I have created a composite action see the link for running a Sonarcloud analysis for dotnet projects.
name: Sonarcloud
description: Sonarcloud
inputs:
sonar_project_key:
required: true
type: string
github_token:
required: true
type: string
sonar_token:
required: true
type: string
runs:
using: "composite"
steps:
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 1.11
- name: Install dotnet SonarCloud scanner
shell: powershell
run: |
dotnet tool install --global dotnet-sonarscanner
- name: Build and analyze
shell: powershell
env:
GITHUB_TOKEN: ${{ inputs.github_token }}
SONAR_TOKEN: ${{ inputs.sonar_token }}
run: |
dotnet sonarscanner begin /k:"${{ inputs.sonar_project_key }}" /o:"my-org" /d:sonar.login="${{ inputs.sonar_token }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.opencover.reportsPaths="**/coverage.opencover.xml"
dotnet build --configuration Release
dotnet test --no-restore --configuration Release --verbosity normal /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
dotnet sonarscanner end /d:sonar.login="${{ inputs.sonar_token }}"
Then follow the link I have to create a release with the tag "v1" something like: "my-org/sonarcloud@v1" and then used it in another repository as follows:
name: Sonarcloud
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
workflow_call:
secrets:
SONAR_TOKEN:
required: true
workflow_dispatch: ~
jobs:
build:
name: Build
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
with:
submodules: 'true'
fetch-depth: 0
- uses: microsoft/variable-substitution@v1
with:
files: 'tests/IntegrationTests/tests.settings.json'
env:
ConnectionString: ${{ secrets.CONNECTIONSTRING }} # please note that in this repo is connection string but it could vary from repo to repo,
# maybe in another repo I need to substitute a Sas token for example
# so I cannot move the variable substitution to the composite action
- uses: actions/checkout@v3
- id: sonarcloud
uses: my-org/sonarcloud@v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
Check that I need to modify the "tests.settings.json" file in order to provide a valid connection string for the Tests to work.
Now the problem. The transformation is being conducted properly but here:
- uses: actions/checkout@v3
- id: sonarcloud
uses: my-org/sonarcloud@v1
git realize that "test.settings.json" has been modified and restore it to original version (that not contain the connection string) and the test fail. here are the logs of the workflow:
2022-04-29T10:56:04.3078283Z [command]"C:\Program Files\Git\bin\git.exe" checkout --detach
2022-04-29T10:56:04.8735279Z M tests/IntegrationTests/tests.settings.json
2022-04-29T10:56:04.8736695Z HEAD is now at 5e6cf4b fix
So how can I avoid this behavior in the second checkout that is needed in order to get the composite action?.
thanks
CodePudding user response:
I have found the problem! The second
- uses: actions/checkout@v3
was not needed. To fix it just removed.
Replace this:
- uses: actions/checkout@v3
- id: sonarcloud
uses: my-org/sonarcloud@v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}
By:
- id: sonarcloud
uses: my-org/sonarcloud@v1
with:
sonar_project_key: 'my-project'
sonar_token: ${{ secrets.SONAR_TOKEN }}
github_token: ${{ secrets.GITHUB_TOKEN }}