From e787fb359e5d74f2398814159acd0fc0a0d0af72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:08:11 +0700 Subject: [PATCH 1/6] chore(testing): Switch coverage reporting from Codecov to SonarCloud Replace Codecov integrations with SonarCloud for coverage reporting and static code analysis. Add `sonar-project.properties` to configure SonarCloud reporting paths. Update GitHub Actions workflow to execute SonarCloud scans, removing Codecov steps. --- .github/workflows/tests.yml | 16 +++++----------- .gitignore | 3 ++- README.md | 1 - package.json | 3 ++- sonar-project.properties | 5 +++++ vitest.config.ts | 7 ++----- 6 files changed, 16 insertions(+), 19 deletions(-) create mode 100644 sonar-project.properties diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 9725da1..4a3949b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -87,17 +87,11 @@ jobs: env: GOOGLE_SAFE_BROWSING_API_KEY: ${{ secrets.GOOGLE_SAFE_BROWSING_API_KEY }} TEST_ANALYTICS: 1 - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a - if: ${{ github.actor != 'renovate[bot]' }} - with: - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload test results to Codecov - if: ${{ github.actor != 'renovate[bot]' && !cancelled() }} - uses: codecov/test-results-action@6515afe67c25cf11657e6eb2dd44cc0b032c8883 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: 'coverage/junit.xml' + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 + env: + SONAR_TOKEN: ${{ secrets. SONARCLOUD_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} deno: name: Deno needs: lints diff --git a/.gitignore b/.gitignore index 73fa44b..39f7c01 100644 --- a/.gitignore +++ b/.gitignore @@ -10,5 +10,6 @@ node_modules/ # environment variables .env* -# testing +# reports coverage +lints diff --git a/README.md b/README.md index 04f816a..b3c6339 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ # google-safe-browsing [![JSR](https://jsr.io/badges/@hckhanh/google-safe-browsing)](https://jsr.io/@hckhanh/google-safe-browsing) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=hckhanh_google-safe-browsing&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=hckhanh_google-safe-browsing) -[![codecov](https://codecov.io/gh/hckhanh/google-safe-browsing/graph/badge.svg?token=OTWNSODDXK)](https://codecov.io/gh/hckhanh/google-safe-browsing) A JavaScript client for [Google Safe Browsing](https://safebrowsing.google.com) [API](https://developers.google.com/safe-browsing) diff --git a/package.json b/package.json index d82cdba..4a2b2d8 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,8 @@ "scripts": { "test": "vitest related src/*.ts", "test:prettier": "prettier --check .", - "test:types": "deno check src/index.ts" + "test:types": "deno check src/index.ts", + "test:eslint": "eslint . -f json -o lints/eslint-report.json" }, "author": { "name": "Khánh Hoàng", diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..ca1da9c --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,5 @@ +sonar.projectKey=hckhanh_google-safe-browsing +sonar.organization=hckhanh + +sonar.javascript.lcov.reportPaths=./coverage/lcov.info +sonar.eslint.reportPaths=./lints/eslint-report.json diff --git a/vitest.config.ts b/vitest.config.ts index 0495fcd..7ddb2e7 100644 --- a/vitest.config.ts +++ b/vitest.config.ts @@ -14,13 +14,10 @@ export default defineConfig({ '*.config.js', ...coverageConfigDefaults.exclude, ], - reporter: process.env.CI ? ['clover'] : coverageConfigDefaults.reporter, + reporter: process.env.CI ? ['lcovonly'] : coverageConfigDefaults.reporter, }, reporters: process.env.CI - ? process.env.TEST_ANALYTICS - ? ['junit', 'dot', 'github-actions'] - : ['dot', 'github-actions'] + ? ['dot', 'github-actions'] : configDefaults.reporters, - outputFile: 'coverage/junit.xml', }, }) From 3889394c6aa4679f2d0aa39f77c39aec30ad2c62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:10:19 +0700 Subject: [PATCH 2/6] Add ESLint step to GitHub Actions This commit introduces a new step to run ESLint checks in the GitHub Actions workflow. Running ESLint ensures code quality by identifying and fixing problems in the JavaScript codebase before tests and scans are executed. --- .github/workflows/tests.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 4a3949b..a9ace3b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -86,7 +86,8 @@ jobs: run: pnpm test -- --coverage.enabled env: GOOGLE_SAFE_BROWSING_API_KEY: ${{ secrets.GOOGLE_SAFE_BROWSING_API_KEY }} - TEST_ANALYTICS: 1 + - name: Run ESLint + run: pnpm test:eslint - name: SonarCloud Scan uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 env: From 6e9a23643dd2ea1dda67aa7ef62d34e2f7ecf6a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:12:17 +0700 Subject: [PATCH 3/6] Fix SonarCloud token reference in GitHub Actions. Corrected the token environment variable name from 'SONARCLOUD_TOKEN' to 'SONAR_TOKEN' to ensure proper authentication for the SonarCloud Scan step. This change addresses an issue with the token assignment, enabling successful scanning in the CI workflow. --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a9ace3b..99d7f56 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -91,7 +91,7 @@ jobs: - name: SonarCloud Scan uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 env: - SONAR_TOKEN: ${{ secrets. SONARCLOUD_TOKEN }} + SONAR_TOKEN: ${{ secrets. SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} deno: name: Deno From 28c54154a8bf38e5bd8c735e1501a50ffc01c353 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:13:20 +0700 Subject: [PATCH 4/6] Rename 'coverage' job to 'analytics' in CI workflow The job previously named 'coverage' has been renamed to 'analytics' for clearer representation of its function in the CI workflow. This change aims to better align the job's name with its role in processing and reporting data. No functional changes to the workflow steps are involved. --- .github/workflows/tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 99d7f56..42ff1d7 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -67,8 +67,8 @@ jobs: run: pnpm test -- --environment=edge-runtime env: GOOGLE_SAFE_BROWSING_API_KEY: ${{ secrets.GOOGLE_SAFE_BROWSING_API_KEY }} - coverage: - name: Coverage + analytics: + name: Analytics needs: [node, edge] runs-on: ubuntu-latest steps: From 4feaf9f434e93eaf6df5e5dc1a3f11c78a82cdb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:16:59 +0700 Subject: [PATCH 5/6] Disable shadow clone This change modifies the checkout step to include a fetch-depth of 0, ensuring that the full commit history is available for the workflow. This adjustment is necessary for operations that require access to complete commit data, such as calculating versioning information or generating changelogs. --- .github/workflows/tests.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 42ff1d7..85e0af0 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -73,6 +73,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Setup pnpm uses: pnpm/action-setup@ac5bf11548bf5e19b8aadb8182072616590fa4a6 - name: Set up Node.js From 17cb9997cd84ec93a131f44d4e3c1a0cf3768740 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kh=C3=A1nh=20Ho=C3=A0ng?= Date: Mon, 2 Dec 2024 13:21:47 +0700 Subject: [PATCH 6/6] Simplify file path references in Sonar properties Removed unnecessary "./" prefix from file path configurations in sonar-project.properties. This change streamlines path references and ensures consistency across project settings. --- sonar-project.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sonar-project.properties b/sonar-project.properties index ca1da9c..1ed0f3b 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,5 +1,5 @@ sonar.projectKey=hckhanh_google-safe-browsing sonar.organization=hckhanh -sonar.javascript.lcov.reportPaths=./coverage/lcov.info -sonar.eslint.reportPaths=./lints/eslint-report.json +sonar.javascript.lcov.reportPaths=coverage/lcov.info +sonar.eslint.reportPaths=lints/eslint-report.json