Investigate failed Sonarqube builds #7849

shanice-skylight · 2024-06-25T15:27:20Z

DEVOPS PULL REQUEST

Related Issue

See Issue for this PR here
Sonarcube seems to be intermittently failing to build in CI jobs. See examples here and here

Changes Proposed

Added the sonar.java.binaries property and provided the value backend/build/classes/java/main which is the full path to the java classes

Testing

See successful Github Action for sonar step to verify no longer failing
A smoke test of basic functionality should be accomplished before merging.
This PR has been verified on dev2

Bumps the types group with 8 updates in the /frontend directory: | Package | From | To | | --- | --- | --- | | [@types/history](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/history) | `4.7.11` | `5.0.0` | | [@types/react-transition-group](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-transition-group) | `4.4.5` | `4.4.10` | | [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.11` | `29.5.12` | | [@types/jest-axe](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest-axe) | `3.5.5` | `3.5.9` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `20.12.7` | `20.12.11` | | [@types/react-csv](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-csv) | `1.1.6` | `1.1.10` | | [@types/react-modal](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-modal) | `3.16.0` | `3.16.3` | | [@types/redux-mock-store](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/redux-mock-store) | `1.0.4` | `1.0.6` | Updates `@types/history` from 4.7.11 to 5.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/history) Updates `@types/react-transition-group` from 4.4.5 to 4.4.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-transition-group) Updates `@types/jest` from 29.5.11 to 29.5.12 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) Updates `@types/jest-axe` from 3.5.5 to 3.5.9 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest-axe) Updates `@types/node` from 20.12.7 to 20.12.11 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 18.2.21 to 18.2.79 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@types/react-csv` from 1.1.6 to 1.1.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-csv) Updates `@types/react-modal` from 3.16.0 to 3.16.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-modal) Updates `@types/redux-mock-store` from 1.0.4 to 1.0.6 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/redux-mock-store) --- updated-dependencies: - dependency-name: "@types/history" dependency-type: direct:production update-type: version-update:semver-major dependency-group: types - dependency-name: "@types/react-transition-group" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/jest" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/jest-axe" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/react" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/react-csv" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/react-modal" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types - dependency-name: "@types/redux-mock-store" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: types ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [ejs](https://github.com/mde/ejs) from 3.1.8 to 3.1.10. - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.8...v3.1.10) --- updated-dependencies: - dependency-name: ejs dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the eslint group with 3 updates in the /frontend directory: [eslint-plugin-jest-dom](https://github.com/testing-library/eslint-plugin-jest-dom), [eslint-plugin-testing-library](https://github.com/testing-library/eslint-plugin-testing-library) and [eslint-plugin-unused-imports](https://github.com/sweepline/eslint-plugin-unused-imports). Updates `eslint-plugin-jest-dom` from 5.2.0 to 5.4.0 - [Release notes](https://github.com/testing-library/eslint-plugin-jest-dom/releases) - [Commits](testing-library/eslint-plugin-jest-dom@v5.2.0...v5.4.0) Updates `eslint-plugin-testing-library` from 6.2.0 to 6.2.2 - [Release notes](https://github.com/testing-library/eslint-plugin-testing-library/releases) - [Changelog](https://github.com/testing-library/eslint-plugin-testing-library/blob/main/.releaserc.json) - [Commits](testing-library/eslint-plugin-testing-library@v6.2.0...v6.2.2) Updates `eslint-plugin-unused-imports` from 3.1.0 to 3.2.0 - [Commits](https://github.com/sweepline/eslint-plugin-unused-imports/commits) --- updated-dependencies: - dependency-name: eslint-plugin-jest-dom dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint - dependency-name: eslint-plugin-testing-library dependency-type: direct:development update-type: version-update:semver-patch dependency-group: eslint - dependency-name: eslint-plugin-unused-imports dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Allow dispatching dev post deploy smoke test * Remove auto run after deploy dev * Add additional logging for smoke test script * Add pagerduty alert github action * Update smoke test exit codes

