Skip to content

Commit 7190738

Browse files
authored
Noor1027/bb2 4975 sonarqube integration gha (#1650)
* Fix SonarQube job dependencies and use pytest * fix module * Fix Exec format error * Update sonarqube.yml * Run when code is merged o master * Update sonarqube.yml
1 parent 114a0ca commit 7190738

1 file changed

Lines changed: 14 additions & 12 deletions

File tree

.github/workflows/sonarqube.yml

Lines changed: 14 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,18 @@
1-
# SonarQube Code Analysis
2-
# Migrated from Jenkins pipeline
1+
# Runs our SonarQube code analysis to check code quality and test coverage.
2+
# (This job was recently moved over from our old Jenkins pipeline!)
33

44
name: SonarQube Analysis
55

66
on:
77
push:
88
branches:
99
- master
10-
pull_request:
11-
branches: [master]
10+
1211
workflow_dispatch:
1312

1413
env:
15-
# These values come from GitHub Repository Variables
16-
# Settings Secrets and variables Actions Variables
14+
# We pull these configuration variables directly from GitHub.
15+
# (You can find them in the repo under Settings -> Secrets and variables -> Actions -> Variables)
1716
SONARQUBE_URL: ${{ vars.SONARQUBE_URL }}
1817
SONAR_PROJECT_KEY: ${{ vars.SONAR_PROJECT_KEY }}
1918
DJANGO_SETTINGS_MODULE: ${{ vars.DJANGO_SETTINGS_MODULE }}
@@ -22,7 +21,8 @@ env:
2221
jobs:
2322
sonarqube:
2423
name: SonarQube Analysis
25-
# Use CodeBuild runner - runs inside CMS/AWS network, can reach internal SonarQube
24+
# We use our custom AWS CodeBuild runner for this job because it runs
25+
# directly inside the CMS/AWS network, which allows it to securely talk to our internal SonarQube server!
2626
runs-on:
2727
- codebuild-bb-test-web-server-${{ github.run_id }}-${{ github.run_attempt }}
2828

@@ -44,14 +44,15 @@ jobs:
4444
python3 -m venv /tmp/venv
4545
source /tmp/venv/bin/activate
4646
python3 -m pip install --upgrade pip setuptools wheel
47-
pip install -r requirements/requirements.txt --no-deps --prefer-binary || pip install -r requirements/requirements.txt
48-
pip install coverage pytest
47+
pip install -r requirements/requirements.dev.txt --no-deps --prefer-binary --require-hashes
48+
pip install coverage
4949
echo "/tmp/venv/bin" >> $GITHUB_PATH
5050
5151
- name: Run tests with coverage
5252
run: |
5353
source /tmp/venv/bin/activate
54-
coverage run runtests.py
54+
export DJANGO_SETTINGS_MODULE="hhs_oauth_server.settings.test"
55+
coverage run -m pytest -m 'not integration'
5556
coverage xml
5657
5758
- name: Check SonarQube connectivity
@@ -64,16 +65,17 @@ jobs:
6465
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
6566
run: |
6667
echo "Installing SonarQube scanner..."
67-
curl -sSLo sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
68+
curl -sSLo sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006.zip
6869
unzip -q sonar-scanner.zip
69-
export PATH="$PWD/sonar-scanner-5.0.1.3006-linux/bin:$PATH"
70+
export PATH="$PWD/sonar-scanner-5.0.1.3006/bin:$PATH"
7071
7172
echo "Running SonarQube analysis..."
7273
sonar-scanner \
7374
-Dsonar.projectKey=${{ env.SONAR_PROJECT_KEY }} \
7475
-Dsonar.sources=. \
7576
-Dsonar.host.url=${{ env.SONARQUBE_URL }} \
7677
-Dsonar.token=$SONAR_TOKEN \
78+
-Dsonar.ci.autoconfig.disabled=true \
7779
-Dsonar.inclusions=apps/*/*.py,hhs_oauth_server/*/*.py \
7880
-Dsonar.exclusions=apps/*/management/migrations/*.py,apps/*/tests/*.py,apps/integration_tests/* \
7981
-Dsonar.python.coverage.reportPaths=coverage.xml

0 commit comments

Comments
 (0)