From 28636b6d5ff4cf60d362249badcfe58fe10a4c15 Mon Sep 17 00:00:00 2001 From: mohammed Usman Date: Fri, 22 Sep 2023 00:13:53 +0530 Subject: [PATCH 1/5] added sonarcloud pipelines and adjusted tox command --- .github/workflows/backend-ci.yaml | 22 +++++++++++++++++++ .github/workflows/vcs-scanner-ci.yaml | 22 +++++++++++++++++++ .github/workflows/vcs-scraper-ci.yaml | 22 +++++++++++++++++++ components/resc-backend/test-requirements.txt | 1 + components/resc-backend/tox.ini | 11 ++++++++-- .../resc-vcs-scanner/test-requirements.txt | 3 ++- components/resc-vcs-scanner/tox.ini | 9 +++++++- .../resc-vcs-scraper/test-requirements.txt | 1 + components/resc-vcs-scraper/tox.ini | 9 +++++++- 9 files changed, 95 insertions(+), 5 deletions(-) diff --git a/.github/workflows/backend-ci.yaml b/.github/workflows/backend-ci.yaml index cedb6fb6..7f896a50 100644 --- a/.github/workflows/backend-ci.yaml +++ b/.github/workflows/backend-ci.yaml @@ -64,6 +64,28 @@ jobs: cd ${{ env.RESC_BACKEND_DIR }} tox -e lint + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: ${{ env.RESC_BACKEND_DIR }} + args: > + -Dsonar.organization=abnamro-resc + -Dsonar.projectKey=abnamro-resc_resc-backend + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.sourceEncoding=UTF-8 + -Dsonar.projectName=resc-backend + -Dsonar.groupid=resc + -Dsonar.sources=src/ + -Dsonar.inclusions=**/*.py + -Dsonar.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.tests=tests/ + -Dsonar.cpd.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.coverage.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.pdf.skip=true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.__SONAR_TOKEN_BACKEND__ }} + - name: Get Branch Name id: extract_branch run: | diff --git a/.github/workflows/vcs-scanner-ci.yaml b/.github/workflows/vcs-scanner-ci.yaml index e92843bf..2d71b543 100644 --- a/.github/workflows/vcs-scanner-ci.yaml +++ b/.github/workflows/vcs-scanner-ci.yaml @@ -65,6 +65,28 @@ jobs: cd ${{ env.RESC_VCS_SCANNER_DIR }} tox -e lint + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: ${{ env.RESC_VCS_SCANNER_DIR }} + args: > + -Dsonar.organization=abnamro-resc + -Dsonar.projectKey=abnamro-resc_resc-vcs-scanner + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.sourceEncoding=UTF-8 + -Dsonar.projectName=resc-vcs-scanner + -Dsonar.groupid=resc + -Dsonar.sources=src/ + -Dsonar.inclusions=**/*.py + -Dsonar.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.tests=tests/ + -Dsonar.cpd.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.coverage.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.pdf.skip=true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.__SONAR_TOKEN_BACKEND__ }} + - name: Get Branch Name id: extract_branch run: | diff --git a/.github/workflows/vcs-scraper-ci.yaml b/.github/workflows/vcs-scraper-ci.yaml index ffc37b09..194a679d 100644 --- a/.github/workflows/vcs-scraper-ci.yaml +++ b/.github/workflows/vcs-scraper-ci.yaml @@ -64,6 +64,28 @@ jobs: cd ${{ env.RESC_VCS_SCRAPER_DIR }} tox -e lint + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: ${{ env.RESC_VCS_SCRAPER_DIR }} + args: > + -Dsonar.organization=abnamro-resc + -Dsonar.projectKey=abnamro-resc_resc-vcs-scraper + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.sourceEncoding=UTF-8 + -Dsonar.projectName=resc-vcs-scraper + -Dsonar.groupid=resc + -Dsonar.sources=src/ + -Dsonar.inclusions=**/*.py + -Dsonar.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.tests=tests/ + -Dsonar.cpd.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.coverage.exclusions=**/*yml,**/*.xml,**/*.txt,**/*.html,**/*.js + -Dsonar.pdf.skip=true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.