From bfcf0686463c2127eddaa85c1c88f5361217071a Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 17 Jun 2024 14:53:16 +0200 Subject: [PATCH 1/8] Added Sonarcloud to CI + config file --- .github/workflows/ci.yml | 15 +++++++++++---- sonar-project.properties | 20 ++++++++++++++++++++ 2 files changed, 31 insertions(+), 4 deletions(-) create mode 100644 sonar-project.properties diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 88e3d0a..fd82b80 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,10 +1,12 @@ name: Continuous Integration + on: + workflow_dispatch: push: - branches: [ main ] + branches: [ main ] + tags: [ v* ] pull_request: - branches: [ main ] jobs: run-tests: @@ -59,10 +61,10 @@ jobs: run: echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json" - name: Execute tests (Unit and Feature) - run: vendor/bin/phpunit + run: vendor/bin/phpunit --log-junit=reports/report-phpunit.xml --coverage-clover=reports/coverage-phpunit.xml - name: Static analysis with PHPStan - run: vendor/bin/phpstan analyse + run: vendor/bin/phpstan analyse --error-format=json > reports/phpstan.json - name: Static analysis with Psalm if: "${{ matrix.experimental == false }}" @@ -70,3 +72,8 @@ jobs: - name: Coding style PSR12 Check run: vendor/bin/phpcs + + - name: Run SonarCloud scanner + uses: minvws/nl-irealisatie-generic-pipelines/.github/actions/sonarcloud@main + with: + sonar-token: ${{ secrets.SONAR_TOKEN }} diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..a68b445 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,20 @@ +# Project info +sonar.organization=vws +sonar.projectKey=nl-rdo-openid-connect-php-laravel + +# Info links shown in SonarCloud +sonar.links.homepage=https://github.com/minvws/nl-rdo-openid-connect-php-laravel + +# Encoding and language specific properties +sonar.sourceEncoding=UTF-8 + +# Analysis scoping +sonar.sources=src +sonar.tests=tests + +# Code coverage +sonar.php.tests.reportPath=reports/report-phpunit.xml +sonar.php.coverage.reportPaths=reports/coverage-phpunit.xml + +# Additional reports +sonar.php.phpstan.reportPaths=reports/phpstan.json \ No newline at end of file From 623be53789b2aeb4199b2c68db633f4f78938a3a Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 17 Jun 2024 14:57:21 +0200 Subject: [PATCH 2/8] Copied in the sonar action coz this repo is public --- .github/workflows/ci.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fd82b80..cfd7c8f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -73,7 +73,15 @@ jobs: - name: Coding style PSR12 Check run: vendor/bin/phpcs - - name: Run SonarCloud scanner - uses: minvws/nl-irealisatie-generic-pipelines/.github/actions/sonarcloud@main + - name: 'Run SonarCloud scanner' + if: ${{contains(github.ref, '/pull/')}} + uses: SonarSource/sonarcloud-github-action@v2.2.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: 'Run SonarCloud scanner' + if: ${{!contains(github.ref, '/pull/')}} + uses: SonarSource/sonarcloud-github-action@v2.2.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} with: - sonar-token: ${{ secrets.SONAR_TOKEN }} + args: -Dsonar.branch.name=${{ github.ref_name }} \ No newline at end of file From fa6401444c9d5f0234270fb70a70a352ef7bd2c3 Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 15 Jul 2024 14:44:50 +0200 Subject: [PATCH 3/8] Use new action template --- .github/workflows/ci.yml | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cfd7c8f..b739e61 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,14 +74,6 @@ jobs: run: vendor/bin/phpcs - name: 'Run SonarCloud scanner' - if: ${{contains(github.ref, '/pull/')}} - uses: SonarSource/sonarcloud-github-action@v2.2.0 - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - name: 'Run SonarCloud scanner' - if: ${{!contains(github.ref, '/pull/')}} - uses: SonarSource/sonarcloud-github-action@v2.2.0 - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + uses: minvws/nl-irealisatie-generic-pipelines/.github/actions/sonarcloud@main with: - args: -Dsonar.branch.name=${{ github.ref_name }} \ No newline at end of file + sonar-token: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file From b5cadd42ebff1a1edef45edf103babed3edb94a6 Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 15 Jul 2024 14:44:58 +0200 Subject: [PATCH 4/8] Test with broadening scope --- sonar-project.