From d38b26b5f4d49abb4986b51236b03e1c936c1634 Mon Sep 17 00:00:00 2001 From: Taylor Halfyard Date: Wed, 7 Feb 2024 16:09:36 +0000 Subject: [PATCH 1/3] feat(cb2-10767): added in the sonar job to the repo --- .github/workflows/pr-plan.yaml | 40 ++++++++++++++++++++++++++++++++++ package-lock.json | 15 +++++++++++-- package.json | 1 + 3 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/pr-plan.yaml diff --git a/.github/workflows/pr-plan.yaml b/.github/workflows/pr-plan.yaml new file mode 100644 index 0000000..58bfb6a --- /dev/null +++ b/.github/workflows/pr-plan.yaml @@ -0,0 +1,40 @@ +name: PR-checks + +on: + push: + branches: ['develop'] + pull_request: + branches: ['develop'] + +jobs: + scanner: + permissions: + id-token: write + contents: write + pull-requests: write + runs-on: X64 + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v4 + with: + node-version-file: '.nvmrc' + - uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CVS_MGMT_AWS_ROLE }} + aws-region: ${{ secrets.DVSA_AWS_REGION }} + role-session-name: 'cvs-svc-technical-records-v3' + - uses: aws-actions/aws-secretsmanager-get-secrets@v1 + with: + secret-ids: sonarqube-gha + parse-json-secrets: true + - name: Install dependencies + run: npm ci + - name: Run SonarQube scanner + run: | + npm run test && \ + npm run sonar-scanner -- \ + -Dsonar.host.url=${{ env.SONARQUBE_GHA_URL }} \ + -Dsonar.token=${{ env.SONARQUBE_GHA_TOKEN }} \ + -Dsonar.login=${{ env.SONARQUBE_GHA_TOKEN }} \ + -Dsonar.projectName=${{ github.repository }} \ + -Dsonar.projectVersion=1.0.${{ github.run_id }} diff --git a/package-lock.json b/package-lock.json index 872f493..8aef6d4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -50,6 +50,7 @@ "serverless-dotenv-plugin": "3.1.0", "serverless-offline": "8.8.1", "serverless-webpack": "5.10.0", + "sonar-scanner": "3.1.0", "supertest": "6.3.3", "ts-jest": "26.4.4", "ts-loader": "8.0.14", @@ -59,8 +60,8 @@ "webpack-node-externals": "2.5.2" }, "engines": { - "node": "14.*", - "npm": "6.*" + "node": "18.*", + "npm": "9.*" } }, "node_modules/@aws-sdk/types": { @@ -13729,6 +13730,16 @@ "node": ">=0.10.0" } }, + "node_modules/sonar-scanner": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/sonar-scanner/-/sonar-scanner-3.1.0.tgz", + "integrity": "sha512-KD7W3wHCKJKAakhn8ckxNYTxkdb1cnJa3ot0NVvO8CCeJjb0yvF0fW2yGdI09zMHsqxCRsl4dLtyCL2SUv47WA==", + "dev": true, + "hasInstallScript": true, + "bin": { + "sonar-scanner": "index.js" + } + }, "node_modules/sort-keys": { "version": "1.1.2", "dev": true, diff --git a/package.json b/package.json index 00ac2dc..416a6a4 100644 --- a/package.json +++ b/package.json @@ -88,6 +88,7 @@ "serverless-dotenv-plugin": "3.1.0", "serverless-offline": "8.8.1", "serverless-webpack": "5.10.0", + "sonar-scanner": "3.1.0", "supertest": "6.3.3", "ts-jest": "26.4.4", "ts-loader": "8.0.14", From 612a4ac954a7c33c51a4adb9a1ff96697d74a0b2 Mon Sep 17 00:00:00 2001 From: Taylor Halfyard Date: Wed, 7 Feb 2024 16:18:00 +0000 Subject: [PATCH 2/3] feat(cb2-10767): added in feature to test --- .github/workflows/pr-plan.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-plan.yaml b/.github/workflows/pr-plan.yaml index 58bfb6a..802c24f 100644 --- a/.github/workflows/pr-plan.yaml +++ b/.github/workflows/pr-plan.yaml @@ -2,9 +2,9 @@ name: PR-checks on: push: - branches: ['develop'] + branches: ['develop','feature/CB2-10767'] pull_request: - branches: ['develop'] + branches: ['develop','feature/CB2-10767'] jobs: scanner: From da1177f9f3e59b515fedfa2e060f30c5dca80cd8 Mon Sep 17 00:00:00 2001 From: Taylor Halfyard Date: Wed, 7 Feb 2024 16:31:38 +0000 Subject: [PATCH 3/3] feat(cb2-10767): removed my feature from the job --- .github/workflows/pr-plan.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-plan.yaml b/.github/workflows/pr-plan.yaml index 802c24f..58bfb6a 100644 --- a/.github/workflows/pr-plan.yaml +++ b/.github/workflows/pr-plan.yaml @@ -2,9 +2,9 @@ name: PR-checks on: push: - branches: ['develop','feature/CB2-10767'] + branches: ['develop'] pull_request: - branches: ['develop','feature/CB2-10767'] + branches: ['develop'] jobs: scanner: