repos/docker-dnsmasq
5
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 8 Activity

feat(ci): switch to self-hosted SonarQube #4

Merged
luke merged 1 commits from sonarqube into main 2025-02-09 21:12:23 +00:00
Conversation 0 Commits 1 Files Changed 8 +47 -22
8 changed files with 47 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
.github/CODEOWNERS → .archive/.github/CODEOWNERS vendored
View File

0
.github/dependabot.yml → .archive/.github/dependabot.yml vendored
View File

0
.github/workflows/build.yml → .archive/.github/workflows/build.yml vendored
View File

0
.github/workflows/ci.yml → .archive/.github/workflows/ci.yml vendored
View File

38
.gitea/workflows/ci.yml
View File

@@ -8,15 +8,31 @@ on:
- reopened - reopened
jobs: jobs:
validate_pr_title:
uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/conventional-commit.yml@main
with:
commit_message: ${{ gitea.event.pull_request.title }}
ci: ci:
uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/ci-docker.yml@main runs-on: ubuntu-latest
with: steps:
python-version: 3.13 - name: Check out repository code
secrets: uses: actions/checkout@v4.2.2
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} with:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} fetch-depth: 0
- uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: Dockerfile
output-file: hadolint.out
format: sonarqube
no-fail: true
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v4.2.1
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
- name: Snyk Vulnerability Scan
uses: snyk/actions/python@master
continue-on-error: true # Sometimes vulns aren't immediately fixable
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: test --all-projects

16
.gitea/workflows/conventional_commit.yml Normal file
View File

@@ -0,0 +1,16 @@
name: Validate PR Title
on:
pull_request:
types:
- opened
- edited
- synchronize
- reopened
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.2.4
with:
commit-message: ${{ gitea.event.pull_request.title }}

7
.gitea/workflows/release.yml
View File

@@ -9,12 +9,7 @@ on:
jobs: jobs:
test: test:
name: Test name: Test
uses: https://git.tainton.uk/actions/gha-workflows/.gitea/workflows/ci-docker.yml@main uses: https://git.tainton.uk/repos/docker-dnsmasq/.gitea/workflows/ci.yml@main
with:
python-version: 3.13
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
create_release: create_release:
name: Create Release name: Create Release

6
sonar-project.properties
View File

@@ -1,7 +1,5 @@
sonar.organization=luketainton sonar.projectKey=docker-dnsmasq
sonar.projectKey=luketainton_docker-dnsmasq
sonar.projectName=docker-dnsmasq sonar.projectName=docker-dnsmasq
sonar.projectVersion=1.0
sonar.docker.hadolint.reportPaths=hadolint.out sonar.docker.hadolint.reportPaths=hadolint.out
sonar.sources=Dockerfile sonar.sources=Dockerfile
sonar.exclusions=,.github/**,.gitignore,CODEOWNERS,CHANGELOG.md,LICENSE.md,README.md,renovate.json sonar.exclusions=.archive/**,.gitea/**,config/**,.gitignore,README.md,renovate.json,docker-compose.yml