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sonar-project.properties b/sonar-project.properties index a68b445..ecbaa6e 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -9,7 +9,7 @@ sonar.links.homepage=https://github.com/minvws/nl-rdo-openid-connect-php-laravel sonar.sourceEncoding=UTF-8 # Analysis scoping -sonar.sources=src +sonar.sources=src,config,routes sonar.tests=tests # Code coverage From d3cc846cad97ef0623e73f4aa1b28902b4096a6d Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 15 Jul 2024 14:47:43 +0200 Subject: [PATCH 5/8] Added extra error-format --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b739e61..49b6e29 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -64,7 +64,7 @@ jobs: run: vendor/bin/phpunit --log-junit=reports/report-phpunit.xml --coverage-clover=reports/coverage-phpunit.xml - name: Static analysis with PHPStan - run: vendor/bin/phpstan analyse --error-format=json > reports/phpstan.json + run: vendor/bin/phpstan analyse --error-format=github --error-format=json > reports/phpstan.json - name: Static analysis with Psalm if: "${{ matrix.experimental == false }}" From a065d8d3293e96da4b5a5fa5988971d47fe3a91c Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 15 Jul 2024 14:51:28 +0200 Subject: [PATCH 6/8] Revert implementation of template --- .github/workflows/ci.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 49b6e29..7755334 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,6 +74,14 @@ jobs: run: vendor/bin/phpcs - name: 'Run SonarCloud scanner' - uses: minvws/nl-irealisatie-generic-pipelines/.github/actions/sonarcloud@main + if: ${{contains(github.ref, '/pull/')}} + uses: SonarSource/sonarcloud-github-action@v2.2.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: 'Run SonarCloud scanner' + if: ${{!contains(github.ref, '/pull/')}} + uses: SonarSource/sonarcloud-github-action@v2.2.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} with: - sonar-token: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file + args: -Dsonar.branch.name=${{ github.ref_name }} \ No newline at end of file From a48f700832ed94c2cc0ce738a3500cf1c27e3c24 Mon Sep 17 00:00:00 2001 From: pk27734 Date: Mon, 15 Jul 2024 15:59:26 +0200 Subject: [PATCH 7/8] Switched to dual run phpstan --- .github/workflows/ci.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7755334..36f4519 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -64,7 +64,9 @@ jobs: run: vendor/bin/phpunit --log-junit=reports/report-phpunit.xml --coverage-clover=reports/coverage-phpunit.xml - name: Static analysis with PHPStan - run: vendor/bin/phpstan analyse --error-format=github --error-format=json > reports/phpstan.json + run: | + vendor/bin/phpstan analyse --error-format=github + vendor/bin/phpstan analyse --error-format=json > reports/phpstan.json - name: Static analysis with Psalm if: "${{ matrix.experimental == false }}" From 738723085a17d66ef6ad491f9096f4e3d9389229 Mon Sep 17 00:00:00 2001 From: Rein Schaap Date: Fri, 28 Feb 2025 19:29:43 +0100 Subject: [PATCH 8/8] replace sonarcloud with sonarqube cloud (scan action) replace https://github.com/SonarSource/sonarcloud-github-action with https://github.com/SonarSource/sonarqube-scan-action --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 36f4519..3f0f499 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -75,15 +75,15 @@ jobs: - name: Coding style PSR12 Check run: vendor/bin/phpcs - - name: 'Run SonarCloud scanner' + - name: 'Run SonarQube cloud scanner' if: ${{contains(github.ref, '/pull/')}} - uses: SonarSource/sonarcloud-github-action@v2.2.0 + uses: SonarSource/sonarqube-scan-action@v5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - - name: 'Run SonarCloud scanner' + - name: 'Run SonarQube cloud scanner' if: ${{!contains(github.ref, '/pull/')}} - uses: SonarSource/sonarcloud-github-action@v2.2.0 + uses: SonarSource/sonarqube-scan-action@v5 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} with: - args: -Dsonar.branch.name=${{ github.ref_name }} \ No newline at end of file + args: -Dsonar.branch.name=${{ github.ref_name }}