try sonar action

Signed-off-by: BAStos525 <[email protected]>
hyperledger-iroha · Sep 3, 2024 · a55075b · a55075b
1 parent bf6bac1
commit a55075b
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 17 deletions.
diff --git a/.github/workflows/iroha2-pr.yml b/.github/workflows/iroha2-pr.yml
@@ -3,12 +3,47 @@ name: Iroha2-java pull requests workflow
 on:
   pull_request:
     branches: [ iroha2-dev, iroha2-main ]
+  push:
+    branches: feature/DOPS-3309/sonar-dojo
+
 jobs:
-  build:
-    runs-on: ubuntu-latest
+  # build:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - name: Set up JDK 17
+  #       uses: actions/setup-java@v3
+  #       with:
+  #         java-version: '17'
+  #         distribution: 'liberica'
+  #     - name: Cache Gradle packages
+  #       uses: actions/cache@v3
+  #       with:
+  #         path: |
+  #           ~/.gradle/caches
+  #           ~/.gradle/wrapper
+  #         key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+  #         restore-keys: |
+  #           ${{ runner.os }}-gradle-
+  #     - name: Build with Gradle
+  #       run: ./gradlew build --info
+  #     - name: Upload build reports
+  #       if: failure()
+  #       uses: actions/upload-artifact@v3
+  #       with:
+  #         name: build-reports
+  #         path: /home/runner/work/iroha-java/iroha-java/**/index.html
+  #     - name: Cleanup Gradle Cache
+  #       # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
+  #       # Restoring these files from a GitHub Actions cache might cause problems for future builds.
+  #       run: |
+  #         rm -f ~/.gradle/caches/modules-2/modules-2.lock
+  #         rm -f ~/.gradle/caches/modules-2/gc.properties
 
+  sonarqube-defectdojo:
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
@@ -23,17 +58,29 @@ jobs:
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
           restore-keys: |
             ${{ runner.os }}-gradle-
-      - name: Build with Gradle
-        run: ./gradlew build --info
-      - name: Upload build reports
-        if: failure()
-        uses: actions/upload-artifact@v3
-        with:
-          name: build-reports
-          path: /home/runner/work/iroha-java/iroha-java/**/index.html
-      - name: Cleanup Gradle Cache
-        # Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
-        # Restoring these files from a GitHub Actions cache might cause problems for future builds.
-        run: |
-          rm -f ~/.gradle/caches/modules-2/modules-2.lock
-          rm -f ~/.gradle/caches/modules-2/gc.properties
+      - name: Test Sonarqube with Gradle
+        run: gradle sonar -Dsonar.token=${{ secrets.SONAR_TOKEN }}
+      # - name: SonarQube
+      #   uses: sonarsource/sonarqube-scan-action@master
+      #   env:
+      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      #     SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+      #   with:
+      #     args: >
+      #       -Dcommunity.rust.clippy.reportPaths=lints/clippy.json
+      #       -Dcommunity.rust.lcov.reportPaths=lints/lcov.info
+      # - name: DefectDojo
+      #   id: defectdojo
+      #   uses: C4tWithShell/[email protected]
+      #   with:
+      #     token: ${{ secrets.DEFECTOJO_TOKEN }}
+      #     defectdojo_url: ${{ secrets.DEFECTOJO_URL }}
+      #     product_type: iroha2-java
+      #     engagement: ${{ github.ref_name }}
+      #     tools: "SonarQube API Import,Github Vulnerability Scan"
+      #     sonar_projectKey: hyperledger:iroha-java
+      #     github_token: ${{ secrets.GITHUB_TOKEN }}
+      #     github_repository: ${{ github.repository }}
+      #     product: ${{ github.repository }}
+      #     environment: Test
+      #     reports: '{"Github Vulnerability Scan": "github.json"}'
diff --git a/build.gradle b/build.gradle
@@ -15,6 +15,7 @@ plugins {
     id 'org.jmailen.kotlinter' version "$kotlinLinterVer"
     id 'maven-publish'
     id 'com.github.johnrengelman.shadow' version '8.1.1'
+    id "org.sonarqube" version "5.1.0.4882"
 }
 
 allprojects {
@@ -105,3 +106,10 @@ task allShadowJars {
 check {
     dependsOn "installKotlinterPrePushHook"
 }
+
+sonar {
+  properties {
+    property "sonar.projectKey", "hyperledger:iroha-java"
+    property "sonar.host.url", "https://sonar.soramitsu.co.jp"
+  }
+}
diff --git a/gradle.properties b/gradle.properties
@@ -18,3 +18,4 @@ junitVersion=5.9.3
 # logging
 logbackVer=1.2.3
 org.gradle.jvmargs=-XX:MetaspaceSize=128M -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
+systemProp.sonar.host.url=http://localhost:9000