__SONAR_TOKEN_BACKEND__ }} + - name: Get Branch Name id: extract_branch run: | diff --git a/components/resc-backend/test-requirements.txt b/components/resc-backend/test-requirements.txt index a68c09f8..33e725cf 100644 --- a/components/resc-backend/test-requirements.txt +++ b/components/resc-backend/test-requirements.txt @@ -12,3 +12,4 @@ tox==4.11.1 pylint==2.17.5 pytest-asyncio==0.21.1 httpx==0.24.1 +coverage==7.3.1 diff --git a/components/resc-backend/tox.ini b/components/resc-backend/tox.ini index 4a2541de..70a0352d 100644 --- a/components/resc-backend/tox.ini +++ b/components/resc-backend/tox.ini @@ -21,5 +21,12 @@ skipsdist = true skip_install = true passenv = PIP_CONFIG_FILE commands = pip install -r test-requirements.txt - pip install -e . - pytest -v --cov=src --cov-config=.coveragerc tests + pip install -e . + coverage run -m pytest + coverage report -m + coverage xml --data-file=.coverage + +[coverage:run] +relative_files = True +source = src/ +branch = True diff --git a/components/resc-vcs-scanner/test-requirements.txt b/components/resc-vcs-scanner/test-requirements.txt index 7c7ae59c..8adb7305 100644 --- a/components/resc-vcs-scanner/test-requirements.txt +++ b/components/resc-vcs-scanner/test-requirements.txt @@ -9,4 +9,5 @@ pytest==7.4.1 mock==5.1.0 pytest-cov==4.1.0 tox==4.11.1 -pylint==2.17.5 \ No newline at end of file +pylint==2.17.5 +coverage==7.3.1 \ No newline at end of file diff --git a/components/resc-vcs-scanner/tox.ini b/components/resc-vcs-scanner/tox.ini index 41951104..fa7002bd 100644 --- a/components/resc-vcs-scanner/tox.ini +++ b/components/resc-vcs-scanner/tox.ini @@ -24,4 +24,11 @@ passenv = PIP_CONFIG_FILE commands = pip install -r test-requirements.txt pip install -e ../resc-backend pip install -e . - pytest -v --cov=src --cov-config=.coveragerc tests + coverage run -m pytest + coverage report -m + coverage xml --data-file=.coverage + +[coverage:run] +relative_files = True +source = src/ +branch = True \ No newline at end of file diff --git a/components/resc-vcs-scraper/test-requirements.txt b/components/resc-vcs-scraper/test-requirements.txt index b9fe8d4d..f8b4ecf9 100644 --- a/components/resc-vcs-scraper/test-requirements.txt +++ b/components/resc-vcs-scraper/test-requirements.txt @@ -10,3 +10,4 @@ mock==5.1.0 pytest-cov==4.1.0 tox==4.11.1 pylint==2.17.5 +coverage==7.3.1 diff --git a/components/resc-vcs-scraper/tox.ini b/components/resc-vcs-scraper/tox.ini index 6979f745..d1743cd9 100644 --- a/components/resc-vcs-scraper/tox.ini +++ b/components/resc-vcs-scraper/tox.ini @@ -24,4 +24,11 @@ setenv = PYTHONPATH = {toxinidir}:{toxinidir}/src passenv = PIP_CONFIG_FILE commands = pip install -r test-requirements.txt --quiet pip install -e . - pytest -v --cov=src --cov-config=.coveragerc tests + coverage run -m pytest + coverage report -m + coverage xml --data-file=.coverage + +[coverage:run] +relative_files = True +source = src/ +branch = True From 4dc4839a5e7c27126866c507f9d581295c7b1135 Mon Sep 17 00:00:00 2001 From: mohammed Usman Date: Mon, 25 Sep 2023 22:49:34 +0530 Subject: [PATCH 2/5] updated frontend pipeline with Sonarcloud step --- .github/workflows/frontend-ci.yaml | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/.github/workflows/frontend-ci.yaml b/.github/workflows/frontend-ci.yaml index b002711e..d500d910 100644 --- a/.github/workflows/frontend-ci.yaml +++ b/.github/workflows/frontend-ci.yaml @@ -65,6 +65,44 @@ jobs: cd ${{ env.RESC_FRONTEND_DIR }} npx auditjs@latest ossi -q || true + - name: Running Jest and Coverage + run: | + cd ${{ env.RESC_FRONTEND_DIR }} + yarn jest --coverage || true + npm install jest-sonar-reporter --save-dev + + ## Removing the dir paths and making them relative paths. + - name: Fix coverage report + run: | + cd ${{ env.RESC_FRONTEND_DIR }} + sed -i "s+/home/runner/work/repository-scanner/repository-scanner/components/resc-frontend/++g" tests/unit/reports/coverage/lcov.info + cat tests/unit/reports/coverage/lcov.info + + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@master + with: + projectBaseDir: ${{ env.RESC_FRONTEND_DIR }} + args: > + -Dsonar.organization=abnamro-resc + -Dsonar.projectKey=abnamro-resc_resc-frontend + -Dsonar.sourceEncoding=UTF-8 + -Dsonar.projectName=resc-frontend + -Dsonar.groupid=resc + -Dsonar.sources=src/ + -Dsonar.inclusions=**/* + -Dsonar.exclusions=**/__mocks__/* + -Dsonar.tests=tests/ + -Dsonar.cpd.exclusions=**/*.example.js,**/*.spec.js,**/*.?spec.js + -Dsonar.coverage.exclusions=**/*.html,**/*.json,**/*.spec.js,**/*.?spec.js,**/main.*,**/i18n.js,**/router/index.js,**/configuration/*.js + -Dsonar.javascript.jstest.reportsPath=tests/unit/reports/coverage + -Dsonar.javascript.lcov.reportPaths=tests/unit/reports/coverage/lcov.info + -Dsonar.pdf.skip=true + -Dsonar.branch.target=* + -Dsonar.branch.name=* + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.__SONAR_TOKEN_BACKEND__ }} + - id: getversion name: Get package version run: | From 6dcb3105669a21990fce65a3cd20ddec4fdfee53 Mon Sep 17 00:00:00 2001 From: mohammed Usman Date: Tue, 26 Sep 2023 13:04:09 +0530 Subject: [PATCH 3/5] added Sonarcloud badge to all the readme files --- README.md | 3 +++ components/resc-backend/README.md | 3 +++ components/resc-frontend/README.md | 3 +++ components/resc-vcs-scanner/README.md | 3 +++ components/resc-vcs-scraper/README.md | 3 +++ 5 files changed, 15 insertions(+) diff --git a/README.md b/README.md index 0ca835b9..f5f9d460 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,9 @@ + + + diff --git a/components/resc-backend/README.md b/components/resc-backend/README.md index f44a5b1d..9974a234 100644 --- a/components/resc-backend/README.md +++ b/components/resc-backend/README.md @@ -3,6 +3,9 @@ + + + diff --git a/components/resc-frontend/README.md b/components/resc-frontend/README.md index 63040a2b..1402dd9d 100644 --- a/components/resc-frontend/README.md +++ b/components/resc-frontend/README.md @@ -3,6 +3,9 @@ + + + diff --git a/components/resc-vcs-scanner/README.md b/components/resc-vcs-scanner/README.md index 6e753e34..2128878c 100644 --- a/components/resc-vcs-scanner/README.md +++ b/components/resc-vcs-scanner/README.md @@ -3,6 +3,9 @@ + + + diff --git a/components/resc-vcs-scraper/README.md b/components/resc-vcs-scraper/README.md index c0a83d37..5a1fec0f 100644 --- a/components/resc-vcs-scraper/README.md +++ b/components/resc-vcs-scraper/README.md @@ -3,6 +3,9 @@ + + + From 9ad4839227fadc4e8c36f3a2ee0366363d7d6281 Mon Sep 17 00:00:00 2001 From: mohammed Usman Date: Tue, 26 Sep 2023 13:10:07 +0530 Subject: [PATCH 4/5] adjusted Sonarcloud badge to all the readme files --- components/resc-backend/README.md | 2 +- components/resc-frontend/README.md | 2 +- components/resc-vcs-scanner/README.md | 2 +- components/resc-vcs-scraper/README.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/components/resc-backend/README.md b/components/resc-backend/README.md index 9974a234..fa492836 100644 --- a/components/resc-backend/README.md +++ b/components/resc-backend/README.md @@ -1,7 +1,7 @@ # Repository Scanner Backend (RESC-Backend)

- + diff --git a/components/resc-frontend/README.md b/components/resc-frontend/README.md index 1402dd9d..5766ed50 100644 --- a/components/resc-frontend/README.md +++ b/components/resc-frontend/README.md @@ -1,7 +1,7 @@ # Repository Scanner Frontend (RESC-Frontend)

- + diff --git a/components/resc-vcs-scanner/README.md b/components/resc-vcs-scanner/README.md index 2128878c..7b45f5fd 100644 --- a/components/resc-vcs-scanner/README.md +++ b/components/resc-vcs-scanner/README.md @@ -1,7 +1,7 @@ # Repository Scanner Version Control System Scanner (RESC-VCS-SCANNER)

- + diff --git a/components/resc-vcs-scraper/README.md b/components/resc-vcs-scraper/README.md index 5a1fec0f..69a53c09 100644 --- a/components/resc-vcs-scraper/README.md +++ b/components/resc-vcs-scraper/README.md @@ -1,7 +1,7 @@ # Repository Scanner Version Control System Scraper (RESC-VCS-SCRAPER)

- + From c07d3126c5149c9c49576a40d5fbe522bdae0ff3 Mon Sep 17 00:00:00 2001 From: mohammed Usman Date: Thu, 28 Sep 2023 13:44:57 +0530 Subject: [PATCH 5/5] fix for the low security issue from sonarcloud-noopener --- .../src/components/RulePack/RulePackUploadModal.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/resc-frontend/src/components/RulePack/RulePackUploadModal.vue b/components/resc-frontend/src/components/RulePack/RulePackUploadModal.vue index a936db1a..a05cd079 100644 --- a/components/resc-frontend/src/components/RulePack/RulePackUploadModal.vue +++ b/components/resc-frontend/src/components/RulePack/RulePackUploadModal.vue @@ -28,7 +28,7 @@
- semver + semver Example: 1.0.0