Skip to content

Commit

Permalink
⬆️ Upgrade deprecated SonarCloud action (#1228)
Browse files Browse the repository at this point in the history 
* ⬆️ Upgrade deprecated `sonarcloud-github-action` to `sonarqube-scan-action`

* 🔧 Add coverage exclusion rule for test files

* 🔧 Update coverage omit setting

* 👷 Configure test coverage for SonarCloud

* 👷 Simplify and use mise for workflow

* 🎨 Use latest actions/checkout
  • Loading branch information
@ff137
ff137 authored Dec 12, 2024
1 parent c649e76 commit d452218
Show file tree
Hide file tree
Showing 2 changed files with 60 additions and 20 deletions.
73 changes: 59 additions & 14 deletions .github/workflows/sonarcloud.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,24 +43,69 @@ jobs:
runs-on: ubuntu-latest

steps:
- name: Analyze with SonarCloud
# Checkout the repository
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for proper blame data in SonarCloud

- name: Overwrite .mise.toml # Simplify mise in this workflow
run: |
cat <<EOF > .mise.toml
[tools]
python = "3.12"
"pipx:poetry" = "1.8"
uv = "0.4"
[settings]
experimental = true
jobs = 1
pipx_uvx = true
python_compile = false
uses: SonarSource/[email protected]
[env]
# Use Python/Mise managed virtual environment
POETRY_VIRTUALENVS_CREATE = "false"
# Setup Python Virtual Environment
_.python.venv = { path = ".venv", create = true }
[tasks."poetry:install"]
description = "Poetry Install dependencies for all submodules"
depends = ["poetry:install:*"]
EOF
- name: Install dependencies
uses: jdx/mise-action@v2
with:
cache: true
experimental: true
install: true

# Install dependencies
- name: Install dependencies with Poetry
run: mise run poetry:install

# Run tests and generate coverage report
- name: Run Tests with Coverage
run: |
source .venv/bin/activate
set +e
cp .env.example .env
source .env
poetry run pytest --cov --cov-report=xml --ignore=app/tests/e2e/ --ignore=trustregistry/tests/e2e/
# Analyze with SonarCloud
- name: Analyze with SonarCloud
uses: SonarSource/[email protected]
env:
GITHUB_TOKEN: ${{ github.token }} # Needed to get PR information
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
with:
# Additional arguments for the sonarcloud scanner
args:
# Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu)
# mandatory
# Additional arguments for the SonarCloud scanner
args: >
-Dsonar.projectKey=didx-xyz_aries-cloudapi-python
-Dsonar.organization=didx-xyz
# Comma-separated paths to directories containing main source files.
#-Dsonar.sources= # optional, default is project base directory
# When you need the analysis to take place in a directory other than the one from which it was launched
#-Dsonar.projectBaseDir= # optional, default is .
# Comma-separated paths to directories containing test source files.
#-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
# Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing.
#-Dsonar.verbose= # optional, default is false
-Dsonar.coverage.exclusions=**/tests/**
-Dsonar.python.coverage.reportPaths=coverage.xml
7 changes: 1 addition & 6 deletions pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,7 @@ authors = ["Mourits de Beer <[email protected]>"]
package-mode = false

[tool.coverage.run]
omit = [
"app/tests/*",
"endorser/tests/*",
"trustregistry/tests/*",
"waypoint/tests/*",
]
omit = ["*/tests/*"]

[tool.isort]
profile = "black"
Expand Down

0 comments on commit d452218

Please sign in to comment.