Skip to content

Add sonarqube scan to CI workflow #5

Add sonarqube scan to CI workflow

Add sonarqube scan to CI workflow #5

Workflow file for this run

name: CI
on:
push:
branches:
- main
- next
- "v*"
paths-ignore:
- "docs/**"
- "*.md"
- "*.example"
pull_request:
paths-ignore:
- "docs/**"
- "*.md"
jobs:
build-and-test:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20, 22, 23]
services:
mysql:
image: mysql:8.4
ports:
- 3306:3306
env:
MYSQL_ROOT_PASSWORD: root_password
MYSQL_DATABASE: test_db
MYSQL_USER: test_user
MYSQL_PASSWORD: test_password
options: >-
--health-cmd="mysqladmin ping -u$MYSQL_USER -p$MYSQL_PASSWORD"
--health-interval=10s
--health-timeout=5s
--health-retries=3
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: SonarQube Scan
uses: sonarsource/[email protected]
with:
args: >
-Dsonar.organization=${{ vars.SONAR_ORGANIZATION }}
-Dsonar.projectKey=${{ vars.SONAR_PROJECT_KEY }}
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}
- name: Install dependencies
run: npm i
- name: Build
run: npm run build -- --noEmit
- name: Lint Code
run: npm run lint
- name: Generate COOKIE Secret
run: |
COOKIE_SECRET=$(openssl rand -hex 32)
echo "COOKIE_SECRET=$COOKIE_SECRET" >> $GITHUB_ENV
- name: Generate dummy .env for scripts using -env-file=.env flag
run: touch .env
- name: Test
env:
MYSQL_HOST: localhost
MYSQL_PORT: 3306
MYSQL_DATABASE: test_db
MYSQL_USER: test_user
MYSQL_PASSWORD: test_password
# COOKIE_SECRET is dynamically generated and loaded from the environment
COOKIE_NAME: 'sessid'
RATE_LIMIT_MAX: 4
CAN_SEED_DATABASE: 1
run: npm run db:migrate && npm run test