This is the workflow file that was created through the github actions for integration with the sonarqube
name: SonarQube Qualitygate check
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- development
pull_request:
types: [opened, synchronize, reopened]
jobs:
sonarqube:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
with:
# Disabling shallow clone is recommended for improving relevancy of reporting.
fetch-depth: 0
# Triggering SonarQube analysis as results of it are required by Quality Gate check.
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action#master
with:
projectBaseDir: .
env:
SONAR_TOKEN: ${{ secrets.TM_SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.TM_SONAR_HOST_URL }}
# Check the Quality Gate status.
- name: SonarQube Quality Gate check
id: sonarqube-quality-gate-check
uses: SonarSource/sonarqube-quality-gate-action#master
# Force to fail step after specific time.
timeout-minutes: 5
env:
SONAR_LOGIN: ${{ secrets.TM_SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.TM_SONAR_HOST_URL }}
Over the sonarqube scan the error is coming & couldn't resolve this issue . needed some support please .. Done adding project in sonarqube website ..
This is the output i got after running enter image description here enter image description here
Related
I'm trying to auto-assign issues and PRs in Github from a Github Actions workflow. The respective steps work fine when an issue / a PR is opened. So this trigger is fine.
Recently I added Dependabot to my repo. Since Dependabot cannot access my secrets I cannot assign any issue in a Dependabot-triggeres pipeline. So I just thought I run this pipeline with a scheduler one per day to "clean up" every issue and PR which is unassigned. But this schedule config does not trigger the pipeline. It simply does nothing, not even show as a pipeline run which does nothing (with all jobs skipped). Seems like the trigger is completely ignored.
This is my workflow file.
---
name: "Organize: Assign Issues + Pull Requests"
on:
issues:
types:
- opened
pull_request:
types:
- opened
schedule:
- cron: '0 9 * * *' # https://crontab.guru/#0_11_*_*_*
permissions:
contents: read
issues: write
pull-requests: write
jobs:
add-to-project:
name: Add to project
runs-on: ubuntu-latest
steps:
- name: Add to project (issues and PRs)
uses: actions/add-to-project#main
with:
project-url: https://github.com/users/sebastian-sommerfeld-io/projects/1
github-token: ${{ secrets.GH_TOKEN_REPO_AND_PROJECT }}
assign-to-user:
name: Assign to user
runs-on: ubuntu-latest
steps:
- name: Assign issue to user when moved into column
uses: pozil/auto-assign-issue#v1
# https://github.com/marketplace/actions/auto-assign-issue
with:
assignees: ${{ github.actor }}
numOfAssignee: 1
allowSelfAssign: true
abortIfPreviousAssignees: true
new-pull-request-chat-message:
runs-on: ubuntu-latest
needs: ['add-to-project', 'assign-to-user']
if: github.event_name == 'pull_request'
steps:
- name: Send message to Google Chat
uses: Co-qn/google-chat-notification#releases/v1
with:
name: New Pull Request "${{ github.event.pull_request.title }}" (raised by ${{ github.actor }})
url: ${{ secrets.GOOGLE_CHAT_WEBHOOK }}
status: ${{ job.status }}
on-failure:
runs-on: ubuntu-latest
needs: ['add-to-project', 'assign-to-user', 'new-pull-request-chat-message']
if: failure()
steps:
- name: Send Pipeline Status to Google Chat
if: always()
uses: Co-qn/google-chat-notification#releases/v1
with:
name: ${{ github.workflow }}
url: ${{ secrets.GOOGLE_CHAT_WEBHOOK }}
status: failure
What bugs me is that the scheduler setting is copied from another workflow where it works just fine. So I cannot think of a reason why this pipeline is not triggered at 09:00 in the morning.
Found a way :-)
I use the Github CLI to get all PRs with a certain label and assign a user. This is a new dedicated pipeline.
---
name: "Organize: Dependabot Pull Requests"
on:
schedule:
- cron: '30 * * * *' # https://crontab.guru
permissions:
contents: read
issues: write
pull-requests: write
jobs:
assign-user:
name: Aassign PRs with label 'dependencies'
runs-on: ubuntu-latest
steps:
- name: Get PR and assign user (filtered by github cli)
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_REPO_AND_PROJECT }}
label: dependencies
assignee: sebastian-sommerfeld-io
run: |
OUTPUT=""
pr_ids="$(gh pr list --repo "$GITHUB_REPOSITORY" --label "$label" --json number --jq '.[].number')"
for id in $pr_ids; do
gh pr edit "$id" --repo "$GITHUB_REPOSITORY" --add-assignee "$assignee"
done
Then I updated the triggers of my original pipeline to
on:
issues:
types:
- opened
pull_request:
types:
- opened
- assigned
Currently I am trying to have 1 job scanning SonarQube and 1 job checking for the quality gate in github actions. In order to get the report from gradle of the quality check in the second job, I have to cache it (or atleast with the limited knowledge I have). But I don't want when I rerun the workflow on the same PR or on different PRs use the same cache, since the report is only valid for a current workflow and not futher ones (those need to always create a new report and give the new report to the second job).
