dtos-service-layer/.github/actions/perform-static-analysis/action.yaml at 08e1d21bf018f3f3c15fe032c6080a8882a3a5b6 · NHSDigital/dtos-service-layer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: "Perform static analysis"
description: "Perform static analysis"
inputs:
  sonar_organisation_key:
    description: "Sonar organisation key, used to identify the project"
    required: true
  sonar_project_key:
    description: "Sonar project key, used to identify the project"
    required: true
  sonar_token:
    description: "Sonar token, the API key"
    required: true
runs:
  using: "composite"
  steps:
    - name: Set up JDK 17
      uses: actions/setup-java@v4
      with:
        java-version: 17
        distribution: "zulu" # Alternative distribution options are available.
    - uses: actions/checkout@v4
      with:
        fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
    - name: Install .NET SDK 9 (or your required version)
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: 9.0.x # C
    - name: Cache SonarQube Cloud packages
      uses: actions/cache@v4
      with:
        path: ~\sonar\cache
        key: ${{ runner.os }}-sonar
        restore-keys: ${{ runner.os }}-sonar
    - name: Cache SonarQube Cloud scanner
      id: cache-sonar-scanner
      uses: actions/cache@v4
      with:
        path: .\.sonar\scanner
        key: ${{ runner.os }}-sonar-scanner
        restore-keys: ${{ runner.os }}-sonar-scanner
    - name: Install SonarQube Cloud scanner
      if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
      shell: bash # Change from powershell to bash
      run: |
        mkdir -p .sonar/scanner
        dotnet tool install dotnet-sonarscanner --tool-path ./.sonar/scanner
        dotnet tool install dotnet-coverage --tool-path ./.sonar/scanner
    - name: Build and analyze
      shell: bash
      run: |
        echo "${{ inputs.sonar_project_key }}"
        echo "${{ inputs.sonar_organisation_key }}"
        echo "${{ inputs.sonar_token }}"
        ./.sonar/scanner/dotnet-sonarscanner begin /k:"${{ inputs.sonar_project_key }}" /o:"${{ inputs.sonar_organisation_key }}" /d:sonar.token="${{ inputs.sonar_token }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.vscoveragexml.reportsPaths="coverage.xml" /d:sonar.typescript.lcov.reportsPaths="src/web/coverage/lcov.info" /d:sonar.lang.patterns.ts=**/*.ts,**/*.tsx,**/*.cts,**/*.mts /d:sonar.lang.patterns.js=**/*.js,**/*.jsx,**/*.cjs,**/*.mjs,**/*.vue /d:sonar.javascript.enabled=false
        dotnet build src/ServiceLayer.sln
        ./.sonar/scanner/dotnet-coverage collect -f xml -o coverage.xml dotnet test src/ServiceLayer.sln
        ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.token="${{ inputs.sonar_token }}"