Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(testing): Configure SonarQube to include TypeScript test files #36

Merged
merged 6 commits into from
Dec 2, 2024

Conversation

hckhanh
Copy link
Owner

@hckhanh hckhanh commented Dec 2, 2024

Added a configuration to include TypeScript test files located in the src directory for SonarQube analysis. This change helps in capturing and analyzing test-specific metrics to enhance code quality assessments.

Summary by Sourcery

CI:

  • Configure SonarQube to include TypeScript test files located in the src directory for analysis.

Added a configuration to include TypeScript test files located in the `src` directory for SonarQube analysis. This change helps in capturing and analyzing test-specific metrics to enhance code quality assessments.
Remove the standalone sonar-project.properties file and incorporate its configuration directly into the GitHub Actions workflow. This change centralizes the SonarCloud configuration, streamlining the maintenance and execution process within the CI/CD pipeline.
@hckhanh hckhanh self-assigned this Dec 2, 2024
Copy link

sourcery-ai bot commented Dec 2, 2024

Reviewer's Guide by Sourcery

The changes configure SonarQube to analyze TypeScript test files by adding specific configuration parameters to the GitHub Actions workflow and removing the standalone sonar-project.properties file. The configuration is now centralized in the workflow file with explicit settings for test file inclusion and various report paths.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change Details Files
Migrated SonarQube configuration from properties file to GitHub Actions workflow
  • Added project key and organization configuration
  • Specified source directory configuration
  • Configured JavaScript coverage report path
  • Added ESLint report path configuration
  • Added test file inclusion pattern for TypeScript test files
  • Removed standalone sonar-project.properties file
.github/workflows/tests.yml
sonar-project.properties

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @hckhanh - I've reviewed your changes - here's some feedback:

Overall Comments:

  • Consider keeping the sonar-project.properties file alongside the workflow configuration to support local SonarQube analysis and serve as documentation. The workflow can either reference the properties file or override specific values as needed.
Here's what I looked at during the review
  • 🟢 General issues: all looks good
  • 🟡 Security: 1 issue found
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@@ -92,6 +92,14 @@ jobs:
run: pnpm test:eslint
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 suggestion (security): Consider using a major version tag instead of a commit hash for the SonarCloud action

Using a major version tag (e.g., '@v1') ensures you get security updates while maintaining compatibility. Commit hashes make updates more manual and might miss important fixes.

Suggested change
uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838
uses: SonarSource/sonarcloud-github-action@v1

Modified the ESLint run command to process the report by removing the workspace path prefix in the 'eslint-report.json'. This change ensures that file paths in the report are relative, thus simplifying file path management and making reports easier to manage and interpret.
This change modifies the path replacement in the ESLint report generation step to use '/github/workspace/' instead of removing the GitHub workspace path prefix. This ensures that paths in the ESLint report correctly reflect the directory structure used during the GitHub Action's execution. It aims to improve the accuracy and usefulness of the ESLint reports in CI workflows.
Introduce a new `sonar-project.properties` file to configure SonarCloud integration for the project. This change centralizes the SonarCloud settings and removes redundant command-line parameters from the GitHub Actions workflow. Additionally, it fixes the ESLint report path in CI by stripping the workspace prefix.
Reordered the paths for JavaScript and ESLint reports in sonar-project.properties to enhance readability and maintain consistency. Updated the ESLint command in package.json to specify the src/ directory, ensuring linting is applied only to source files.
Copy link

sonarqubecloud bot commented Dec 2, 2024

@hckhanh hckhanh merged commit d58b49d into main Dec 2, 2024
11 checks passed
@hckhanh hckhanh deleted the sonarcloud-configs branch December 2, 2024 08:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant