From 6b232205fc102a39bf9b6106f838c8de347e8527 Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 09:43:45 +0300 Subject: [PATCH 01/10] feat: add SonarCloud integration --- .github/workflows/run-tests.yml | 66 ++++++++++++++++++++++++++++++--- web-app/build.gradle | 9 +++++ 2 files changed, 70 insertions(+), 5 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 71ed757..bdd885a 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -1,5 +1,21 @@ name: MISP2 tests -on: [pull_request] +push: + branches: + - develop + paths: + - 'web-app/**' + - '.github/**' + - 'orbeon-war/**' + - 'packages/**' + - 'utils/**' +pull_request: + types: [opened, synchronize, reopened] + paths: + - 'web-app/**' + - '.github/**' + - 'orbeon-war/**' + - 'packages/**' + - 'utils/**' jobs: run-test: runs-on: ubuntu-22.04 @@ -14,13 +30,53 @@ jobs: distribution: 'temurin' - name: Set up Gradle uses: gradle/gradle-build-action@v2 + with: + cache-read-only: ${{ github.ref != 'refs/heads/develop' }} + gradle-home-cache-cleanup: true - name: Run test run: ./gradlew test - - name: Store upload test artifacts + - name: Test report + env: + NODE_OPTIONS: '--max-old-space-size=6144' + uses: dorny/test-reporter@v1 + if: success() || failure() + with: + name: Unit and integration tests + path: web-app/build/test-results/**/TEST-*.xml + reporter: java-junit + list-suites: 'failed' + list-tests: 'failed' + - name: Store test screenshots uses: actions/upload-artifact@v3 if: failure() with: name: Test results - path: | - /home/runner/work/misp2/misp2/web-app/build/reports/tests/test/index.html - /home/runner/work/misp2/misp2/web-app/build/it-screenshots/ + path: /home/runner/work/misp2/misp2/web-app/build/it-screenshots/ + sonar-analysis: + name: Analyse source + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: '8' + distribution: 'temurin' + - name: Cache SonarCloud packages + uses: actions/cache@v3 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Set up Gradle + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: ${{ github.ref != 'refs/heads/develop' }} + gradle-home-cache-cleanup: true + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: ./gradlew build sonar --info diff --git a/web-app/build.gradle b/web-app/build.gradle index a98399e..4d2efc2 100644 --- a/web-app/build.gradle +++ b/web-app/build.gradle @@ -1,12 +1,21 @@ plugins { id 'java' id 'war' + id "org.sonarqube" version "4.2.1.3168" } repositories { mavenCentral() } +sonar { + properties { + property "sonar.projectKey", "nordic-institute_misp2-test" + property "sonar.organization", "nordic-institute" + property "sonar.host.url", "https://sonarcloud.io" + } +} + dependencies { implementation 'jakarta.xml.ws:jakarta.xml.ws-api:2.3.3' implementation 'dom4j:dom4j:1.6.1' From a39f5e36dfe641dedd06ea8b42cc9c53009bb29c Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 09:45:47 +0300 Subject: [PATCH 02/10] chore: add missing 'on:' block --- .github/workflows/run-tests.yml | 35 +++++++++++++++++---------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index bdd885a..b9f9179 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -1,21 +1,22 @@ name: MISP2 tests -push: - branches: - - develop - paths: - - 'web-app/**' - - '.github/**' - - 'orbeon-war/**' - - 'packages/**' - - 'utils/**' -pull_request: - types: [opened, synchronize, reopened] - paths: - - 'web-app/**' - - '.github/**' - - 'orbeon-war/**' - - 'packages/**' - - 'utils/**' +on: + push: + branches: + - develop + paths: + - 'web-app/**' + - '.github/**' + - 'orbeon-war/**' + - 'packages/**' + - 'utils/**' + pull_request: + types: [opened, synchronize, reopened] + paths: + - 'web-app/**' + - '.github/**' + - 'orbeon-war/**' + - 'packages/**' + - 'utils/**' jobs: run-test: runs-on: ubuntu-22.04 From e9e0e0415482c413d917a91ea587ff3738df7690 Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 09:47:55 +0300 Subject: [PATCH 03/10] chore: add submodule checkout --- .github/workflows/run-tests.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index b9f9179..6595935 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -60,6 +60,7 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + submodules: 'true' - name: Set up JDK 8 uses: actions/setup-java@v3 with: @@ -80,4 +81,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: ./gradlew build sonar --info + run: ./gradlew build web-app:sonar --info From f9beccdab102b93fc0962d1ba080f7eb6f9f63af Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 09:58:36 +0300 Subject: [PATCH 04/10] chore: migrate to Sonar CLI since JAVA 8 is no longer supported by the Gradle plugin --- .github/workflows/run-tests.yml | 20 ++------------------ sonar-project.properties | 4 ++++ web-app/build.gradle | 9 --------- 3 files changed, 6 insertions(+), 27 deletions(-) create mode 100644 sonar-project.properties diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 6595935..7027ac6 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -61,24 +61,8 @@ jobs: with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis submodules: 'true' - - name: Set up JDK 8 - uses: actions/setup-java@v3 - with: - java-version: '8' - distribution: 'temurin' - - name: Cache SonarCloud packages - uses: actions/cache@v3 - with: - path: ~/.sonar/cache - key: ${{ runner.os }}-sonar - restore-keys: ${{ runner.os }}-sonar - - name: Set up Gradle - uses: gradle/gradle-build-action@v2 - with: - cache-read-only: ${{ github.ref != 'refs/heads/develop' }} - gradle-home-cache-cleanup: true - - name: Build and analyze + - name: Sonar analysis + uses: SonarSource/sonarcloud-github-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: ./gradlew build web-app:sonar --info diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..6c87ef1 