From 7ac8f0ee502edad9064a6335b00e45065dbd1c33 Mon Sep 17 00:00:00 2001 From: Taylor Halfyard Date: Tue, 13 Feb 2024 18:03:59 +0000 Subject: [PATCH 1/2] Added in the sonar job --- .github/workflows/pr-plan.yml | 40 +++++++++++++++++++++++++++++++++++ package-lock.json | 17 +++++++++++++++ package.json | 3 ++- 3 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/pr-plan.yml diff --git a/.github/workflows/pr-plan.yml b/.github/workflows/pr-plan.yml new file mode 100644 index 0000000..0cc050d --- /dev/null +++ b/.github/workflows/pr-plan.yml @@ -0,0 +1,40 @@ +name: PR-checks + +on: + push: + branches: ["develop", 'feature/CB2-10760'] + pull_request: + branches: ["develop", 'feature/CB2-10760'] + +jobs: + scanner: + permissions: + id-token: write + contents: write + pull-requests: write + runs-on: X64 + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v4 + with: + node-version-file: ".nvmrc" + - uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CVS_MGMT_AWS_ROLE }} + aws-region: ${{ secrets.DVSA_AWS_REGION }} + role-session-name: "cvs-tsk-retro=gen" + - uses: aws-actions/aws-secretsmanager-get-secrets@v1 + with: + secret-ids: sonarqube-gha + parse-json-secrets: true + - name: Install dependencies + run: npm ci + - name: Run SonarQube scanner + run: | + npm run test && \ + npm run sonar-scanner -- \ + -Dsonar.host.url=${{ env.SONARQUBE_GHA_URL }} \ + -Dsonar.token=${{ env.SONARQUBE_GHA_TOKEN }} \ + -Dsonar.login=${{ env.SONARQUBE_GHA_TOKEN }} \ + -Dsonar.projectName=${{ github.repository }} \ + -Dsonar.projectVersion=1.0.${{ github.run_id }} diff --git a/package-lock.json b/package-lock.json index 97bd113..ce99da7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -44,6 +44,7 @@ "serverless-plugin-tracing": "^2.0.0", "serverless-plugin-typescript": "^1.1.9", "sinon": "^8.1.1", + "sonar-scanner": "^3.1.0", "ts-jest": "^24.3.0", "tslint": "^5.20.1", "typescript": "4.4.4" @@ -18706,6 +18707,16 @@ "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true }, + "node_modules/sonar-scanner": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/sonar-scanner/-/sonar-scanner-3.1.0.tgz", + "integrity": "sha512-KD7W3wHCKJKAakhn8ckxNYTxkdb1cnJa3ot0NVvO8CCeJjb0yvF0fW2yGdI09zMHsqxCRsl4dLtyCL2SUv47WA==", + "dev": true, + "hasInstallScript": true, + "bin": { + "sonar-scanner": "index.js" + } + }, "node_modules/sort-keys": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz", @@ -37222,6 +37233,12 @@ } } }, + "sonar-scanner": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/sonar-scanner/-/sonar-scanner-3.1.0.tgz", + "integrity": "sha512-KD7W3wHCKJKAakhn8ckxNYTxkdb1cnJa3ot0NVvO8CCeJjb0yvF0fW2yGdI09zMHsqxCRsl4dLtyCL2SUv47WA==", + "dev": true + }, "sort-keys": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz", diff --git a/package.json b/package.json index cc20bbf..cbef281 100644 --- a/package.json +++ b/package.json @@ -66,6 +66,7 @@ "serverless-plugin-tracing": "^2.0.0", "serverless-plugin-typescript": "^1.1.9", "sinon": "^8.1.1", + "sonar-scanner": "^3.1.0", "ts-jest": "^24.3.0", "tslint": "^5.20.1", "typescript": "4.4.4" @@ -77,4 +78,4 @@ "pre-push": "npm run prepush" } } -} \ No newline at end of file +} From b0ba6cdc368e2b27ca520660e052885b4c9f04c7 Mon Sep 17 00:00:00 2001 From: Taylor Halfyard Date: Tue, 13 Feb 2024 18:11:30 +0000 Subject: [PATCH 2/2] Removed my feature from the workflow --- .github/workflows/pr-plan.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-plan.yml b/.github/workflows/pr-plan.yml index 0cc050d..13aa9e5 100644 --- a/.github/workflows/pr-plan.yml +++ b/.github/workflows/pr-plan.yml @@ -2,9 +2,9 @@ name: PR-checks on: push: - branches: ["develop", 'feature/CB2-10760'] + branches: ["develop"] pull_request: - branches: ["develop", 'feature/CB2-10760'] + branches: ["develop"] jobs: scanner: