From fe5d9f5f5e10b887cc4b11e980137f1e29eef3e6 Mon Sep 17 00:00:00 2001 From: Mihkel Kivisild Date: Tue, 12 Nov 2024 13:09:06 +0200 Subject: [PATCH] Sonarcloud GitHub action for PHP library WE2-897 Signed-off-by: Mihkel Kivisild --- .github/workflows/sonarcloud-analysis.yml | 42 +++++++++++++++++++++++ sonar-project.properties | 3 ++ 2 files changed, 45 insertions(+) create mode 100644 .github/workflows/sonarcloud-analysis.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml new file mode 100644 index 0000000..85a036e --- /dev/null +++ b/.github/workflows/sonarcloud-analysis.yml @@ -0,0 +1,42 @@ +name: SonarCloud Analysis + +on: [push, pull_request] + +permissions: + contents: read + +jobs: + analyse: + name: Analyse + if: github.repository == 'web-eid/web-eid-authtoken-validation-php' + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '8.3' + + - name: Validate composer.json and composer.lock + run: composer validate --strict + + - name: Cache Composer packages + id: composer-cache + uses: actions/cache@v4 + with: + path: vendor + key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} + restore-keys: | + ${{ runner.os }}-php- + + - name: Install dependencies + run: composer install --prefer-dist --no-progress + + - name: Run SonarCloud Scan + uses: sonarsource/sonarqube-scan-action@v4.0.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: https://sonarcloud.io diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..8840cc8 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,3 @@ +sonar.projectKey=web-eid_web-eid-authtoken-validation-php +sonar.sources=src/ +sonar.tests=tests/ \ No newline at end of file