* moving code around * fix some stuff * fix some stuff * fix test card issue * use centralized aoe component hooks * fix test * submission mock improvement * simplify mock generation * .only removal * dedupe test constants * use generation code for mocks in test card test * add in mock generation utils for the test card * make diff smaller * lint * remove specific function strategies in favor of general one * replace respiratory bools too * lint * fix copy paste

…end (#7652) Bumps com.gorylenko.gradle-git-properties from 2.4.1 to 2.4.2. --- updated-dependencies: - dependency-name: com.gorylenko.gradle-git-properties dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ctions/report_stream_batched_publisher/functions (#7624) * Bump applicationinsights Bumps [applicationinsights](https://github.com/microsoft/ApplicationInsights-node.js) from 2.9.5 to 3.0.1. - [Release notes](https://github.com/microsoft/ApplicationInsights-node.js/releases) - [Commits](https://github.com/microsoft/ApplicationInsights-node.js/commits) --- updated-dependencies: - dependency-name: applicationinsights dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * Remove tagOverrides * add @types/node dependency * add APPLICATIONINSIGHTS_CONNECTION_STRING env var * format main.tf * add operationId to properties --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: elisa lee <[email protected]>

* delete old and add new * add some more labels * copy paste

* update node_version and azurerm to support node 20 * Update `WEBSITE_NODE_DEFAULT_VERSION` to `~20`

Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 3.0.0 to 3.1.1. - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](hashicorp/setup-terraform@v3.0.0...v3.1.1) --- updated-dependencies: - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* persist facility access updates in the table * add note to updatefacilities method * move all facilities permission check into apiuserservice * clean up unused deleteFacility methods * fix some test users to have facility access * update more tests

…7745) * Bump the typescript-eslint group across 1 directory with 2 updates Bumps the typescript-eslint group with 2 updates in the /frontend directory: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `@typescript-eslint/eslint-plugin` from 6.12.0 to 7.11.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.11.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 6.12.0 to 7.11.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.11.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-major dependency-group: typescript-eslint - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-major dependency-group: typescript-eslint ... Signed-off-by: dependabot[bot] <[email protected]> * add @typescript-eslint/no-unused-vars rule --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: elisa lee <[email protected]>

* add org.owasp.encoder and sanitize logs * Fix sonarcloud issue

Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

Bumps [azure-functions-core-tools](https://github.com/Azure/azure-functions-core-tools) from 4.0.5611 to 4.0.5801. - [Release notes](https://github.com/Azure/azure-functions-core-tools/releases) - [Commits](Azure/azure-functions-core-tools@4.0.5611...4.0.5801) --- updated-dependencies: - dependency-name: azure-functions-core-tools dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [applicationinsights](https://github.com/microsoft/ApplicationInsights-node.js) from 3.0.1 to 3.1.0. - [Release notes](https://github.com/microsoft/ApplicationInsights-node.js/releases) - [Commits](https://github.com/microsoft/ApplicationInsights-node.js/commits/3.1.0) --- updated-dependencies: - dependency-name: applicationinsights dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…7753) Bumps the eslint group in /frontend with 1 update: [eslint-plugin-unused-imports](https://github.com/sweepline/eslint-plugin-unused-imports). Updates `eslint-plugin-unused-imports` from 3.2.0 to 4.0.0 - [Commits](https://github.com/sweepline/eslint-plugin-unused-imports/commits) --- updated-dependencies: - dependency-name: eslint-plugin-unused-imports dependency-type: direct:development update-type: version-update:semver-major dependency-group: eslint ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…7782) Bumps [cypress-localstorage-commands](https://github.com/javierbrea/cypress-localstorage-commands) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/javierbrea/cypress-localstorage-commands/releases) - [Changelog](https://github.com/javierbrea/cypress-localstorage-commands/blob/master/CHANGELOG.md) - [Commits](javierbrea/cypress-localstorage-commands@v2.2.5...v2.2.6) --- updated-dependencies: - dependency-name: cypress-localstorage-commands dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add missing mock * consolidate test constants into shared files * some more cleanup * change mock generation * fix the other two mocks needed * fix other mocks * try again * dedupe const * delete unused vars

