From: Kevin Sandi Date: Thu, 27 Mar 2025 18:01:41 +0000 (-0600) Subject: CI: Support sonarqube coverage reports X-Git-Tag: 1.0.5~9 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=f95bf26da08d78c6ed928d8595bfb39e64c602fb;p=policy%2Fopa-pdp.git CI: Support sonarqube coverage reports Additionally disable Sonatype Lifecycle until it is ready Issue-ID: CIMAN-33 Change-Id: Ie7b5f290421ce471232c58633980078222ceb6c6 Signed-off-by: Kevin Sandi --- diff --git a/.github/scripts/prescan-go-coverage-ubuntu.sh b/.github/scripts/prescan-go-coverage-ubuntu.sh new file mode 100644 index 0000000..f7e9d55 --- /dev/null +++ b/.github/scripts/prescan-go-coverage-ubuntu.sh @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: Apache-2.0 +# SPDX-FileCopyrightText: 2025 The Linux Foundation + +#!/bin/bash +echo "--> prescan-go-coverage-ubuntu.sh" + +set -ex + +# Test and coverage +go test -p 1 ./... -coverprofile=coverage.out + +echo "--> prescan-go-coverage-ubuntu.sh ends" diff --git a/.github/workflows/security-audits.yaml b/.github/workflows/security-audits.yaml index 77c7534..0160ed8 100644 --- a/.github/workflows/security-audits.yaml +++ b/.github/workflows/security-audits.yaml @@ -26,18 +26,18 @@ on: permissions: {} jobs: - sonatype-lifecycle: - name: "Sonatype Lifecycle" - # yamllint disable-line rule:line-length - uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7 - secrets: - NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }} + #sonatype-lifecycle: + # name: "Sonatype Lifecycle" + # # yamllint disable-line rule:line-length + # uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7 + # secrets: + # NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }} # Scan results are found at: https://sonarcloud.io/login sonarqube-cloud: name: "SonarQube Cloud" # yamllint disable-line rule:line-length - uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonarqube-cloud.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7 + uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonarqube-cloud.yaml@ac846b1cfeaf3a7cac6f28413a5206afc9951464 # v0.2.11 permissions: # Needed to upload the results to code-scanning dashboard. security-events: write @@ -48,3 +48,6 @@ jobs: # actions: read secrets: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + BUILD_WRAPPER_URL: https://raw.githubusercontent.com/onap/policy-opa-pdp/refs/heads/master/.github/scripts/prescan-go-coverage-ubuntu.sh + BUILD_WRAPPER_OUT_DIR: .