Skip to content

chore(sonar): fix error #83

chore(sonar): fix error

chore(sonar): fix error #83

Workflow file for this run

---
name: CI + CD
on:
push:
branches:
- "**"
env:
DEV_PORT: 50505
STAGING_PORT: 50506
PROD_PORT: 50507
SONAR_PROJECT_KEY: "bas-kirill_muse-project_c40bc999-8826-433b-bb84-8871688b1ab1"
jobs:
credentials-check:
name: "[PR] GitGuardian scan"
if: false # or in another case, there will be "Error: Server is not responding as expected."
runs-on: kiryuxa-1
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # fetch all history so multiple commits can be scanned
- name: GitGuardian scan
uses: GitGuardian/ggshield-action@v1
env:
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}
client-linter:
name: "[CLIENT] Linter"
runs-on: kiryuxa-1
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Run linter
run: ./tools/scripts/client/runLinter.sh
client-static-analyzer:
name: "[CLIENT] Static Analyzer"
runs-on: kiryuxa-2
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Install dependencies
run: cd ./client && npm install
- name: Run Static Analyzer
run: ./tools/scripts/client/runStaticAnalyzer.sh
server-linter:
name: "[SERVER] Linter"
runs-on: kiryuxa-2
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Checkout Code
uses: actions/checkout@v4
- name: Run linter
run: ./tools/scripts/server/runLinter.sh
server-static-analyzer:
name: "[SERVER] Static Analyzer"
runs-on: kiryuxa-2
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Checkout Code
uses: actions/checkout@v4
- name: Run static analyzer
run: ./tools/scripts/server/runStaticAnalyzer.sh
build:
name: "[SERVER] Run SonarQube"
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 17
uses: actions/setup-java@v1
with:
java-version: 17
- name: Run sonarqube
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
SONAR_PROJECT_KEY: ${{ env.SONAR_PROJECT_KEY }}
# - name: Cache SonarQube packages
# uses: actions/cache@v1
# with:
# path: ~/.sonar/cache
# key: ${{ runner.os }}-sonar
# restore-keys: ${{ runner.os }}-sonar
# - name: Cache Gradle packages
# uses: actions/cache@v1
# with:
# path: ~/.gradle/caches
# key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
# restore-keys: ${{ runner.os }}-gradle
# - name: Build and analyze
# env:
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
# MUSE_JWT_SECRET_KEY: ${{ secrets.MUSE_JWT_SECRET_KEY }}
# run: (cd ./server && ./gradlew build sonar --info)
- name: Wait for quality gate result
run: sleep 5
# - name: Report quality gate result in the pull request comment
# uses: phwt/sonarqube-quality-gate-action@v1
# id: quality-gate-result
# with:
# sonar-project-key: "bas-kirill_muse-project_c40bc999-8826-433b-bb84-8871688b1ab1"
# sonar-host-url: ${{ secrets.SONAR_HOST_URL }}
# sonar-token: ${{ secrets.SONAR_TOKEN }}
# github-token: ${{ secrets.GH_TOKEN }}
# branch: ${{ github.ref_name }}
- uses: phwt/sonarqube-quality-gate-action@v1
id: quality-gate-check
with:
sonar-project-key: "bas-kirill_muse-project_c40bc999-8826-433b-bb84-8871688b1ab1"
sonar-host-url: ${{ secrets.SONAR_HOST_URL }}
sonar-token: ${{ secrets.SONAR_TOKEN }}
github-token: ${{ secrets.GH_TOKEN }}
- name: Output result
run: |
echo "${{ steps.quality-gate-result.outputs.project-status }}"
echo "${{ steps.quality-gate-result.outputs.quality-gate-result }}"
# - id: check-gate
# name: Check quality gate status
# uses: sonarsource/[email protected]
# timeout-minutes: 5
# env:
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
server-unit-tests:
name: "[SERVER] Unit Tests"
runs-on: kiryuxa-3
permissions:
contents: read
issues: read
checks: write
pull-requests: write
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Checkout Code
uses: actions/checkout@v4
- name: Run Unit Tests
env:
MUSE_JWT_SECRET_KEY: ${{ secrets.MUSE_JWT_SECRET_KEY }}
run: ./tools/scripts/server/runUnitTests.sh
# - name: Publish Unit Test Results
# if: always()
# uses: EnricoMi/[email protected]
# with:
# files: ./**/**/build/test-results/**/*.xml
# report_individual_runs: true
- name: Gather reports
uses: actions/upload-artifact@v2
if: always()
with:
name: reports
path: ./**/**/build/reports
deploy-dev:
name: "[SERVER] Deploy to Dev"
needs:
- credentials-check
- client-linter
- client-static-analyzer
- server-linter
- server-static-analyzer
- server-unit-tests
runs-on: ubuntu-22.04
environment:
name: dev
url: http://dev.muse.kiryuxa.com
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Check out the repo
uses: actions/checkout@v4
- name: Log in to Docker Hub
run: docker login -u myshx -p ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build Server Docker Image
run: >
./tools/scripts/server/buildJar.sh
docker build . -t "myshx/muse-server:dev-${{ github.sha }}" -f ./server/Dockerfile
