From: Tobias Brunner Date: Mon, 4 Aug 2025 14:28:42 +0000 (+0200) Subject: github: Use provided actions for SonarQube installation and scan X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2560146204f81da1a3f2c6dd2aa38f681ac05758;p=thirdparty%2Fstrongswan.git github: Use provided actions for SonarQube installation and scan Also switch to the cloud cache (which doesn't seem to work either way anyway). --- diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index d474870556..18a3139b90 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -33,7 +33,6 @@ jobs: with: path: | ~/.cache/ccache - ~/.sonar-cache key: ccache-sonarcloud-${{ github.sha }} restore-keys: | ccache-sonarcloud- @@ -41,24 +40,17 @@ jobs: sudo apt-get install -qq ccache echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV ccache -z - # using SonarSource/sonarcloud-github-action is currently not recommended - # for C builds, so we follow the "any CI" instructions - - name: Install sonar-scanner + - uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v4 + - run: | + echo "BUILD_WRAPPER_OUT_DIR=$HOME/bw-output" >> $GITHUB_ENV + - uses: ./.github/actions/default + - uses: SonarSource/sonarqube-scan-action@v4 env: - SONAR_SCANNER_VERSION: 5.0.1.3006 - run: | - export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux - curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip - unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/ - echo "SONAR_SCANNER_OPTS=-server" >> $GITHUB_ENV - curl --create-dirs -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip - unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/ - echo "PATH=$HOME/.sonar/build-wrapper-linux-x86:$SONAR_SCANNER_HOME/bin:$PATH" >> $GITHUB_ENV - - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - BUILD_NUMBER: ${{ github.run_id }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_PROJECT: ${{ secrets.SONAR_PROJECT }} - SONAR_ORGANIZATION: ${{ secrets.SONAR_ORGANIZATION }} - uses: ./.github/actions/default + with: + args: > + -Dsonar.projectKey=${{ secrets.SONAR_PROJECT }} + -Dsonar.organization=${{ secrets.SONAR_ORGANIZATION }} + -Dsonar.cfamily.threads=2 + -Dsonar.cfamily.compile-commands=${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json - run: ccache -s diff --git a/scripts/test.sh b/scripts/test.sh index de665ed8fa..056962dd4e 100755 --- a/scripts/test.sh +++ b/scripts/test.sh @@ -273,13 +273,6 @@ printf-builtin) fi ;; all|alpine|codeql|coverage|sonarcloud|no-dbg|no-testable-ke) - if [ "$TEST" = "sonarcloud" ]; then - if [ -z "$SONAR_PROJECT" -o -z "$SONAR_ORGANIZATION" -o -z "$SONAR_TOKEN" ]; then - echo "The SONAR_PROJECT, SONAR_ORGANIZATION and SONAR_TOKEN" \ - "environment variables are required to run this test" - exit 1 - fi - fi if [ "$TEST" = "codeql" ]; then # don't run tests, only analyze built code TARGET= @@ -552,7 +545,7 @@ case "$TEST" in sonarcloud) # without target, coverage is currently not supported anyway because # sonarqube only supports gcov, not lcov - build-wrapper-linux-x86-64 --out-dir bw-output make -j$(nproc) || exit $? + build-wrapper-linux-x86-64 --out-dir $BUILD_WRAPPER_OUT_DIR make -j$(nproc) || exit $? ;; *) make -j$(nproc) $TARGET || exit $? @@ -567,20 +560,6 @@ apidoc) fi rm make.warnings ;; -sonarcloud) - sonar-scanner \ - -Dsonar.host.url=https://sonarcloud.io \ - -Dsonar.projectKey=${SONAR_PROJECT} \ - -Dsonar.organization=${SONAR_ORGANIZATION} \ - -Dsonar.token=${SONAR_TOKEN} \ - -Dsonar.projectVersion=$(git describe --exclude 'android-*')+${BUILD_NUMBER} \ - -Dsonar.sources=. \ - -Dsonar.cfamily.threads=2 \ - -Dsonar.cfamily.analysisCache.mode=fs \ - -Dsonar.cfamily.analysisCache.path=$HOME/.sonar-cache \ - -Dsonar.cfamily.build-wrapper-output=bw-output || exit $? - rm -r bw-output .scannerwork - ;; android) rm -r strongswan-* cd $SRC_DIR/src/frontends/android diff --git a/sonar-project.properties b/sonar-project.properties index 8f4f0846e8..8b623adee8 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,3 +1,5 @@ +sonar.sources=. + # exclude these files completely sonar.exclusions=\ src/manager/templates/static/jquery.js, \