Skip to content
.github/workflows/fe-code-quality.yml

PFM-TASK-7338 use more resourceful github runner for sonar job #4

Sign in to view logs

PFM-TASK-7338 use more resourceful github runner for sonar job

PFM-TASK-7338 use more resourceful github runner for sonar job #4

Workflow file for this run

.github/workflows/fe-code-quality.yml at 713b473
name: Frontend Code Quality Workflow

Check failure on line 1 in .github/workflows/fe-code-quality.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/fe-code-quality.yml

Invalid workflow file 

(Line: 113, Col: 14): Non-scalar mapping key is not supported
on:
workflow_call:
secrets:
SONAR_CLOUD_TOKEN:
required: false
inputs:
SONAR_CLOUD_ORG:
required: false
description: "SonarCloud organization key, e.g., 'my-org'"
type: string
default: "collaborationfactory"
SONAR_CLOUD_PROJECT_KEY:
required: false
description: "SonarCloud project key, e.g., 'my-project'"
type: string
default: ""
SONAR_PROPERTIES:
required: false
description: "Additional sonar-project.properties content"
type: string
default: ""
GITHUB_RUNNER:
required: false
description: "Github runner which is used to run sonar scan jobs"
type: string
default: 'medium'
jobs:
code-quality:
runs-on: ubuntu-latest
strategy:
matrix:
target: [ 'test' ]
jobIndex: [ 1, 2, 3,4 ]
fail-fast: false # Continue running all matrix combinations even if one fails
env:
jobCount: 4
coverageEnabled: ${{ secrets.SONAR_CLOUD_TOKEN != '' }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: 18.19.1
- name: Cache Node Modules
id: npm-cache
uses: actions/cache@v4
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/package-lock.json') }}
- name: Formatter
run: npx nx format:check --base=origin/${{ github.event.pull_request.base.ref }}
- name: Linter
run: npx nx affected --target=lint --parallel --configuration=dev --base=origin/${{ github.event.pull_request.base.ref }}
- name: Fetch base branch
run: git fetch origin ${{ github.event.pull_request.base.ref }}:${{ github.event.pull_request.base.ref }} || true
- name: Unit Tests
id: test
uses: collaborationFactory/github-actions/.github/actions/run-many@release/25.2
continue-on-error: true
with:
target: ${{ matrix.target }}
jobIndex: ${{ matrix.jobIndex }}
jobCount: ${{ env.jobCount }}
base: ${{ github.event.pull_request.base.ref }}
ref: ${{ github.event.pull_request.head.ref }}
- name: Upload Coverage Reports
if: ${{ env.coverageEnabled == 'true' }}
uses: actions/upload-artifact@v4
with:
name: coverage-${{ matrix.jobIndex }}
path: coverage/
retention-days: 7
- name: Fail pipeline if test step failed
run: |
if [ "${{ steps.test.outcome }}" = "failure" ]; then
echo "Unit tests step failed, failing the pipeline."
exit 1
fi
check-sonar:
name: Check SonarCloud Configuration
runs-on: ubuntu-latest
outputs:
has_token: ${{ steps.check.outputs.has_token }}
steps:
- name: Check if SONAR_CLOUD_TOKEN exists
id: check
run: |
if [ -n "${{ secrets.SONAR_CLOUD_TOKEN }}" ]; then
echo "has_token=true" >> $GITHUB_OUTPUT
echo "SonarCloud token is configured"
else
echo "has_token=false" >> $GITHUB_OUTPUT
echo "SonarCloud token is not configured, skipping SonarCloud analysis"
fi
sonar:
name: SonarCloud
needs: [code-quality, check-sonar]
if: needs.check-sonar.outputs.has_token == 'true'
runs-on: {{ inputs.GITHUB_RUNNER }}
steps:
- name: Set SonarCloud Project Key
id: set-project-key
run: |
if [ -z "${{ inputs.SONAR_CLOUD_PROJECT_KEY }}" ]; then
echo "project_key=collaborationFactory_${{ github.event.repository.name }}" >> $GITHUB_OUTPUT
else
echo "project_key=${{ inputs.SONAR_CLOUD_PROJECT_KEY }}" >> $GITHUB_OUTPUT
fi
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Write sonar-project.properties
run: |
echo "sonar.host.url=https://sonarcloud.io" > sonar-project.properties
echo "sonar.organization=${{ inputs.SONAR_CLOUD_ORG }}" >> sonar-project.properties
echo "sonar.projectKey=${{ steps.set-project-key.outputs.project_key }}" >> sonar-project.properties
echo "sonar.test.inclusions=**/*.spec.ts,**/*.test.ts,**/*.spec.tsx,**/*.test.tsx" >> sonar-project.properties
echo "sonar.javascript.lcov.reportPaths=./coverage/lcov.info" >> sonar-project.properties
if [ -n "${{ inputs.SONAR_PROPERTIES }}" ]; then
echo "${{ inputs.SONAR_PROPERTIES }}" >> sonar-project.properties
fi
cat sonar-project.properties
- name: download coverage report
uses: actions/download-artifact@v4
with:
path: ./coverage
pattern: coverage-*
merge-multiple: true
- name: Check for LCOV files
id: check-lcov
run: |
if find ./coverage -name "lcov*.info" -type f | grep -q .; then
echo "lcov_exists=true" >> $GITHUB_OUTPUT
echo "LCOV files found, will proceed with merge"
else
echo "lcov_exists=false" >> $GITHUB_OUTPUT
echo "No LCOV files found, skipping merge"
fi
- name: Merge matrix coverage reports
if: steps.check-lcov.outputs.lcov_exists == 'true'
run: |
echo "=== Finding all LCOV files ==="
find ./coverage -name "lcov*.info" -type f
echo ""
echo "=== Merging coverage files ==="
npx lcov-result-merger "coverage/**/lcov*.info" coverage/lcov.info
echo ""
echo "=== Merge completed ==="
ls -lh ./coverage/lcov.info
- name: Normalize LCOV paths for Linux
if: steps.check-lcov.outputs.lcov_exists == 'true'
run: |
if [ -f "./coverage/lcov.info" ]; then
sed -i 's|\\|/|g' ./coverage/lcov.info
echo "Normalized LCOV paths to Unix format"
fi
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v6
env:
SONAR_TOKEN: ${{ secrets.SONAR_CLOUD_TOKEN }}