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,4 @@ +sonar.projectKey=nordic-institute_misp2-test +sonar.organization=nordic-institute + +sonar.sources=web-app/src diff --git a/web-app/build.gradle b/web-app/build.gradle index 4d2efc2..a98399e 100644 --- a/web-app/build.gradle +++ b/web-app/build.gradle @@ -1,21 +1,12 @@ plugins { id 'java' id 'war' - id "org.sonarqube" version "4.2.1.3168" } repositories { mavenCentral() } -sonar { - properties { - property "sonar.projectKey", "nordic-institute_misp2-test" - property "sonar.organization", "nordic-institute" - property "sonar.host.url", "https://sonarcloud.io" - } -} - dependencies { implementation 'jakarta.xml.ws:jakarta.xml.ws-api:2.3.3' implementation 'dom4j:dom4j:1.6.1' From 46e21a3988e0e00fdf9ff305122f50d238d1f264 Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 10:03:53 +0300 Subject: [PATCH 05/10] chore: work around CLI limit --- .github/workflows/run-tests.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 7027ac6..3d84b34 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -60,7 +60,10 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - submodules: 'true' + # Bit of a hacky solution so that the CLI would run (exits with code 1 if build.gradle is found) + - name: Remove build.gradle so that we can use the CLI + run: rm web-app/build.gradle + # Running CLI because JAVA 8 is not supported by the plugin anymore - name: Sonar analysis uses: SonarSource/sonarcloud-github-action@master env: From 61d60972cbd53cb51a0431c0a0a1b69f336c2c7c Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 10:06:43 +0300 Subject: [PATCH 06/10] chore: improve build.gradle removal --- .github/workflows/run-tests.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3d84b34..e65730d 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -62,7 +62,9 @@ jobs: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis # Bit of a hacky solution so that the CLI would run (exits with code 1 if build.gradle is found) - name: Remove build.gradle so that we can use the CLI - run: rm web-app/build.gradle + run: | + rm -f build.gradle + rm -f web-app/build.gradle # Running CLI because JAVA 8 is not supported by the plugin anymore - name: Sonar analysis uses: SonarSource/sonarcloud-github-action@master From 46fb7511aa9bebe31984752c35af8226f74d857f Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 11:49:29 +0300 Subject: [PATCH 07/10] chore: rerun CI --- .github/workflows/run-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index e65730d..4fcd231 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -59,7 +59,7 @@ jobs: steps: - uses: actions/checkout@v3 with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + fetch-depth: 0 # Bit of a hacky solution so that the CLI would run (exits with code 1 if build.gradle is found) - name: Remove build.gradle so that we can use the CLI run: | From a9c6a2c7e4c576ffd762a0ed4056ffa345a2bead Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 11:53:01 +0300 Subject: [PATCH 08/10] chore: add binaries directory to sonar-project.properties --- .github/workflows/run-tests.yml | 14 +++++++++++++- sonar-project.properties | 1 + 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 4fcd231..9c0995e 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -59,8 +59,20 @@ jobs: steps: - uses: actions/checkout@v3 with: - fetch-depth: 0 + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis # Bit of a hacky solution so that the CLI would run (exits with code 1 if build.gradle is found) + - name: Set up JDK 8 + uses: actions/setup-java@v3 + with: + java-version: '8' + distribution: 'temurin' + - name: Set up Gradle + uses: gradle/gradle-build-action@v2 + with: + cache-read-only: ${{ github.ref != 'refs/heads/develop' }} + gradle-home-cache-cleanup: true + - name: Run build + run: ./gradlew build - name: Remove build.gradle so that we can use the CLI run: | rm -f build.gradle diff --git a/sonar-project.properties b/sonar-project.properties index 6c87ef1..1776055 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -2,3 +2,4 @@ sonar.projectKey=nordic-institute_misp2-test sonar.organization=nordic-institute sonar.sources=web-app/src +sonar.binaries=web-app/build From 41233db400806837fa8f9f967129ffb4d6b94cf9 Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 11:57:11 +0300 Subject: [PATCH 09/10] chore: fix build issues for sonar --- .github/workflows/run-tests.yml | 1 + sonar-project.properties | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 9c0995e..723194e 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -60,6 +60,7 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + submodules: 'true' # Bit of a hacky solution so that the CLI would run (exits with code 1 if build.gradle is found) - name: Set up JDK 8 uses: actions/setup-java@v3 diff --git a/sonar-project.properties b/sonar-project.properties index 1776055..e05a4c4 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -2,4 +2,4 @@ sonar.projectKey=nordic-institute_misp2-test sonar.organization=nordic-institute sonar.sources=web-app/src -sonar.binaries=web-app/build +sonar.java.binaries=web-app/build From a5c66da5623753421dcf8d2af479ed2a4c6f7beb Mon Sep 17 00:00:00 2001 From: Raido Kaju Date: Mon, 28 Aug 2023 12:08:41 +0300 Subject: [PATCH 10/10] chore: don't test when running sonar build --- .github/workflows/run-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 723194e..1ac4db1 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -73,7 +73,7 @@ jobs: cache-read-only: ${{ github.ref != 'refs/heads/develop' }} gradle-home-cache-cleanup: true - name: Run build - run: ./gradlew build + run: ./gradlew build -x test - name: Remove build.gradle so that we can use the CLI run: | rm -f build.gradle