Revert "edit SonarQube workflow"

This reverts commit 47207bc.
meleksabit · Sep 15, 2024 · 1b787b6 · 1b787b6
1 parent 47207bc
commit 1b787b6
Showing 1 changed file with 71 additions and 17 deletions.
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
@@ -1,28 +1,82 @@
-name: Build
-
 on:
+  # Trigger analysis when pushing to your main branches, and when creating a pull request.
   push:
     branches:
       - main
+      - master
       - development
+      - 'releases/**'
+  pull_request:
+    types: [opened, synchronize, reopened]
 
+name: Mutillidae II SonarQube Workflow
 
 jobs:
-  build:
-    name: Build and analyze
+  sonarqube:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - uses: sonarsource/sonarqube-scan-action@master
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-      # If you wish to fail your job when the Quality Gate is red, uncomment the
-      # following lines. This would typically be used to fail a deployment.
-      # - uses: sonarsource/sonarqube-quality-gate-action@master
-      #   timeout-minutes: 5
-      #   env:
-      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+    # Step 1: Check out your repository code
+    - name: Checkout Code
+      uses: actions/checkout@v4
+      with:
+        # Disabling shallow clones is recommended for improving the relevancy of reporting
+        fetch-depth: 0
+
+    # Step 2: Set up Java
+    - name: Set up JDK 17 (Required for SonarQube)
+      uses: actions/setup-java@v4
+      with:
+        java-version: '17'
+        distribution: 'temurin'
+        java-package: 'jdk'
+
+    # Step 3: Create a Docker network
+    - name: Create Docker network
+      run: docker network create sonarnet
+
+    # Step 4: Start SonarQube Docker container
+    - name: Start SonarQube
+      run: |
+        docker run -d --name sonar-server --network sonarnet -p 9000:9000 sonarqube
+        echo "Waiting for SonarQube to start..."
+        while ! curl -s http://localhost:9000/api/system/status | grep -q "UP"; do sleep 10; done
+
+    # Step 5: Run the SonarQube Scan
+    - name: SonarQube Scan
+      run: |
+        docker run --rm --network sonarnet \
+          -e SONAR_HOST_URL="http://sonar-server:9000" \
+          -e SONAR_TOKEN="${{ secrets.SONAR_TOKEN }}" \
+          -v $(pwd):/usr/src \
+          sonarsource/sonar-scanner-cli -X
+          -Dsonar.projectKey=Mutillidae-II \
+          -Dsonar.sources=.
+
+    # Check the Quality Gate status.
+    - name: SonarQube Quality Gate check
+      id: sonarqube-quality-gate-check
+      uses: sonarsource/sonarqube-quality-gate-action@master
+      # Force to fail step after specific time.
+      timeout-minutes: 5
+      env:
+       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+       SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+    # Optionally you can use the output from the Quality Gate in another step.
+    # The possible outputs of the `quality-gate-status` variable are `PASSED`, `WARN` or `FAILED`.
+    - name: Show SonarQube Quality Gate Status value
+      run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}"
+
+    # Step 6: Stop SonarQube Docker container
+    - name: Stop SonarQube
+      run: docker stop sonar-server
+
+    # Step 7: Remove SonarQube Docker network
+    - name: Remove SonarQube network
+      run: docker network rm sonarnet
+
+    # Step 8: Remove SonarQube Docker container
+    - name: Remove SonarQube
+      run: docker rm sonar-server
+