edit SonarQube workflow

meleksabit · Sep 15, 2024 · 47207bc · 47207bc
1 parent c2741c5
commit 47207bc
Showing 1 changed file with 17 additions and 71 deletions.
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
@@ -1,82 +1,28 @@
+name: Build
+
 on:
-  # Trigger analysis when pushing to your main branches, and when creating a pull request.
   push:
     branches:
       - main
-      - master
       - development
-      - 'releases/**'
-  pull_request:
-    types: [opened, synchronize, reopened]
 
-name: Mutillidae II SonarQube Workflow
 
 jobs:
-  sonarqube:
+  build:
+    name: Build and analyze
     runs-on: ubuntu-latest
 
     steps:
-    # Step 1: Check out your repository code
-    - name: Checkout Code
-      uses: actions/checkout@v4
-      with:
-        # Disabling shallow clones is recommended for improving the relevancy of reporting
-        fetch-depth: 0
-
-    # Step 2: Set up Java
-    - name: Set up JDK 17 (Required for SonarQube)
-      uses: actions/setup-java@v4
-      with:
-        java-version: '17'
-        distribution: 'temurin'
-        java-package: 'jdk'
-
-    # Step 3: Create a Docker network
-    - name: Create Docker network
-      run: docker network create sonarnet
-
-    # Step 4: Start SonarQube Docker container
-    - name: Start SonarQube
-      run: |
-        docker run -d --name sonar-server --network sonarnet -p 9000:9000 sonarqube
-        echo "Waiting for SonarQube to start..."
-        while ! curl -s http://localhost:9000/api/system/status | grep -q "UP"; do sleep 10; done
-
-    # Step 5: Run the SonarQube Scan
-    - name: SonarQube Scan
-      run: |
-        docker run --rm --network sonarnet \
-          -e SONAR_HOST_URL="http://sonar-server:9000" \
-          -e SONAR_TOKEN="${{ secrets.SONAR_TOKEN }}" \
-          -v $(pwd):/usr/src \
-          sonarsource/sonar-scanner-cli -X
-          -Dsonar.projectKey=Mutillidae-II \
-          -Dsonar.sources=.
-
-    # Check the Quality Gate status.
-    - name: SonarQube Quality Gate check
-      id: sonarqube-quality-gate-check
-      uses: sonarsource/sonarqube-quality-gate-action@master
-      # Force to fail step after specific time.
-      timeout-minutes: 5
-      env:
-       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-       SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
-
-    # Optionally you can use the output from the Quality Gate in another step.
-    # The possible outputs of the `quality-gate-status` variable are `PASSED`, `WARN` or `FAILED`.
-    - name: Show SonarQube Quality Gate Status value
-      run: echo "The Quality Gate status is ${{ steps.sonarqube-quality-gate-check.outputs.quality-gate-status }}"
-
-    # Step 6: Stop SonarQube Docker container
-    - name: Stop SonarQube
-      run: docker stop sonar-server
-
-    # Step 7: Remove SonarQube Docker network
-    - name: Remove SonarQube network
-      run: docker network rm sonarnet
-
-    # Step 8: Remove SonarQube Docker container
-    - name: Remove SonarQube
-      run: docker rm sonar-server
-
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+      # If you wish to fail your job when the Quality Gate is red, uncomment the
+      # following lines. This would typically be used to fail a deployment.
+      # - uses: sonarsource/sonarqube-quality-gate-action@master
+      #   timeout-minutes: 5
+      #   env:
+      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}