloadPath = `${{ github.workspace }}/coverage.zip`; - - await downloadFile(downloadUrl, downloadPath); - - const unzipCmd = `unzip ${downloadPath} -d coverage`; - await execCmd(unzipCmd); - - - name: SonarCloud Scan + - name: Setup SonarCloud Scan uses: sonarsource/sonarcloud-github-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} @@ -57,41 +37,3 @@ jobs: -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info -Dsonar.testExecutionReportPaths=./reports/test-report.xml -Dsonar.sourceEncoding=UTF-8 - -# Helper function to download and extract artifacts -async function downloadFile(url, path) { - const https = require('https'); - const fs = require('fs'); - - const file = fs.createWriteStream(path); - - return new Promise((resolve, reject) => { - https.get(url, response => { - response.pipe(file); - file.on('finish', () => { - file.close(); - resolve(); - }); - }).on('error', error => { - fs.unlinkSync(path); - reject(error.message); - }); - }); -} - -# Helper function to execute shell commands -async function execCmd(cmd) { - const { exec } = require('child_process'); - - return new Promise((resolve, reject) => { - exec(cmd, (error, stdout, stderr) => { - if (error) { - console.error(`exec error: ${error}`); - reject(error); - } else { - console.log(stdout); - resolve(); - } - }); - }); -} From d390eea2d1e2833c01a9edaf844dd50f3d834f5e Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 16:41:28 +0530 Subject: [PATCH 07/11] fix: reverted back sonar.yml to check if auto trigger happens --- .github/workflows/sonar.yml | 75 ++++++++++++++++++++++++++++--------- 1 file changed, 58 insertions(+), 17 deletions(-) diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index 72f240c..b0693a2 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -14,26 +14,67 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Download code coverage artifact - uses: actions/download-artifact@v2 + - name: Download code coverage + uses: actions/github-script@v4 with: - name: coverage - path: coverage + script: | + const { data: artifacts } = await github.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: context.payload.workflow_run.id + }); - - name: Setup SonarCloud Scan + const coverageArtifact = artifacts.find(artifact => artifact.name === 'coverage'); + + if (!coverageArtifact) { + console.log('Coverage artifact not found.'); + return; + } + + const downloadUrl = coverageArtifact.archive_download_url; + const downloadPath = `${{ github.workspace }}/coverage.zip`; + + async function downloadFile(url, path) { + const https = require('https'); + const fs = require('fs'); + + const file = fs.createWriteStream(path); + + return new Promise((resolve, reject) => { + https.get(url, response => { + response.pipe(file); + file.on('finish', () => { + file.close(); + resolve(); + }); + }).on('error', error => { + fs.unlinkSync(path); + reject(error.message); + }); + }); + } + await downloadFile(downloadUrl, downloadPath); + + async function execCmd(cmd) { + const { exec } = require('child_process'); + + return new Promise((resolve, reject) => { + exec(cmd, (error, stdout, stderr) => { + if (error) { + console.error(`exec error: ${error}`); + reject(error); + } else { + console.log(stdout); + resolve(); + } + }); + }); + } + const unzipCmd = `unzip ${downloadPath} -d coverage`; + await execCmd(unzipCmd); + + - name: SonarCloud Scan uses: sonarsource/sonarcloud-github-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - with: - args: > - -Dsonar.organization=wednesday-solutions - -Dsonar.projectKey=wednesday-solutions_react-graphql-ts-template_AY7GxkO6B2n8RRmGoU1i - -Dsonar.language=ts - -Dsonar.sources=. - -Dsonar.tests=app - -Dsonar.exclusions=**/.storybook,**/internals,**/server - -Dsonar.test.inclusions=**/*.test.ts - -Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info - -Dsonar.testExecutionReportPaths=./reports/test-report.xml - -Dsonar.sourceEncoding=UTF-8 From cf9edb1b18af18c18f8b200a83b461cd5fc515ac Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 16:50:08 +0530 Subject: [PATCH 08/11] fix: removed type dependency in ci.yml --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2ec94e8..163a01d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,6 @@ name: React Template CI on: pull_request: - types: [opened, synchronize, reopened] branches: [master, qa, develop] jobs: From a9e64c4be44bb07e89408e8eb99ee3a72200ce2a Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 17:32:57 +0530 Subject: [PATCH 09/11] fix: sonar reverted back --- .github/workflows/ci.yml | 13 ++--- .github/workflows/jest-coverage.yml | 2 +- .github/workflows/sonar.yml | 73 ++++------------------------- 3 files changed, 16 insertions(+), 72 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 