ci(metis): feed coverage into sonar
This commit is contained in:
codex
parent
8edb0c23a1
commit
ca1e3a5f74
118
Jenkinsfile
vendored
118
Jenkinsfile
vendored
@ -123,65 +123,6 @@ spec:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
stage('Collect SonarQube evidence') {
|
|
||||||
steps {
|
|
||||||
container('quality-tools') {
|
|
||||||
sh '''#!/usr/bin/env bash
|
|
||||||
set -euo pipefail
|
|
||||||
mkdir -p build
|
|
||||||
args=(
|
|
||||||
"-Dsonar.host.url=${SONARQUBE_HOST_URL}"
|
|
||||||
"-Dsonar.login=${SONARQUBE_TOKEN}"
|
|
||||||
"-Dsonar.projectKey=${SONARQUBE_PROJECT_KEY}"
|
|
||||||
"-Dsonar.projectName=${SONARQUBE_PROJECT_KEY}"
|
|
||||||
"-Dsonar.sources=."
|
|
||||||
"-Dsonar.exclusions=**/.git/**,**/build/**,**/dist/**,**/node_modules/**,**/.venv/**,**/__pycache__/**,**/coverage/**,**/test-results/**,**/playwright-report/**"
|
|
||||||
"-Dsonar.test.inclusions=**/tests/**,**/testing/**,**/*_test.go,**/*.test.ts,**/*.test.tsx,**/*.spec.ts,**/*.spec.tsx"
|
|
||||||
)
|
|
||||||
[ -f build/coverage.out ] && args+=("-Dsonar.go.coverage.reportPaths=build/coverage.out")
|
|
||||||
set +e
|
|
||||||
sonar-scanner "${args[@]}" | tee build/sonar-scanner.log
|
|
||||||
rc=${PIPESTATUS[0]}
|
|
||||||
set -e
|
|
||||||
printf '%s\n' "${rc}" > build/sonarqube-analysis.rc
|
|
||||||
'''
|
|
||||||
}
|
|
||||||
container('publisher') {
|
|
||||||
sh '''
|
|
||||||
set -eu
|
|
||||||
mkdir -p build
|
|
||||||
python3 - <<'PY'
|
|
||||||
import base64
|
|
||||||
import json
|
|
||||||
import os
|
|
||||||
import urllib.parse
|
|
||||||
import urllib.request
|
|
||||||
|
|
||||||
host = os.getenv('SONARQUBE_HOST_URL', '').strip().rstrip('/')
|
|
||||||
project_key = os.getenv('SONARQUBE_PROJECT_KEY', '').strip()
|
|
||||||
token = os.getenv('SONARQUBE_TOKEN', '').strip()
|
|
||||||
report_path = os.getenv('QUALITY_GATE_SONARQUBE_REPORT', 'build/sonarqube-quality-gate.json')
|
|
||||||
payload = {"status": "ERROR", "note": "missing SONARQUBE_HOST_URL and/or SONARQUBE_PROJECT_KEY"}
|
|
||||||
if host and project_key:
|
|
||||||
query = urllib.parse.urlencode({"projectKey": project_key})
|
|
||||||
request = urllib.request.Request(f"{host}/api/qualitygates/project_status?{query}", method="GET")
|
|
||||||
if token:
|
|
||||||
encoded = base64.b64encode(f"{token}:".encode("utf-8")).decode("utf-8")
|
|
||||||
request.add_header("Authorization", f"Basic {encoded}")
|
|
||||||
try:
|
|
||||||
with urllib.request.urlopen(request, timeout=12) as response:
|
|
||||||
payload = json.loads(response.read().decode("utf-8"))
|
|
||||||
except Exception as exc: # noqa: BLE001
|
|
||||||
payload = {"status": "ERROR", "error": str(exc)}
|
|
||||||
with open(report_path, "w", encoding="utf-8") as handle:
|
|
||||||
json.dump(payload, handle, indent=2, sort_keys=True)
|
|
||||||
handle.write("\\n")
|
|
||||||
PY
|
|
||||||
'''
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
stage('Collect Supply Chain evidence') {
|
stage('Collect Supply Chain evidence') {
|
||||||
steps {
|
steps {
|
||||||
container('quality-tools') {
|
container('quality-tools') {
|
||||||
@ -317,6 +258,65 @@ EOF
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
stage('Collect SonarQube evidence') {
|
||||||
|
steps {
|
||||||
|
container('quality-tools') {
|
||||||
|
sh '''#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
mkdir -p build
|
||||||
|
args=(
|
||||||
|
"-Dsonar.host.url=${SONARQUBE_HOST_URL}"
|
||||||
|
"-Dsonar.login=${SONARQUBE_TOKEN}"
|
||||||
|
"-Dsonar.projectKey=${SONARQUBE_PROJECT_KEY}"
|
||||||
|
"-Dsonar.projectName=${SONARQUBE_PROJECT_KEY}"
|
||||||
|
"-Dsonar.sources=."
