From 5ae765368fe302afa4b5371b339a4112c09832c8 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sat, 17 Apr 2021 01:26:21 +0200 Subject: [PATCH 1/3] Adding static analysis of the project --- .github/workflows/analysis.yml | 51 ++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 .github/workflows/analysis.yml diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml new file mode 100644 index 00000000..98350f99 --- /dev/null +++ b/.github/workflows/analysis.yml @@ -0,0 +1,51 @@ +name: Analysis +on: + push: + branches: + - master + pull_request: + branches: + - master + +jobs: + build: + name: Static Analysis + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache SonarCloud scanner + id: cache-sonar-scanner + uses: actions/cache@v1 + with: + path: ./.sonar/scanner + key: ${{ runner.os }}-sonar-scanner + restore-keys: ${{ runner.os }}-sonar-scanner + - name: Install SonarCloud scanner + if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' + shell: bash + run: | + mkdir -p ./sonar/scanner + dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + shell: bash + run: | + ./.sonar/scanner/dotnet-sonarscanner begin \ + -k:"AnonymusRaccoon_Kyoo" \ + -o:"anonymus-raccoon" \ + -d:sonar.login="${{ secrets.SONAR_TOKEN }}" \ + -d:sonar.host.url="https://sonarcloud.io" + + dotnet build --no-incremental + + ./.sonar/scanner/dotnet-sonarscanner end -d:sonar.login="${{ secrets.SONAR_TOKEN }}" From 93ffe7e570615fd64aae0215a09a97d3ab281d16 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sat, 17 Apr 2021 01:27:57 +0200 Subject: [PATCH 2/3] Disabling transcoder & webapp on the analysis --- .github/workflows/analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 98350f99..410eff7a 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -46,6 +46,6 @@ jobs: -d:sonar.login="${{ secrets.SONAR_TOKEN }}" \ -d:sonar.host.url="https://sonarcloud.io" - dotnet build --no-incremental + dotnet build --no-incremental '-p:SkipTranscoder=true;SkipWebApp=true' ./.sonar/scanner/dotnet-sonarscanner end -d:sonar.login="${{ secrets.SONAR_TOKEN }}" From 472a238d3ad136e3c3d9a7be4321105e9d7dbfaa Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sat, 17 Apr 2021 01:30:16 +0200 Subject: [PATCH 3/3] Update analysis.yml --- .github/workflows/analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 410eff7a..46995c15 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -32,8 +32,8 @@ jobs: if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' shell: bash run: | - mkdir -p ./sonar/scanner - dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner + mkdir -p ./.sonar/scanner + dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner - name: Build and analyze env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any