[GitHub] [incubator-dolphinscheduler] Jave-Chen opened a new issue #1592: [Feature] Analyze project code by sonarcloud

Thu, 26 Dec 2019 05:52:28 -0800 

Jave-Chen opened a new issue #1592: [Feature]   Analyze project code by 
sonarcloud
URL: https://github.com/apache/incubator-dolphinscheduler/issues/1592
 
 
   **Is your feature request related to a problem? Please describe.**
   For the code code quality, I think we can use sonarcloud analyze project 
code.
   
   **Describe the solution you'd like**
   There are 3 steps using github action with sonarcloud:
   1.  Create a new project at sonarcloud. Set up sonarcloud token , project 
key and organization key.
   2.  Set up a Secrets with name "SONAR_TOKEN", and the value is the same as 
step 1.
   3.  Add a github action workflow with code like :
   ```
   name: CI
   on: [push]
   jobs:
     sonarCloudTrigger:
       name: SonarCloud Trigger
       runs-on: ubuntu-latest
       steps:
       - uses: actions/checkout@v1
       - uses: actions/setup-java@v1
         with:
           java-version: 8
       - uses: actions/cache@v1
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-sonarqube
           restore-keys: |
             ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}-sonarqube
             ${{ runner.os }}-maven-
       - name: Maven clean
         run: mvn clean
       - name: Run SonarCloud analyse
         # Change sonar.organization and sonar.projectKey
         run: >
             mvn --batch-mode
             org.jacoco:jacoco-maven-plugin:prepare-agent
             verify
             org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
             -Dsonar.host.url=https://sonarcloud.io
             -Dsonar.inclusions=dolphinscheduler-ui/src/**
             -Dsonar.inclusions=dolphinscheduler-ui/build/**
             -Dsonar.organization=changeAsStep1
             -Dsonar.projectKey=changeAsStep1
             -q
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
   ```
   4. Run workflow, if passed the report will display at sonarcloud.
   
   **Todo**
   This is just analyze java code .The UI directory will not be analyzed.
   Maybe there is a way that add maven plugin to execute npm build, the 
sonarcloud will analyze UI code.
   
   - [ ] analyze UI code.
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to