ngx-deploy-npm/.github/workflows/sonar-pr.yml at main · bikecoders/ngx-deploy-npm · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Sonar for PRs
on:
  workflow_run:
    workflows: ['PRs']
    types: [completed]
jobs:
  sonar:
    name: Sonar
    runs-on: ubuntu-latest
    timeout-minutes: 30
    if: github.event.workflow_run.conclusion == 'success'
    steps:
      - uses: actions/checkout@v4
        with:
          repository: ${{ github.event.workflow_run.head_repository.full_name }}
          ref: ${{ github.event.workflow_run.head_branch }}
          fetch-depth: 0

      - name: Debug Workflow Info
        run: |
          echo "Workflow Run ID: ${{ github.event.workflow_run.id }}"
          echo "Workflow Head SHA: ${{ github.event.workflow_run.head_sha }}"
          echo "Current SHA: ${{ github.sha }}"
          echo "Head Branch: ${{ github.event.workflow_run.head_branch }}"
          echo "Repository: ${{ github.event.workflow_run.head_repository.full_name }}"

          # Output raw context for additional details
          echo "=== Raw Context ==="
          echo "Workflow Head SHA: ${{ github.event.workflow_run }}"

      - name: 'Raw Context'
        uses: actions/github-script@v6
        with:
          script: |
            JSON.stringify(${{ github.event.workflow_run }}, null, 2)

      # Download reports
      - name: 'Download reports'
        uses: actions/github-script@v6
        with:
          script: |
            async function downloadArtifact(artifactName) {
              console.log(`Looking for artifact: ${artifactName}`);
              let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
                owner: context.repo.owner,
                repo: context.repo.repo,
                run_id: context.payload.workflow_run.id,
              });
              console.log('Available artifacts:', allArtifacts.data.artifacts.map(a => a.name));

              let matchArtifact = allArtifacts.data.artifacts.find((artifact) => {
                return artifact.name === artifactName;
              });

              if (!matchArtifact) {
                throw new Error(`Artifact "${artifactName}" not found!`);
              }

              let download = await github.rest.actions.downloadArtifact({
                owner: context.repo.owner,
                repo: context.repo.repo,
                artifact_id: matchArtifact.id,
                archive_format: 'zip',
              });

              let fs = require('fs');
              fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/${artifactName}.zip`, Buffer.from(download.data));
              return artifactName;
            }

            // Download both artifacts
            await Promise.all([
              downloadArtifact('ngx-deploy-npm-coverage-report'),
              downloadArtifact('lint-report')
            ]);
      - name: 'Extract reports'
        run: |
          # Extract coverage report
          mkdir -p coverage/packages/ngx-deploy-npm
          unzip ngx-deploy-npm-coverage-report.zip -d coverage/packages/ngx-deploy-npm
          # Extract lint report
          mkdir -p reports
          unzip lint-report.zip -d reports

      - name: SonarCloud Scan
        uses: SonarSource/sonarqube-scan-action@v4.2.1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONARQUBE_SCANNER }}
        with:
          args: >
            -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
            -Dsonar.pullrequest.key=${{ github.event.workflow_run.pull_requests[0].number }}
            -Dsonar.pullrequest.branch=${{ github.event.workflow_run.pull_requests[0].head.ref }}
            -Dsonar.pullrequest.base=${{ github.event.workflow_run.pull_requests[0].base.ref }}