* add in rename * run codegen * lint * add back in accidental deletion * add test result delivery

Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

Bumps [@azure/functions](https://github.com/Azure/azure-functions-nodejs-library) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/Azure/azure-functions-nodejs-library/releases) - [Commits](Azure/azure-functions-nodejs-library@v4.4.0...v4.5.0) --- updated-dependencies: - dependency-name: "@azure/functions" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add syphilis history field to bulk uploader * Use string literals * Refactor using list of fields

* bandaid for bulk upload mapping failures for observation descriptions * correcting regression and updating method name to reflect refactor * removing redundant method call

* delete old references * lint

Bumps [axe-core](https://github.com/dequelabs/axe-core) from 4.9.0 to 4.9.1. - [Release notes](https://github.com/dequelabs/axe-core/releases) - [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md) - [Commits](dequelabs/axe-core@v4.9.0...v4.9.1) --- updated-dependencies: - dependency-name: axe-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the jest group in /frontend with 1 update: [jest-axe](https://github.com/nickcolley/jest-axe). Updates `jest-axe` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/nickcolley/jest-axe/releases) - [Changelog](https://github.com/NickColley/jest-axe/blob/main/CHANGELOG.md) - [Commits](NickColley/jest-axe@v8.0.0...v9.0.0) --- updated-dependencies: - dependency-name: jest-axe dependency-type: direct:development update-type: version-update:semver-major dependency-group: jest ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…7818) Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

…Facility (#7828) * add audit columns and persist role updates * rework using constructors * comment formatting * assert exception on one method invocation * give ben demo user a valid role * use lombok getters and setters when possible * put back getter to add override annotation

@ts-ignore

* add adtional values to supportedDiseasesFormData type * add input fields to front end * update input field * set values and update graphQL * update tests * update snapshots * Add separator and styling * Remove @ts-ignore and type correctly --------- Co-authored-by: elisa lee <[email protected]>

frontend/public/mockServiceWorker.js

+  event.waitUntil(self.clients.claim())
+})
+
+self.addEventListener('message', async function (event) {


shanice-skylight · 2024-06-26T18:21:29Z

I rebased from master to fix the out of sync terraform provider version

sonarqubecloud · 2024-06-26T18:23:56Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

shanice-skylight · 2024-06-27T14:11:29Z

Moving to a new PR so that the merge will be cleaner. No further actions

modified sonar command and and sonar property

d4df272

shanice-skylight self-assigned this Jun 25, 2024

removed wildcard from property sonar.java.binaries

cfb44bf

shanice-skylight mentioned this pull request Jun 25, 2024

Snyk/Dependabot/Sonar Review - March 2024 #7487

Closed

shanice-skylight added 3 commits June 26, 2024 09:39

moved wildcard in binaries path

87cf43b

added java to path

f5ef2e3

turned on sonar verbose and modified java binaries path

254b917

shanice-skylight changed the title ~~modified sonar command and and sonar property~~ Investigate failed Sonarqube builds Jun 26, 2024

turned off sonar verbose

c654ee9

shanice-skylight temporarily deployed to dev2 June 26, 2024 16:08 — with GitHub Actions Inactive

shanice-skylight linked an issue Jun 26, 2024 that may be closed by this pull request

Investigate failed Sonarqube builds #7802

Closed

shanice-skylight temporarily deployed to dev2 June 26, 2024 16:42 — with GitHub Actions Inactive

dependabot bot and others added 18 commits June 26, 2024 14:10

Improve smoke testing lower dev deploys (#7706)

