Compare commits
1 Commits
jh/update_
...
v4
| Author | SHA1 | Date | |
|---|---|---|---|
|
689fb39b34 |
2
.github/CODEOWNERS
vendored
2
.github/CODEOWNERS
vendored
@@ -1 +1 @@
|
|||||||
.github/CODEOWNERS @sonarsource/orchestration-processing-squad
|
.github/CODEOWNERS @sonarsource/analysis-experience-squad
|
||||||
|
|||||||
3
.github/workflows/qa-main.yml
vendored
3
.github/workflows/qa-main.yml
vendored
@@ -450,7 +450,6 @@ jobs:
|
|||||||
uses: ./
|
uses: ./
|
||||||
with:
|
with:
|
||||||
scannerBinariesUrl: http://localhost:8080/clientRedirectToSonarBinaries
|
scannerBinariesUrl: http://localhost:8080/clientRedirectToSonarBinaries
|
||||||
scannerVersion: 6.2.1.4610
|
|
||||||
env:
|
env:
|
||||||
NO_CACHE: true
|
NO_CACHE: true
|
||||||
SONAR_HOST_URL: http://not_actually_used
|
SONAR_HOST_URL: http://not_actually_used
|
||||||
@@ -551,7 +550,7 @@ jobs:
|
|||||||
SONAR_ROOT_CERT: ${{ env.SONAR_ROOT_CERT_VALID }}
|
SONAR_ROOT_CERT: ${{ env.SONAR_ROOT_CERT_VALID }}
|
||||||
SONAR_HOST_URL: https://localhost:4443
|
SONAR_HOST_URL: https://localhost:4443
|
||||||
with:
|
with:
|
||||||
args: -X -Dsonar.login=admin -Dsonar.password=admin
|
args: -Dsonar.login=admin -Dsonar.password=admin
|
||||||
projectBaseDir: ./test/example-project
|
projectBaseDir: ./test/example-project
|
||||||
- name: Clear imported SSL certificates
|
- name: Clear imported SSL certificates
|
||||||
run: |
|
run: |
|
||||||
|
|||||||
5
.github/workflows/version_update.yml
vendored
5
.github/workflows/version_update.yml
vendored
@@ -8,9 +8,6 @@ jobs:
|
|||||||
update-version:
|
update-version:
|
||||||
name: Prepare pull request for sonar-scanner version update
|
name: Prepare pull request for sonar-scanner version update
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
|
||||||
contents: write
|
|
||||||
pull-requests: write
|
|
||||||
steps:
|
steps:
|
||||||
- run: sudo apt install -y jq
|
- run: sudo apt install -y jq
|
||||||
|
|
||||||
@@ -37,7 +34,7 @@ jobs:
|
|||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
UPDATE_BRANCH: update-to-sonar-scanner-${{ steps.latest-version.outputs.sonar-scanner-version }}
|
UPDATE_BRANCH: update-to-sonar-scanner-${{ steps.latest-version.outputs.sonar-scanner-version }}
|
||||||
TITLE: "Update SonarScanner CLI to ${{ steps.latest-version.outputs.sonar-scanner-version }}"
|
TITLE: "Update sonar-scanner-version to ${{ steps.latest-version.outputs.sonar-scanner-version }}"
|
||||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
run: |
|
run: |
|
||||||
git config --global user.name "SonarTech"
|
git config --global user.name "SonarTech"
|
||||||
|
|||||||
16
README.md
16
README.md
@@ -2,10 +2,8 @@
|
|||||||
|
|
||||||
This SonarSource project, available as a GitHub Action, scans your projects with SonarQube [Server](https://www.sonarsource.com/products/sonarqube/) or [Cloud](https://www.sonarsource.com/products/sonarcloud/).
|
This SonarSource project, available as a GitHub Action, scans your projects with SonarQube [Server](https://www.sonarsource.com/products/sonarqube/) or [Cloud](https://www.sonarsource.com/products/sonarcloud/).
