Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

⬆️ Upgrade deprecated SonarCloud action #1228

Merged
merged 7 commits into from
Dec 12, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 59 additions & 14 deletions .github/workflows/sonarcloud.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,24 +43,69 @@ jobs:
runs-on: ubuntu-latest

steps:
- name: Analyze with SonarCloud
# Checkout the repository
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for proper blame data in SonarCloud

- name: Overwrite .mise.toml # Simplify mise in this workflow
run: |
cat <<EOF > .mise.toml
[tools]
python = "3.12"
"pipx:poetry" = "1.8"
uv = "0.4"
[settings]
experimental = true
jobs = 1
pipx_uvx = true
python_compile = false
uses: SonarSource/sonarcloud-github-action@v4.0.0
[env]
# Use Python/Mise managed virtual environment
POETRY_VIRTUALENVS_CREATE = "false"
# Setup Python Virtual Environment
_.python.venv = { path = ".venv", create = true }
[tasks."poetry:install"]
description = "Poetry Install dependencies for all submodules"
depends = ["poetry:install:*"]
EOF
- name: Install dependencies
uses: jdx/mise-action@v2
with:
cache: true
experimental: true
install: true

# Install dependencies
- name: Install dependencies with Poetry
run: mise run poetry:install

# Run tests and generate coverage report
- name: Run Tests with Coverage
run: |
source .venv/bin/activate
set +e
cp .env.example .env
source .env
poetry run pytest --cov --cov-report=xml --ignore=app/tests/e2e/ --ignore=trustregistry/tests/e2e/
# Analyze with SonarCloud
- name: Analyze with SonarCloud
uses: SonarSource/sonarqube-scan-action@v4.1.0
env:
GITHUB_TOKEN: ${{ github.token }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
with:
# Additional arguments for the sonarcloud scanner
args:
# Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu)
# mandatory
# Additional arguments for the SonarCloud scanner
args: >
-Dsonar.projectKey=didx-xyz_aries-cloudapi-python
-Dsonar.organization=didx-xyz
# Comma-separated paths to directories containing main source files.
#-Dsonar.sources= # optional, default is project base directory
# When you need the analysis to take place in a directory other than the one from which it was launched
#-Dsonar.projectBaseDir= # optional, default is .
# Comma-separated paths to directories containing test source files.
#-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
# Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing.
#-Dsonar.verbose= # optional, default is false
-Dsonar.coverage.exclusions=**/tests/**
-Dsonar.python.coverage.reportPaths=coverage.xml
7 changes: 1 addition & 6 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,7 @@ authors = ["Mourits de Beer <ff137@proton.me>"]
package-mode = false

[tool.coverage.run]
omit = [
"app/tests/*",
"endorser/tests/*",
"trustregistry/tests/*",
"waypoint/tests/*",
]
omit = ["*/tests/*"]

[tool.isort]
profile = "black"
Expand Down
Loading