163a01d..76b936c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,9 +1,7 @@ name: React Template CI - on: pull_request: branches: [master, qa, develop] - jobs: build-and-test: name: Build & Test @@ -33,9 +31,8 @@ jobs: - name: Build run: yarn build:prod - # Upload coverage artifacts if needed (optional) - # - name: Upload code coverage - # uses: actions/upload-artifact@v2 - # with: - # name: coverage - # path: coverage/ + - name: Upload code coverage + uses: actions/upload-artifact@v2 + with: + name: coverage + path: coverage/ diff --git a/.github/workflows/jest-coverage.yml b/.github/workflows/jest-coverage.yml index ded8719..30b7d55 100644 --- a/.github/workflows/jest-coverage.yml +++ b/.github/workflows/jest-coverage.yml @@ -1,6 +1,6 @@ name: Jest Coverage Report with Annotations (CI) on: - pull_request_target: + pull_request: branches: - master - qa diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index b0693a2..8c92136 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -1,4 +1,4 @@ -name: SonarCloud Analysis +name: SonarQube Analysis on: workflow_run: @@ -7,74 +7,21 @@ on: jobs: sonar-analysis: - name: SonarCloud Analysis + name: SonarQube Analysis runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 - - name: Download code coverage - uses: actions/github-script@v4 + - name: Download code coverage artifact + uses: actions/download-artifact@v2 with: - script: | - const { data: artifacts } = await github.actions.listWorkflowRunArtifacts({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: context.payload.workflow_run.id - }); + name: coverage + path: coverage - const coverageArtifact = artifacts.find(artifact => artifact.name === 'coverage'); - - if (!coverageArtifact) { - console.log('Coverage artifact not found.'); - return; - } - - const downloadUrl = coverageArtifact.archive_download_url; - const downloadPath = `${{ github.workspace }}/coverage.zip`; - - async function downloadFile(url, path) { - const https = require('https'); - const fs = require('fs'); - - const file = fs.createWriteStream(path); - - return new Promise((resolve, reject) => { - https.get(url, response => { - response.pipe(file); - file.on('finish', () => { - file.close(); - resolve(); - }); - }).on('error', error => { - fs.unlinkSync(path); - reject(error.message); - }); - }); - } - await downloadFile(downloadUrl, downloadPath); - - async function execCmd(cmd) { - const { exec } = require('child_process'); - - return new Promise((resolve, reject) => { - exec(cmd, (error, stdout, stderr) => { - if (error) { - console.error(`exec error: ${error}`); - reject(error); - } else { - console.log(stdout); - resolve(); - } - }); - }); - } - const unzipCmd = `unzip ${downloadPath} -d coverage`; - await execCmd(unzipCmd); - - - name: SonarCloud Scan - uses: sonarsource/sonarcloud-github-action@master + - name: SonarQube Scan + uses: sonarsource/sonarqube-scan-action@master env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} \ No newline at end of file From a25334dbe8366a62b9f9da311005e016b8431d8e Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 17:38:52 +0530 Subject: [PATCH 10/11] fix: s/pull_request/pull_request_target --- .github/workflows/ci.yml | 2 +- .github/workflows/jest-coverage.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 76b936c..62687df 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,6 @@ name: React Template CI on: - pull_request: + pull_request_target: branches: [master, qa, develop] jobs: build-and-test: diff --git a/.github/workflows/jest-coverage.yml b/.github/workflows/jest-coverage.yml index 30b7d55..ded8719 100644 --- a/.github/workflows/jest-coverage.yml +++ b/.github/workflows/jest-coverage.yml @@ -1,6 +1,6 @@ name: Jest Coverage Report with Annotations (CI) on: - pull_request: + pull_request_target: branches: - master - qa From fda0c86daa2d092252745099c55b72c4c088f32a Mon Sep 17 00:00:00 2001 From: Anas WS Date: Wed, 10 Apr 2024 17:56:12 +0530 Subject: [PATCH 11/11] fix: removed double quote --- .github/workflows/ci.yml | 2 +- .github/workflows/sonar.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 62687df..d9dba7e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,4 +35,4 @@ jobs: uses: actions/upload-artifact@v2 with: name: coverage - path: coverage/ + path: coverage/lcov.info diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index 8c92136..82b5592 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -1,8 +1,7 @@ name: SonarQube Analysis - on: workflow_run: - workflows: ["React Template CI"] + workflows: [React Template CI] types: [completed] jobs: @@ -18,7 +17,7 @@ jobs: uses: actions/download-artifact@v2 with: name: coverage - path: coverage + path: coverage/lcov.info - name: SonarQube Scan uses: sonarsource/sonarqube-scan-action@master