diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml index f0cbc73..d6bebdf 100644 --- a/.github/workflows/code-analysis.yml +++ b/.github/workflows/code-analysis.yml @@ -1,52 +1,36 @@ -name: Build for Sonar +name: SonarQube Cloud on: push: branches: - dev pull_request: - branches: - - dev types: [opened, synchronize, reopened] jobs: - sonarcloud: - name: SonarCloud + build: + name: Build and analyze runs-on: ubuntu-latest + container: + image: ghcr.io/cirruslabs/flutter:stable steps: - uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - #2 Setup Java - - name: Set Up Java - uses: actions/setup-java@v3.12.0 + - name: Cache SonarQube Cloud packages + uses: actions/cache@v4 with: - distribution: 'oracle' - java-version: '17' - #3 Setup Flutter - - name: Set Up Flutter - uses: subosito/flutter-action@v2 - with: - flutter-version: '3.24.3' - channel: 'stable' - #4 Install Dependencies - - name: Install Dependencies - run: flutter pub get - #5 Run flutter tests - - name: Run Flutter Tests + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Build + run: flutter build + - name: Execute tests run: flutter test --coverage - #6 Run Sonar cloud scan - - name: SonarCloud Scan - env: - GITHUB_TOKEN: ${{ secrets.API_TOKEN_GITHUB }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + - name: Download sonar-scanner run: | - export SONAR_SCANNER_VERSION=6.2.1.4610 - export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux-x64 - curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux-x64.zip + curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-linux-x64.zip unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/ - export PATH=$SONAR_SCANNER_HOME/bin:$PATH - export SONAR_SCANNER_OPTS="-server" - sonar-scanner \ - -Dsonar.organization=fga-eps-mds-1 \ - -Dsonar.projectKey=fga-eps-mds_2024.2-ARANDU-APP\ - -Dsonar.sources=./lib \ - -Dsonar.host.url=https://sonarcloud.io + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: $HOME/.sonar/sonar-scanner-6.2.1.4610-linux-x64/bin/sonar-scanner -Dsonar.projectKey=fga-eps-mds_2024.2-ARANDU-APP -Dsonar.organization=fga-eps-mds-1 -Dsonar.sources=./lib -Dsonar.tests=./test -Dsonar.dart.lcov.reportPaths=./coverage/lcov.info diff --git a/sonar-scanner.properties b/sonar-scanner.properties new file mode 100644 index 0000000..3a8553a --- /dev/null +++ b/sonar-scanner.properties @@ -0,0 +1,13 @@ +# SonarCloud project and organization +sonar.projectKey=fga-eps-mds_2024.2-ARANDU-APP +sonar.organization=fga-eps-mds-1 + +# Path to source code and test directories +sonar.sources=./lib +sonar.tests=./test + +# Path to the coverage report generated by flutter test +sonar.dart.lcov.reportPaths=./coverage/lcov.info + +# Exclude specific directories and files from analysis +sonar.exclusions=**/assets/**, .github/**, scripts/**, **/*.g.dart