From 55cb6ef4acd73b1d5f159883b4c4d2fb50686660 Mon Sep 17 00:00:00 2001 From: Adam Korynta Date: Thu, 13 Jun 2024 12:07:17 -0700 Subject: [PATCH 1/3] add in sonar task for hooking into SonarCloud --- .github/workflows/build.yml | 12 ++++++- build.gradle | 43 +++++++++++++++++++++++ cwms-radar-model/src/test/java/.gitignore | 1 + 3 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 cwms-radar-model/src/test/java/.gitignore diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0752b688..b9bd86ef 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,5 @@ name: Build cwms-data-api-client on: - push: pull_request: branches: - main @@ -18,6 +17,12 @@ jobs: java-version: '21' java-package: jdk distribution: 'temurin' + - name: Cache SonarCloud packages + uses: actions/cache@v4.0.0 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar - name: build and test id: thebuild run: ./gradlew build --info --init-script init.gradle @@ -26,6 +31,11 @@ jobs: with: dotnet-version: 6.x dotnet-quality: 'ga' + - name: Analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: ./gradlew sonar - name: ReportGenerator uses: danielpalme/ReportGenerator-GitHub-Action@5.3.6 with: diff --git a/build.gradle b/build.gradle index 17f7b11c..32e5579a 100644 --- a/build.gradle +++ b/build.gradle @@ -1,5 +1,30 @@ +/* + * MIT License + * + * Copyright (c) 2024 Hydrologic Engineering Center + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + plugins { id "com.palantir.git-version" version "3.1.0" + id("org.sonarqube") version "5.0.0.4638" } def versionLabel(gitInfo) { @@ -43,4 +68,22 @@ subprojects { html.outputLocation = layout.buildDirectory.dir('jacoco') } } + sonarqube { + properties { + property "sonar.sources", "src/main/java" + property "sonar.tests", "src/test/java" + property 'sonar.coverage.jacoco.xmlReportPaths', "${buildDir}/reports/jacoco/test/jacocoTestReport.xml" + } + } +} + +sonar { + properties { + property "sonar.projectKey", "HydrologicEngineeringCenter_cwms-data-api-client" + property "sonar.organization", "hydrologicengineeringcenter" + property "sonar.host.url", "https://sonarcloud.io" + property "sonar.pullrequest.provider", "GitHub" + property "sonar.pullrequest.github.repository", "HydrologicEngineeringCenter/cwms-data-api-client" + property "sonar.projectVersion", versionDetails().lastTag + "+" + } } \ No newline at end of file diff --git a/cwms-radar-model/src/test/java/.gitignore b/cwms-radar-model/src/test/java/.gitignore new file mode 100644 index 00000000..bc9aba79 --- /dev/null +++ b/cwms-radar-model/src/test/java/.gitignore @@ -0,0 +1 @@ +#empty so that SonarCloud can pick up this directory \ No newline at end of file From 60415c8d57e079d9d0426652b3490a03501f5404 Mon Sep 17 00:00:00 2001 From: Adam Korynta Date: Tue, 18 Jun 2024 09:03:52 -0700 Subject: [PATCH 2/3] Update Gradle action from gradle-build-action to setup-gradle The Gradle action used in the GitHub workflow has been updated from gradle/gradle-build-action to gradle/setup-gradle. This change corresponds to a newer and more stable version of the Gradle setup. --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 757481af..4989d95f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -27,7 +27,7 @@ jobs: java-package: jdk distribution: 'temurin' - name: Setup Gradle - uses: gradle/gradle-build-action@v3.3.2 + uses: gradle/actions/setup-gradle@v3.4.2 with: dependency-graph: generate-and-submit - name: build and test From 9cf7634fbbebb2a4f3e42c7ef2b043452e025d4a Mon Sep 17 00:00:00 2001 From: Adam Korynta Date: Tue, 18 Jun 2024 09:08:57 -0700 Subject: [PATCH 3/3] move codeql to build.yml we no longer need separate actions now that coverage will be consolidated into SonarCloud --- .github/workflows/build.yml | 61 +++++++++++++++--------------------- .github/workflows/codeql.yml | 37 ---------------------- 2 files changed, 26 insertions(+), 72 deletions(-) delete mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b9bd86ef..792186cb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,22 +1,38 @@ -name: Build cwms-data-api-client +name: "Build and Static Code Analysis" on: + push: + branches: [ main ] pull_request: - branches: - - main + branches: [ main ] + schedule: + - cron: '0 0 * * 0' + jobs: - build: - name: build and test + analyze: + name: Analyze runs-on: ubuntu-latest steps: - - name: checkout code + - name: Checkout repository uses: actions/checkout@v4 + with: + # Disabling shallow clone is needed for Sonar reporting + fetch-depth: 0 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: 'java' - name: setup java uses: actions/setup-java@v4 with: java-version: '21' java-package: jdk distribution: 'temurin' + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v3.4.2 + with: + dependency-graph: generate-and-submit - name: Cache SonarCloud packages uses: actions/cache@v4.0.0 with: @@ -24,37 +40,12 @@ jobs: key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: build and test - id: thebuild + id: build run: ./gradlew build --info --init-script init.gradle - - name: Setup .NET Core # Required to execute ReportGenerator - uses: actions/setup-dotnet@v4 - with: - dotnet-version: 6.x - dotnet-quality: 'ga' - - name: Analyze + - name: CodeQL Analysis + uses: github/codeql-action/analyze@v3 + - name: SonarCloud Analysis env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} run: ./gradlew sonar - - name: ReportGenerator - uses: danielpalme/ReportGenerator-GitHub-Action@5.3.6 - with: - reports: cwms-aaa-client/build/reports/jacoco/test/jacocoTestReport.xml;cwms-http-client/build/reports/jacoco/test/jacocoTestReport.xml;cwms-radar-client/build/reports/jacoco/test/jacocoTestReport.xml - targetdir: .github/coveragereport - reporttypes: Html;MarkdownSummaryGithub;Badges - - name: Upload coverage report artifact - uses: actions/upload-artifact@v4.3.3 - with: - name: CoverageReport # Artifact name - path: .github/coveragereport # Directory containing files to upload - - name: Commit and push Badges - if: github.event_name != 'pull_request' && github.ref != 'refs/heads/main' - run: | - cd .github/coveragereport - if [[ `git status --porcelain badge_*coverage.svg` ]]; then - git config --global user.name 'builduser' - git config --global user.email 'builduser@rmanet.com' - git add badge_*coverage.svg - git commit -m "Autogenerated JaCoCo coverage badge" badge_*coverage.svg - git push - fi \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 4989d95f..00000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: "CodeQL" -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - schedule: - - cron: '0 0 * * 0' - - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: 'java' - - name: setup java - uses: actions/setup-java@v4 - with: - java-version: '17' - java-package: jdk - distribution: 'temurin' - - name: Setup Gradle - uses: gradle/actions/setup-gradle@v3.4.2 - with: - dependency-graph: generate-and-submit - - name: build and test - id: build - run: ./gradlew build --info --init-script init.gradle - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3