7e03f2f

* Allow dispatching dev post deploy smoke test * Remove auto run after deploy dev * Add additional logging for smoke test script * Add pagerduty alert github action * Update smoke test exit codes

add facilities to api user class (#7709)

b0c14ed

clean up issue templates (#7723)

1cebaf8

* delete old and add new * add some more labels * copy paste

update node_version and azurerm to support node 20 (#7595)

56e0465

* update node_version and azurerm to support node 20 * Update `WEBSITE_NODE_DEFAULT_VERSION` to `~20`

add new label (#7729)

a6ef487

Add org.owasp.encoder (#7731)

fe20b45

* add org.owasp.encoder and sanitize logs * Fix sonarcloud issue

Add OTC CLIA to validator (#7747)

ceea7e0

Bump com.squareup.okio:okio from 3.4.0 to 3.9.0 in /backend (#7653)

14e31a7

Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

dependabot bot and others added 19 commits June 26, 2024 14:10

fix flaky test card tests (#7792)

8c95ff5

* add missing mock * consolidate test constants into shared files * some more cleanup * change mock generation * fix the other two mocks needed * fix other mocks * try again * dedupe const * delete unused vars

updateTimeOfTest --> AoeQuestions pt 1 (#7801)

0a8dcf1

* add in rename * run codegen * lint * add back in accidental deletion * add test result delivery

Bump com.graphql-java:graphql-java-extended-scalars in /backend (#7793)

e62b8a4

Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

Cleanup storybook files (#7805)

f1ce70f

Add syphilis history field to bulk uploader (#7809)

a98d307

* Add syphilis history field to bulk uploader * Use string literals * Refactor using list of fields

Bulk upload fhir mapping bugfix (#7807)

8b6accd

* bandaid for bulk upload mapping failures for observation descriptions * correcting regression and updating method name to reflect refactor * removing redundant method call

clean up old time of test endpoints (#7811)

e8f4ef3

* delete old references * lint

Add location names and codes for HIV specimen type (#7808)

37a3639

Bump io.hypersistence:hypersistence-utils-hibernate-62 in /backend (#…

8c409b9

…7818) Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>

Fix checkboxes disabled bug (#7831)

272efc9

github-advanced-security bot found potential problems Jun 26, 2024

View reviewed changes

frontend/public/mockServiceWorker.js

event.waitUntil(self.clients.claim())

})

self.addEventListener('message', async function (event) {

Check warning

Code scanning / CodeQL

Missing origin verification in `postMessage` handler Medium

Postmessage handler has no origin check.

shanice-skylight temporarily deployed to dev2 June 26, 2024 18:24 — with GitHub Actions Inactive

shanice-skylight temporarily deployed to dev2 June 26, 2024 18:31 — with GitHub Actions Inactive

shanice-skylight temporarily deployed to dev2 June 26, 2024 18:37 — with GitHub Actions Inactive

shanice-skylight requested review from fzhao99 and removed request for fzhao99 June 26, 2024 19:09

shanice-skylight removed a link to an issue Jun 27, 2024

Investigate failed Sonarqube builds #7802

Closed

shanice-skylight closed this Jun 27, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Investigate failed Sonarqube builds #7849

Investigate failed Sonarqube builds #7849

shanice-skylight commented Jun 25, 2024 •

edited

Loading

shanice-skylight commented Jun 26, 2024

sonarqubecloud bot commented Jun 26, 2024

shanice-skylight commented Jun 27, 2024

Investigate failed Sonarqube builds #7849

Investigate failed Sonarqube builds #7849

Conversation

shanice-skylight commented Jun 25, 2024 • edited Loading

DEVOPS PULL REQUEST

Related Issue

Changes Proposed

Testing

shanice-skylight commented Jun 26, 2024

sonarqubecloud bot commented Jun 26, 2024

Quality Gate passed

shanice-skylight commented Jun 27, 2024

shanice-skylight commented Jun 25, 2024 •

edited

Loading