name: sq-analyze on: [push, pull_request] jobs: SonarScanner: runs-on: ubuntu-latest if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.event.repository.full_name steps: - name: Checkout uses: actions/checkout@v3 with: repository: ${{ github.event.workflow_run.head_repository.full_name }} ref: ${{ github.event.workflow_run.head_branch }} fetch-depth: 0 - name: Configure env vars for SonarCloud scan env: ACTIONS_ALLOW_UNSECURE_COMMANDS: true run: | echo "::set-env name=PATH::/opt/sonar-scanner/bin:$PATH" - name: Compute branch name env: ACTIONS_ALLOW_UNSECURE_COMMANDS: true uses: nixel2007/branch-name@v3 - name: Extract version if: github.event_name == 'push' shell: bash run: echo "##[set-output name=version;]` cat ./exts/yaxunit/src/Configuration/Configuration.mdo | grep -oP '(?<=)[\d.]+'`" id: extract_version - name: Setup sonarqube uses: warchant/setup-sonar-scanner@v3 # Анализ проекта в SonarQube (ветка) - name: Анализ в SonarQube (branch) if: github.event_name == 'push' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: sonar-scanner -Dsonar.host.url=https://sonar.openbsl.ru -Dsonar.branch.name=${{ env.BRANCH_NAME }} -Dsonar.projectVersion=${{ steps.extract_version.outputs.version }} -Dsonar.qualitygate.wait=true -Dsonar.qualitygate.timeout=300 # Анализ проекта в SonarQube (PR) # https://docs.sonarqube.org/latest/analysis/pull-request/ - name: Анализ в SonarQube (pull-request) if: github.event_name == 'pull_request' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: sonar-scanner -Dsonar.host.url=https://sonar.openbsl.ru -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} -Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }} -Dsonar.pullrequest.base=${{ github.event.pull_request.base.ref }} -Dsonar.scm.revision=${{ github.event.pull_request.head.sha }} -Dsonar.qualitygate.wait=true -Dsonar.qualitygate.timeout=300