|
||||||
|
"-Dsonar.exclusions=**/.git/**,**/build/**,**/dist/**,**/node_modules/**,**/.venv/**,**/__pycache__/**,**/coverage/**,**/test-results/**,**/playwright-report/**"
|
||||||
|
"-Dsonar.test.inclusions=**/tests/**,**/testing/**,**/*_test.go,**/*.test.ts,**/*.test.tsx,**/*.spec.ts,**/*.spec.tsx"
|
||||||
|
)
|
||||||
|
[ -f build/coverage.out ] && args+=("-Dsonar.go.coverage.reportPaths=build/coverage.out")
|
||||||
|
set +e
|
||||||
|
sonar-scanner "${args[@]}" | tee build/sonar-scanner.log
|
||||||
|
rc=${PIPESTATUS[0]}
|
||||||
|
set -e
|
||||||
|
printf '%s\n' "${rc}" > build/sonarqube-analysis.rc
|
||||||
|
'''
|
||||||
|
}
|
||||||
|
container('publisher') {
|
||||||
|
sh '''
|
||||||
|
set -eu
|
||||||
|
mkdir -p build
|
||||||
|
python3 - <<'PY'
|
||||||
|
import base64
|
||||||
|
import json
|
||||||
|
import os
|
||||||
|
import urllib.parse
|
||||||
|
import urllib.request
|
||||||
|
|
||||||
|
host = os.getenv('SONARQUBE_HOST_URL', '').strip().rstrip('/')
|
||||||
|
project_key = os.getenv('SONARQUBE_PROJECT_KEY', '').strip()
|
||||||
|
token = os.getenv('SONARQUBE_TOKEN', '').strip()
|
||||||
|
report_path = os.getenv('QUALITY_GATE_SONARQUBE_REPORT', 'build/sonarqube-quality-gate.json')
|
||||||
|
payload = {"status": "ERROR", "note": "missing SONARQUBE_HOST_URL and/or SONARQUBE_PROJECT_KEY"}
|
||||||
|
if host and project_key:
|
||||||
|
query = urllib.parse.urlencode({"projectKey": project_key})
|
||||||
|
request = urllib.request.Request(f"{host}/api/qualitygates/project_status?{query}", method="GET")
|
||||||
|
if token:
|
||||||
|
encoded = base64.b64encode(f"{token}:".encode("utf-8")).decode("utf-8")
|
||||||
|
request.add_header("Authorization", f"Basic {encoded}")
|
||||||
|
try:
|
||||||
|
with urllib.request.urlopen(request, timeout=12) as response:
|
||||||
|
payload = json.loads(response.read().decode("utf-8"))
|
||||||
|
except Exception as exc: # noqa: BLE001
|
||||||
|
payload = {"status": "ERROR", "error": str(exc)}
|
||||||
|
with open(report_path, "w", encoding="utf-8") as handle:
|
||||||
|
json.dump(payload, handle, indent=2, sort_keys=True)
|
||||||
|
handle.write("\\n")
|
||||||
|
PY
|
||||||
|
'''
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
stage('Publish test metrics') {
|
stage('Publish test metrics') {
|
||||||
steps {
|
steps {
|
||||||
container('publisher') {
|
container('publisher') {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user