This action is intended to share a common set of steps we use to validate the quality of a project on SonarQube.
- Checkout the code
- Start Sonar
- Run the tests
- Stop Sonar and publish it's results
- Publish test results
The name of the GitHub repo name.
The Sonar tool version we install for this run. Default is 5.8.0 but this param will allow one to override if needed.
Tests can be ran with dependencies if needed. Dependencies can be defined in a docker compose file. And this switch can turn on the behavior to ensure the dependencies are started. This is off by default.
This parameter tells the action where to find the Docker compose file that defines the dependencies needed. Default is 'docker-compose/test-dependencies-compose.yml'
The secret Sonar token for authenticating with Sonar.
This parameter helps docker containers access local files in the repo.
The path to .NET tests by default is 'test/'
Arguments set on 'dotnet test' command arguments
Full 'local.runsettings' file path, use NONE when file not required
This parameter controls whether to upload Sonar results as an artifact. default is '--filter TestCategory!="Smoke"'
Quality Gate will turn red and fail. Set to 'true' by default.
When value is 'sonar' it will ignore the Sonar Quality Gate
Pipe delimited vulnerabilities to look for on build.log output
project-validation:
name: "Sonar Validate Project Quality"
runs-on: psidev-linux
steps:
- uses: patriotsoftware/project-validation-action@v1.1
with:
sonar-token: ${{ secrets.SONAR_TOKEN }}
github-repo-name: ${{ github.event.repository.name }}