alyx
/
sonarqube-scan-action
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SONAR-16068 made SONAR_TOKEN optional 

SONAR-16067 fixed file permissions
This commit is contained in:
Tobias Trabelsi 2022-03-01 10:34:32 +01:00 committed by GitHub
parent 72def085d4
commit bdba66714e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -9,8 +9,6 @@ LABEL version="1.1.0" \
com.github.actions.icon="check" \
com.github.actions.color="green"
# https://help.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user
USER root
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

10
entrypoint.sh
View File

@ -3,8 +3,9 @@
set -e
if [[ -z "${SONAR_TOKEN}" ]]; then
echo "This GitHub Action requires the SONAR_TOKEN env variable."
exit 1
echo "============================ WARNING ============================"
echo "Running this GitHub Action without SONAR_TOKEN is not recommended"
echo "============================ WARNING ============================"
fi
if [[ -z "${SONAR_HOST_URL}" ]]; then
@ -25,3 +26,8 @@ fi
unset JAVA_HOME
sonar-scanner -Dsonar.projectBaseDir=${INPUT_PROJECTBASEDIR} ${INPUT_ARGS}
_tmp_file=$(ls "${INPUT_PROJECTBASEDIR}/" | head -1)
PERM=$(stat -c "%u:%g" "${INPUT_PROJECTBASEDIR}/$_tmp_file")
chown -R $PERM "${INPUT_PROJECTBASEDIR}/"

9
test/run-qa.sh
View File

@ -16,6 +16,8 @@ check_sq_is_up() {
echo $status;
}
_current_perm=$(stat -c "%u:%g" $(pwd))
info "Build scanner action..."
docker build --no-cache -t sonarsource/sonarqube-scan-action .
if [[ ! $? -eq 0 ]]; then
@ -88,13 +90,18 @@ success "Correctly failed fast."
info "Analyze project..."
cd test/example-project/
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action
docker run -v `pwd`:/github/workspace/ --workdir /github/workspace --network $network --env INPUT_PROJECTBASEDIR=/github/workspace --env SONAR_TOKEN=$token --env SONAR_HOST_URL='http://sonarqube:9000' sonarsource/sonarqube-scan-action
if [[ ! $? -eq 0 ]]; then
error "Couldn't run the analysis."
exit 1
elif [[ ! -f ".scannerwork/report-task.txt" ]]; then
error "Couldn't find the report task file. Analysis failed."
exit 1
elif [ ! "$(stat -c "%u:%g" ".scannerwork/report-task.txt")" == "$_current_perm" ]; then
error "File permissions differ from desired once"
error "desired: $_current_perm"
error "actual: $(stat -c "%u:%g" ".scannerwork/report-task.txt")"
exit 1
fi
success "Analysis successful."