|
||||||
|
|
||||||
<picture>
|
|
||||||
<source media="(prefers-color-scheme: dark)" srcset="./images/SQ_Logo_Server_Cloud_Dark_Backgrounds.png">
|
|
||||||
<img alt="SonarQube Logo" src="./images/SQ_Logo_Server_Cloud_Light_Backgrounds.png">
|
|
||||||
</picture>
|
|
||||||
|
|
||||||
SonarQube [Server](https://www.sonarsource.com/products/sonarqube/) and [Cloud](https://www.sonarsource.com/products/sonarcloud/) (formerly SonarQube and SonarCloud) is a widely used static analysis solution for continuous code quality and security inspection.
|
SonarQube [Server](https://www.sonarsource.com/products/sonarqube/) and [Cloud](https://www.sonarsource.com/products/sonarcloud/) (formerly SonarQube and SonarCloud) is a widely used static analysis solution for continuous code quality and security inspection.
|
||||||
|
|
||||||
@@ -107,8 +105,7 @@ jobs:
|
|||||||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
||||||
- name: Run Build Wrapper
|
- name: Run Build Wrapper
|
||||||
run: |
|
run: |
|
||||||
# Here goes your compilation wrapped with Build Wrapper
|
# here goes your compilation wrapped with build-wrapper; See https://docs.sonarsource.com/sonarqube/latest/ analyzing-source-code/languages/c-family/#using-build-wrapper for more information
|
||||||
# For more information, see https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/languages/c-family/prerequisites/#using-buildwrapper
|
|
||||||
# build-preparation steps
|
# build-preparation steps
|
||||||
# build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} build-command
|
# build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} build-command
|
||||||
- name: SonarQube Scan
|
- name: SonarQube Scan
|
||||||
@@ -118,7 +115,7 @@ jobs:
|
|||||||
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
|
||||||
SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
|
SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
|
||||||
with:
|
with:
|
||||||
# Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
|
# Consult https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
|
||||||
args: >
|
args: >
|
||||||
--define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
|
--define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
|
||||||
```
|
```
|
||||||
@@ -207,8 +204,7 @@ jobs:
|
|||||||
uses: SonarSource/sonarqube-scan-action/install-build-wrapper@<action version>
|
uses: SonarSource/sonarqube-scan-action/install-build-wrapper@<action version>
|
||||||
- name: Run Build Wrapper
|
- name: Run Build Wrapper
|
||||||
run: |
|
run: |
|
||||||
# Here goes your compilation wrapped with Build Wrapper
|
# here goes your compilation wrapped with build-wrapper; See https://docs.sonarsource.com/sonarqube/latest/ analyzing-source-code/languages/c-family/#using-build-wrapper for more information
|
||||||
# For more information, see https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/languages/c-family/prerequisites/#using-build-wrapper
|
|
||||||
# build-preparation steps
|
# build-preparation steps
|
||||||
# build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} build-command
|
# build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} build-command
|
||||||
- name: SonarQube Scan
|
- name: SonarQube Scan
|
||||||
@@ -217,7 +213,7 @@ jobs:
|
|||||||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
||||||
SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
|
SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
|
||||||
with:
|
with:
|
||||||
# Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
|
# Consult https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
|
||||||
args: >
|
args: >
|
||||||
--define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
|
