diff --git a/.github/workflows/check_sonar_tests.yml b/.github/workflows/check_sonar_tests.yml new file mode 100644 index 0000000..34e03d7 --- /dev/null +++ b/.github/workflows/check_sonar_tests.yml @@ -0,0 +1,67 @@ +name: CI - iOS + +on: + pull_request: + types: [opened, edited, reopened, synchronize] + workflow_dispatch: + +env: + GH_TOKEN: ${{ secrets.GIT_TOKEN_SECRET }} + OWNER: ${{ github.repository_owner }} + REPO: ${{ github.event.repository.name }} + PR_NUMBER: ${{ github.event.number }} + SONAR_HOST_URL: "https://sonarqube.trustly.one" + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_SECRET }} + SONAR_PROJECT_KEY: "trustly-ios" + SONAR_PROJECT_NAME: "trustly-ios" + +jobs: + SonarQube: + runs-on: macOS-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Install dependencies + run: | + # Install required tools + brew update + brew install cocoapods swiftlint oclint + sudo gem install -n /usr/local/bin xcpretty + + # Install project dependencies + pod install --project-directory=Example + + - name: Run Sonar-Swift Script + run: | + chmod +x ./run-sonar-swift.sh + ./run-sonar-swift.sh + + - name: Verify Coverage Report + run: | + if [ -f "sonar-reports/generic-coverage.xml" ]; then + echo "Coverage report generated successfully: sonar-reports/generic-coverage.xml" + else + echo "Coverage report not found!" && exit 1 + fi + + + - name: Run SonarQube Analysis + run: | + sonar-scanner -X \ + -Dsonar.host.url=${SONAR_HOST_URL} \ + -Dsonar.login=${SONAR_TOKEN} \ + -Dsonar.projectKey=${SONAR_PROJECT_KEY} \ + -Dsonar.projectName=${SONAR_PROJECT_NAME} \ + -Dsonar.pullrequest.base="${{ github.base_ref }}" \ + -Dsonar.pullrequest.branch="${{ github.head_ref }}" \ + -Dsonar.pullrequest.key="${{ github.event.pull_request.number }}" \ + -Dsonar.scm.revision="${{ github.event.pull_request.head.sha }}" \ + -Dsonar.coverageReportPaths=sonar-reports/generic-coverage.xml \ + -Dsonar.scm.disabled=true \ + -Dsonar.language=swift \ + -Dsonar.sources="." \ + -Dsonar.verbose=true \ No newline at end of file diff --git a/.github/workflows/trigger_sonar.yml b/.github/workflows/trigger_sonar.yml deleted file mode 100644 index 919260b..0000000 --- a/.github/workflows/trigger_sonar.yml +++ /dev/null @@ -1,42 +0,0 @@ -name: Trigger Sonar -on: - pull_request: - types: [opened, synchronize, reopened] -env: - GH_TOKEN: ${{ secrets.GIT_TOKEN_SECRET }} - BAMBOO_TOKEN_SECRET: ${{ secrets.BAMBOO_TOKEN_SECRET }} - GITHUB_TOKEN_SECRET: ${{ secrets.GIT_TOKEN_SECRET }} - GITHUB_REPO_OWNER: ${{ github.repository_owner }} - GITHUB_REPO: ${{ github.event.repository.name }} - GITHUB_PR_ID: ${{ github.event.number }} -jobs: - trigger_sonar: - if: | - github.repository == 'TrustlyInc/trustly-ios' && - github.event.pull_request.mergeable_status != 'dirty' - runs-on: ubuntu-latest - steps: - - name: Checkout source code - run: git clone -q https://${GITHUB_TOKEN_SECRET}@github.com/${GITHUB_REPO_OWNER}/${GITHUB_REPO}.git --depth=2 - - name: Trigger Bamboo Pipeline - SonarQube Pull Request Analysis - run: | - cd "${GITHUB_REPO}" || exit - - echo -e "Github PR ID : ${GITHUB_PR_ID}" - echo -e "Github repository: ${GITHUB_REPO}" - - echo -e "Trigger Bamboo Pipeline" - response=$(curl --request POST \ - "https://bamboo.paywithmybank.com/rest/api/latest/queue/CAS-SATAPR?bamboo.GITHUB_PR_ID=${GITHUB_PR_ID}" \ - --data "stage&executeAllStages" \ - --header "Authorization: Bearer ${BAMBOO_TOKEN_SECRET}" \ - --write-out "%{http_code}" \ - --silent \ - --output /dev/null) - - if [ "${response}" -eq 200 ]; then - echo "Pipeline triggered successfully." - else - echo "Failed to trigger pipeline. HTTP status code: ${response}" - fi - shell: bash \ No newline at end of file