SCANNPM-130 Refactor integration tests to use tsx and Node test runner#383
SCANNPM-130 Refactor integration tests to use tsx and Node test runner#383
Conversation
- Migrate integration tests from Jest to Node's native test runner - Use tsx to run TypeScript directly without compilation - Move orchestrator from tools/orchestrator to test/integration/orchestrator - Convert scanner.test.js to scanner.test.ts with ESM imports - Add CLI test alongside existing API test - Add tsconfig.json for both unit and integration tests - Move test/setup.ts to test/unit/setup.ts - Simplify CI workflow by removing orchestrator build step - Add CLAUDE.md with project documentation Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
hashicorp-vault-sonar-prod
bot
changed the title
SonarQube reviewer guideImportant We are currently testing different models for AI Summary. Model A:Summary: Restructure integration test setup and move orchestrator tools into test directory Review Focus: The PR migrates integration tests from Jest to Node's native test runner with ESM support, consolidates orchestrator tools within the test directory, and removes duplication in the CI workflow. Key changes include:
Start review at: Model B:Summary: Restructures the integration test infrastructure by relocating the orchestrator from Review Focus:
Start review at:
|
| - name: Setup integration test | ||
| run: | | ||
| (cd build && npm pack) | ||
| cp build/sonar-scan-SNAPSHOT.tgz test/integration | ||
| (cd test/integration && npm install --no-save sonar-scan-SNAPSHOT.tgz) | ||
| (cd tools/orchestrator && npm run build) | ||
| shell: bash | ||
|
|
| import * as https from 'node:https'; | ||
| import * as fs from 'node:fs'; | ||
| import { execSync } from 'node:child_process'; | ||
| import * as path from 'node:path'; | ||
| import * as mkdirp from 'mkdirp'; | ||
| import * as os from 'os'; | ||
| import * as os from 'node:os'; |
There was a problem hiding this comment.
we don't have this as a rule already? or was it accepted?
| "dependencies": { | ||
| "axios": "1.13.2", | ||
| "mkdirp": "3.0.1", | ||
| "@sonar/scan": "file:../../build/sonar-scan-SNAPSHOT.tgz" |
| return path.join(__dirname.replace(/\\+/g, '/'), '/fixtures/fake_project_for_integration/src'); | ||
| } | ||
|
|
||
| async function assertOneIssueAtLine21(projectKey: string) { |
There was a problem hiding this comment.
thats a bit specific function name
| execSync( | ||
| `npx sonar ` + | ||
| `-Dsonar.host.url=${SONAR_HOST_URL} ` + | ||
| `-Dsonar.token=${token} ` + | ||
| `-Dsonar.projectKey=${projectKey} ` + | ||
| `-Dsonar.projectName=${projectKey} ` + | ||
| `-Dsonar.log.level=DEBUG ` + | ||
| `-Dsonar.sources=${getSourcesPath()}`, | ||
| { stdio: 'inherit' }, | ||
| ); |
There was a problem hiding this comment.
hm... 1 worry I could have here that the developer could have @sonar/scan installed locally and it wouldn't be the one picked up by npx sonar . Can we add a verify so that this actually runs the locally installed package?
|
|
||
| ## Project Overview | ||
|
|
||
| `@sonar/scan` is an NPM module that triggers SonarQube Server and SonarCloud analyses on JavaScript codebases without requiring specific tools or Java runtime installation. The scanner detects server capabilities and either uses JRE provisioning (preferred, SonarQube 10.6+) or falls back to native sonar-scanner-cli. |
There was a problem hiding this comment.
I would remove any mention of versions in the this md file
| - `getLatestSonarQube()` - Download/cache SonarQube | ||
| - `startAndReady(sqPath, maxWaitMs)` - Start and wait until operational | ||
| - `stop(sqPath)` - Stop SonarQube instance | ||
| - `generateToken()` - Generate GLOBAL_ANALYSIS_TOKEN | ||
| - `createProject()` - Create project with random key | ||
| - `waitForAnalysisFinished(maxWaitMs)` - Poll until analysis queue empty | ||
| - `getIssues(projectKey)` - Fetch detected issues |
There was a problem hiding this comment.
is that a bit too much specifics of the implementation?
| "tools/orchestrator": { | ||
| "entry": ["scripts/*"], | ||
| "ignore": ["dist/**/*"] | ||
| "test/integration": { |
There was a problem hiding this comment.
should unit tests be also included here?
There was a problem hiding this comment.
i will once i remove jest
| "build": "npm run license && tsc && tsx scripts/generate-package-json.ts", | ||
| "test": "node_modules/.bin/jest --coverage", | ||
| "test-integration": "cd test/integration && npm test", | ||
| "test-integration": "cd test/integration && npm install && npm test", |
There was a problem hiding this comment.
does this command change where the user is? perhaps it should be in parenthesis?
|
I will handle the comments in the next PR, @zglicz |
2 participants
Summary
node:test)tsxto run TypeScript directly without compilation steptools/orchestrator/totest/integration/orchestrator/scanner.test.jstoscanner.test.tswith ESM importstsconfig.jsonfor both unit and integration teststest/setup.tstotest/unit/setup.tsCLAUDE.mdwith project documentationTest plan
npm test)npm run test-integration)npm run build)🤖 Generated with Claude Code