Here is my workflow:
name: SonarQube
on:
push:
branches:
- master # or the name of your main branch
pull_request:
types: [opened, synchronize, reopened]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 11
uses: actions/setup-java#v3
with:
java-version: 11
distribution: corretto
cache: gradle
- name: Build and analyze
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
run: ./gradlew --info sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN
- name: Cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: report-task
qualityCheck:
needs: scan
runs-on: ubuntu-latest
steps:
- name: Get cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: report-task
- name: Quality Gate check
id: sonarqube-quality-gate-check
uses: sonarsource/sonarqube-quality-gate-action#master
# Force to fail step after specific time.
timeout-minutes: 5
with:
scanMetadataReportFile: build/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
What needs to be changed to achieve this?
I have currently done this:
- name: Cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: commit-${{ github.sha }}-workflow-${{ github.run_id }}-${{ github.run_number }}-report-task-${{ hashFiles('build/sonar/**') }}
This doesn't solve the problem that it keeps the cache after the workflow ends, but it now won't use the report of previous workflows.
I've been trying to follow the example provided by SonarCloud to set it up, but it doesn't work.
name: SonarCloud
on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: Build and analyze
runs-on: macos-latest
env:
BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Install sonar-scanner and build-wrapper
uses: SonarSource/sonarcloud-github-c-cpp#v1
- name: Run build-wrapper
run: |
build-wrapper-macosx-x86 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }}<insert_your_clean_build_command>
- name: Run sonar-scanner
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}"
It always goes wrong in the Run build-wrapper-macosx-x86 production process.
Is there enough solution or sample code to guide me?
I need an additional field with information on who is the author of the trigger re-run button in GitHub actions.Any help + bless you 🙏
Below is an example.
name: CI
#Only for master
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
check_run:
types: [rerequested]
#Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
notify:
runs-on: ubuntu-latest
steps:
# Ms Teams Deploy Cards step linked to repository in a dedicated created Ms teams channel
- name: teams notification
uses: patrickpaulin/ms-teams-deploy-card#master
if: always()
with:
github-token: ${{ github.token }}
webhook-uri: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
and this part of the code
check_run:
types: [requested]
This step is to identify re-run action but in this example just duplicate MS Deployment Card and provide all information with was when the author did push or pull request.
P.S
Friendly advice: Don't use toko-bifrost repo because do not work
correct, explaining in the link below.
https://github.com/toko-bifrost/ms-teams-deploy-card/issues/44
SOLVED
- name: teams notification
uses: patrickpaulin/ms-teams-deploy-card#master
if: always()
with:
github-token: ${{ github.token }}
webhook-uri: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
custom-facts: |
- name: GiitHub Action
value: ${{ github.actor }}
I have a yml file with 5 jobs as below
build - working
unit tests - working
regression tests - working
create pull request - working
merge pull request - not working
The first 3 jobs work on my development branch so my file begins with
name: Spicethedeploy
on:
push:
branches:
- development
jobs:
Job 4 I specify this
source_branch: "development"
destination_branch: "master"
But when job 5 runs it looks for a pull request for development not master and does not complete. The code for this job is:
automerge:
needs: pull-request
runs-on: ubuntu-latest
steps:
- name: automerge
uses: pascalgn/automerge-action#v0.13.1
env:
GITHUB_TOKEN: ${{ secrets.ghp_xxxxxxxxxxxxxxxxxxxx }}
Can someone tell me how to make this job look to the master branch?
I have created a second yml file called automerge.yml, contents below
name: automerge
on:
pull_request:
branches:
- master
jobs:
automerge:
runs-on: ubuntu-latest
steps:
- name: automerge
uses: pascalgn/automerge-action#v0.13.1
env:
GITHUB_TOKEN: ${{ secrets.ghp_xxxxxxxxxxxxxxxxxxxxxxxx }}
MERGE_LABELS: "automerge"
The pull request has also been removed from the first yml file which now stops after creating the pull request. The new yml file then kicks in and tries to merge but skips with this message
Run pascalgn/automerge-action#v0.13.1
2021-04-04T18:36:14.889Z INFO Event name: pull_request
2021-04-04T18:36:15.102Z INFO Skipping PR update, required label missing: automerge
2021-04-04T18:36:15.102Z INFO Skipping PR merge, required label missing: automerge
The documentation on MERGE_LABELS: here says -
When an empty string ("") is given, all pull requests will be merged.
Following that, this worked for me
- id: automerge
name: automerge
uses: "pascalgn/automerge-action#v0.15.3"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
MERGE_LABELS: ""
Thanks to GuiFalourd for the tips which pointed me in the right direction on this. Following his advice led me to this solution which works well
merge:
needs: pull-request
name: merge
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout#v2
- name: merge
uses: mtanzi/action-automerge#v1
id: merge
with:
github_token: ${{ secrets.ghp_xxxxxxxxxxxxxxxxxxxxxxxxx }}
source: 'development'
target: 'master'