--define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
|
||||||
```
|
```
|
||||||
|
|||||||
@@ -16,8 +16,7 @@ inputs:
|
|||||||
scannerVersion:
|
scannerVersion:
|
||||||
description: Version of the Sonar Scanner CLI to use
|
description: Version of the Sonar Scanner CLI to use
|
||||||
required: false
|
required: false
|
||||||
# to be kept in sync with sonar-scanner-version
|
default: 6.2.1.4610 # to be kept in sync with sonar-scanner-version
|
||||||
default: 7.0.1.4817
|
|
||||||
scannerBinariesUrl:
|
scannerBinariesUrl:
|
||||||
description: URL to download the Sonar Scanner CLI binaries from
|
description: URL to download the Sonar Scanner CLI binaries from
|
||||||
required: false
|
required: false
|
||||||
@@ -30,6 +29,9 @@ runs:
|
|||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
|
INPUT_PROJECTBASEDIR: ${{ inputs.projectBaseDir }}
|
||||||
|
- name: Vulnerability warning
|
||||||
|
shell: bash
|
||||||
|
run: echo "::warning title=Vulnerability warning::This version of the SonarQube Scanner GitHub Action is no longer supported and contains a security vulnerability. Please update your workflow to use sonarsource/sonarqube-scan-action@v6 for the latest security patches and features. For more information visit https://community.sonarsource.com/gha-v6-update"
|
||||||
- name: Load Sonar Scanner CLI from cache
|
- name: Load Sonar Scanner CLI from cache
|
||||||
id: sonar-scanner-cli
|
id: sonar-scanner-cli
|
||||||
uses: actions/cache@v4
|
uses: actions/cache@v4
|
||||||
|
|||||||
@@ -1,11 +1,11 @@
|
|||||||
sonar-scanner-version=7.0.1.4817
|
sonar-scanner-version=6.2.1.4610
|
||||||
sonar-scanner-url-windows-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.1.4817-windows-x64.zip
|
sonar-scanner-url-windows-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-windows-x64.zip
|
||||||
sonar-scanner-sha-windows-x64=6b523587567af4170a4e0e0d02053d4a3f117e6612a11a4382ae45211b82383f
|
sonar-scanner-sha-windows-x64=b7de8d75c43093e0353e6a3147c3720cafac1c38da96bc61123657197086a1c9
|
||||||
sonar-scanner-url-linux-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.1.4817-linux-x64.zip
|
sonar-scanner-url-linux-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-linux-x64.zip
|
||||||
sonar-scanner-sha-linux-x64=b0643348eed1ec808d8c9b35b34bdf953ed9788978c38b32c577960bbef0a7f8
|
sonar-scanner-sha-linux-x64=0b8a3049f0bd5de7abc1582c78c233960d3d4ed7cc983a1d1635e8552f8bb439
|
||||||
sonar-scanner-url-linux-aarch64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.1.4817-linux-aarch64.zip
|
sonar-scanner-url-linux-aarch64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-linux-aarch64.zip
|
||||||
sonar-scanner-sha-linux-aarch64=f1def4b7f8fe5839ab185eee7e493551ed1bd5534707f8e02933579e2315ffaa
|
sonar-scanner-sha-linux-aarch64=f67819e7a52ed4c28b541baa5bca0621446314de148f889d7d2d7ff239808f0c
|
||||||
sonar-scanner-url-macosx-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.1.4817-macosx-x64.zip
|
sonar-scanner-url-macosx-x64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-macosx-x64.zip
|
||||||
sonar-scanner-sha-macosx-x64=820100498148433db0674da3156eca5974e1b4f7dfc073d41df1f3ff49cd9b33
|
sonar-scanner-sha-macosx-x64=471348fcb912584f093cebf28114322455979d2cceb1654e0a7990da50add94f
|
||||||
sonar-scanner-url-macosx-aarch64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.1.4817-macosx-aarch64.zip
|
sonar-scanner-url-macosx-aarch64=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.1.4610-macosx-aarch64.zip
|
||||||
sonar-scanner-sha-macosx-aarch64=4903800165c59890b9859a212054bd55d0eb2a5682ce377fad70560be4b833f0
|
sonar-scanner-sha-macosx-aarch64=583b1ed386b6f61ddfbb39c0ae169355e96a8e1852b0210a5a5ca4f7487347c1
|
||||||
|
|||||||
Reference in New Issue
Block a user