From e082bb1a86e4585998c8ffef46d3bc2a0da8c0c1 Mon Sep 17 00:00:00 2001 From: Vasu1105 Date: Wed, 3 Jan 2024 13:11:12 +0530 Subject: [PATCH] Configures sonarqube for code coverage analysis Signed-off-by: Vasu1105 --- .expeditor/buildkite/verify.sh | 39 ++++++++++++++++++++++++++++++++ .expeditor/config.yml | 4 ++++ .expeditor/coverage.pipeline.yml | 19 ++++++++++++++++ sonar-project.properties | 17 ++++++++++++++ 4 files changed, 79 insertions(+) create mode 100644 .expeditor/coverage.pipeline.yml create mode 100644 sonar-project.properties diff --git a/.expeditor/buildkite/verify.sh b/.expeditor/buildkite/verify.sh index cfcb12f..4a608cf 100755 --- a/.expeditor/buildkite/verify.sh +++ b/.expeditor/buildkite/verify.sh @@ -7,6 +7,25 @@ uname -a ruby -v bundle --version +# Fetch tokens from vault ASAP so that long-running tests don't cause our vault token to expire +echo "--- installing vault" +export VAULT_VERSION=1.13.0 +export VAULT_HOME=$HOME/vault +curl --create-dirs -sSLo $VAULT_HOME/vault.zip https://releases.hashicorp.com/vault/$VAULT_VERSION/vault_${VAULT_VERSION}_linux_amd64.zip +unzip -o $VAULT_HOME/vault.zip -d $VAULT_HOME + +if [ -n "${CI_ENABLE_COVERAGE:-}" ]; then + echo "--- fetching Sonar token from vault" + export SONAR_TOKEN=$($VAULT_HOME/vault kv get -field token secret/inspec/train-winrm/sonar) + + if [ -n "${SONAR_TOKEN:-}" ]; then + echo " ++ SONAR_TOKEN set successfully" + else + echo " !! SONAR_TOKEN not set - exiting " + exit 1 # TODO: Remove this line if we wish not to exit + fi +fi + echo "--- bundle install" bundle config set --local without tools maintenance deploy bundle install --jobs=7 --retry=3 @@ -16,3 +35,23 @@ bundle exec rake lint echo "+++ bundle exec rake" bundle exec rake +RAKE_EXIT=$? + +#TODO: If coverage is enabled, then we need to pick up the coverage/coverage.json file +if [ -n "${CI_ENABLE_COVERAGE:-}" ]; then + echo "--- installing sonarscanner" + export SONAR_SCANNER_VERSION=4.7.0.2747 + export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux + curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip + unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/ + export PATH=$SONAR_SCANNER_HOME/bin:$PATH + export SONAR_SCANNER_OPTS="-server" + + # See sonar-project.properties for additional settings + echo "--- running sonarscanner" + sonar-scanner \ + -Dsonar.sources=. \ + -Dsonar.host.url=https://sonar.progress.com +fi + +exit $RAKE_EXIT \ No newline at end of file diff --git a/.expeditor/config.yml b/.expeditor/config.yml index 839a52c..6d8d360 100644 --- a/.expeditor/config.yml +++ b/.expeditor/config.yml @@ -5,6 +5,10 @@ pipelines: - verify: description: Pull Request validation tests public: true + - coverage: + description: Unit test coverage + public: false + trigger: pull_request slack: notify_channel: inspec-notify diff --git a/.expeditor/coverage.pipeline.yml b/.expeditor/coverage.pipeline.yml new file mode 100644 index 0000000..5b59ef0 --- /dev/null +++ b/.expeditor/coverage.pipeline.yml @@ -0,0 +1,19 @@ +--- +expeditor: + defaults: + buildkite: + timeout_in_minutes: 45 + retry: + automatic: + limit: 1 + +steps: + + - label: coverage-ruby-3.0 + command: + - CI_ENABLE_COVERAGE=1 /workdir/.expeditor/buildkite/verify.sh + expeditor: + secrets: true + executor: + docker: + image: ruby:3.0 diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..a5bcb29 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,17 @@ +# must be unique in a given SonarQube instance +sonar.projectKey=inspec_train-winrm_AYzOHo0HhXuvzhhRmMB3 + +sonar.projectName=Chef-Inspec-train-winrm + +# TODO: provide path to test coverage report generated by simplecov or any other code coverage tool +#sonar.ruby.coverage.reportPaths=coverage/coverage.json + +# exclude test directories from coverage +sonar.coverage.exclusions=test/* + +sonar.exclusions=**/*.java,**/*.js,vendor/* + +# skip C-language processor +sonar.c.file.suffixes=- +sonar.cpp.file.suffixes=- +sonar.objc.file.suffixes=- \ No newline at end of file