- name: Push Server Docker Image
run: docker push "myshx/muse-server:dev-${{ github.sha }}"
- name: Run server at home lab
uses: appleboy/ssh-action@master
env:
GIT_COMMIT_SHA: ${{ github.sha }}
DEV_PORT: ${{ env.DEV_PORT }}
with:
debug: true
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USERNAME }}
password: ${{ secrets.SERVER_PASSWORD }}
port: ${{ secrets.SERVER_PORT }}
envs: GIT_COMMIT_SHA, DEV_PORT
script: >
echo "one"
export GIT_COMMIT_SHA=$GIT_COMMIT_SHA
echo "two"
export DEV_PORT=$DEV_PORT
echo "three"
dev_container_ids=$(docker inspect --format='{{.Config.Image}} {{.Id}}' $(docker ps -aq) | grep -E 'myshx/muse-server:dev-\b[0-9a-f]{40}\b' | awk '{print $2}')
echo "four"
dev_image_ids=$(docker inspect --format='{{.Config.Image}} {{.Image}}' $(docker ps -aq) | grep -E 'myshx/muse-server:dev-\b[0-9a-f]{40}\b' | awk '{print $2}')
echo "five"
for container_id in $dev_container_ids; do
docker stop "$container_id"
done
echo "seven"
for container_id in $dev_container_ids; do
docker rm "$container_id"
done
echo "eight"
for image_id in $dev_image_ids; do
docker rmi -f "$image_id";
done
echo "nine"
docker run -d -p $DEV_PORT:8080 "myshx/muse-server:dev-$GIT_COMMIT_SHA"
echo "ten"
deploy-staging:
name: "[SERVER] Deploy to Staging"
if: github.event.ref == 'refs/heads/main'
needs:
- credentials-check
- client-linter
- client-static-analyzer
- server-linter
- server-static-analyzer
- server-unit-tests
runs-on: ubuntu-22.04
environment:
name: staging
url: http://staging.muse.kiryuxa.com
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Check out the repo
uses: actions/checkout@v4
- name: Log in to Docker Hub
run: docker login -u myshx -p ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build Server Docker Image
run: >
./tools/scripts/server/buildJar.sh
docker build . -t "myshx/muse-server:staging-${{ github.sha }}" -f ./server/Dockerfile
- name: Push Server Docker Image
run: docker push "myshx/muse-server:staging-${{ github.sha }}"
- name: Run server at home lab
uses: appleboy/ssh-action@master
env:
GIT_COMMIT_SHA: ${{ github.sha }}
STAGING_PORT: ${{ env.STAGING_PORT }}
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USERNAME }}
password: ${{ secrets.SERVER_PASSWORD }}
port: ${{ secrets.SERVER_PORT }}
envs: GIT_COMMIT_SHA, STAGING_PORT
script: >
export GIT_COMMIT_SHA=$GIT_COMMIT_SHA
export STAGING_PORT=$STAGING_PORT
staging_container_ids=$(docker inspect --format='{{.Config.Image}} {{.Id}}' $(docker ps -aq) | grep -E 'myshx/muse-server:staging-\b[0-9a-f]{40}\b' | awk '{print $2}')
staging_image_ids=$(docker inspect --format='{{.Config.Image}} {{.Image}}' $(docker ps -aq) | grep -E 'myshx/muse-server:staging-\b[0-9a-f]{40}\b' | awk '{print $2}')
for container_id in $staging_container_ids; do
docker stop "$container_id"
done
for container_id in $staging_container_ids; do
docker rm "$container_id"
done
for image_id in $staging_image_ids; do
docker rmi -f "$image_id";
done
docker run -d -p $STAGING_PORT:8080 "myshx/muse-server:staging-$GIT_COMMIT_SHA"
deploy-prod:
name: "[SERVER] Deploy to Prod"
needs:
- deploy-staging
runs-on: ubuntu-22.04
environment:
name: prod
url: http://prod.muse.kiryuxa.com
steps:
- name: Set up JDK 21 (Temurin)
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "21.0"
- name: Check out the repo
uses: actions/checkout@v4
- name: Log in to Docker Hub
run: docker login -u myshx -p ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build Server Docker Image
run: >
./tools/scripts/server/buildJar.sh
docker build . -t "myshx/muse-server:prod-${{ github.sha }}" -f ./server/Dockerfile
- name: Push Server Docker Image
run: docker push "myshx/muse-server:prod-${{ github.sha }}"
- name: Run server at home lab
uses: appleboy/ssh-action@master
env:
GIT_COMMIT_SHA: ${{ github.sha }}
PROD_PORT: ${{ env.PROD_PORT }}
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USERNAME }}
password: ${{ secrets.SERVER_PASSWORD }}
port: ${{ secrets.SERVER_PORT }}
envs: GIT_COMMIT_SHA, PROD_PORT
script: >
export GIT_COMMIT_SHA=$GIT_COMMIT_SHA
export PROD_PORT=$PROD_PORT
prod_container_ids=$(docker inspect --format='{{.Config.Image}} {{.Id}}' $(docker ps -aq) | grep -E 'myshx/muse-server:prod-\b[0-9a-f]{40}\b' | awk '{print $2}')
prod_image_ids=$(docker inspect --format='{{.Config.Image}} {{.Image}}' $(docker ps -aq) | grep -E 'myshx/muse-server:prod-\b[0-9a-f]{40}\b' | awk '{print $2}')
for container_id in $prod_container_ids; do
docker stop "$container_id"
done
for container_id in $prod_container_ids; do
docker rm "$container_id"
done
for image_id in $prod_image_ids; do
docker rmi -f "$image_id";
done
docker run -d -p $PROD_PORT:8080 "myshx/muse-server:prod-$GIT_COMMIT_SHA"