Onboard to SonarQube

* Gather and send coverage data * Add badges * Remove codecov and any codecov related files
asecurityteam · Feb 13, 2025 · 7c39d2a · 7c39d2a
1 parent 9045f0b
commit 7c39d2a
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 3 deletions.
diff --git a/.github/workflows/golang.yaml b/.github/workflows/golang.yaml
@@ -1,4 +1,7 @@
-on: [push]
+on:
+  push:
+  pull_request: #sonar refuses to display branch analysis results on Free plan even for OSS
+    types: [opened, synchronize, reopened]
 
 jobs:
   golang:
@@ -7,16 +10,25 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of Sonar scan
       - name: FS Permissions
         # workaround for permissions with contaner attempting to create directories
         run: chmod 777 -R "$(pwd)"
       - name: Dep
         run: make dep
       - name: Lint
         run: make lint
+      - name: Coverage Setup 
+        # workaround for permissions with container attempting to create directory
+        run: mkdir .coverage && chmod 777 .coverage
       - name: Unit Tests
         run: make test
       - name: Integration Tests
         run: make integration
-      - name: Test Coverage
-        run: make coverage
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        # run on PRs and once we merge to main, as we need baseline runs for main in Sonar
+        if: ${{ ( github.event_name == 'pull_request' ) || ( github.ref == 'refs/heads/master' ) }}
diff --git a/README.md b/README.md
@@ -3,6 +3,19 @@
 
 **An extendable toolkit for improving the standard library HTTP client.**
 
+[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=bugs)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=code_smells)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=coverage)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Duplicated Lines (%)](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=duplicated_lines_density)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=ncloc)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=sqale_rating)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=alert_status)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=reliability_rating)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=security_rating)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=sqale_index)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+[![Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=asecurityteam_transport&metric=vulnerabilities)](https://sonarcloud.io/dashboard?id=asecurityteam_transport)
+
+
 <!-- TOC -->
 
 -- [transport](#transport)

diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,11 @@
+sonar.organization=asecurityteam
+sonar.projectKey=asecurityteam_transport
+
+sonar.sources=.
+sonar.exclusions=main.go, **/*_test.go
+
+sonar.tests=.
+sonar.test.inclusions=**/*_test.go
+
+sonar.go.coverage.reportPaths=.coverage/*.cover.out
+sonar.coverage.exclusions=**/test/**/*.*