cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-01-30 08:23:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

SQSCANGHA-115 Migrate sanity checks

Browse Source
This commit is contained in:
Jeremy Davis
2025-09-08 12:20:35 +02:00
committed by Julien HENRY
parent 9db61695c9
commit 6a808e9a20
12 changed files with 27704 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/__tests__/mocks.js Normal file
View File

@@ -0,0 +1,7 @@
export function mockCore(overrides = {}) {
return {
setFailed: (msg) => console.error(msg),
warning: (msg) => console.log(msg),
...overrides,
};
}

193
src/__tests__/sanity-checks.test.js Normal file
View File

@@ -0,0 +1,193 @@
import mockfs from "mock-fs";
import assert from "node:assert/strict";
import { describe, it, mock } from "node:test";
import {
checkGradleProject,
checkMavenProject,
checkSonarToken,
validateScannerVersion,
} from "../sanity-checks.js";
import { mockCore } from "./mocks.js";
describe("validateScannerVersion", () => {
const expected =
"Invalid scannerVersion format. Expected format: x.y.z.w (e.g., 7.1.0.4889)";
const validVersions = [undefined, "", "7.1.0.4889", "1.2.3.4"];
const invalidVersions = [
"wrong",
"4.2.",
"7.1.0",
"7.1.0.abc",
"7.1.0.4889.5",
"7.1",
"7",
"7.1.0.",
".7.1.0.4889",
"7..1.0.4889",
"7.1..0.4889",
"7.1.0..4889",
"a.b.c.d",
"7.1.0.4889-SNAPSHOT",
"v7.1.0.4889",
"7.1.0.4889.0.0",
"-7.1.0.4889",
"7.-1.0.4889",
"7.1.-0.4889",
"7.1.0.-4889",
"7.1.0.4889 ",
" 7.1.0.4889",
"7.1.0.4889\n",
"7,1,0,4889",
];
validVersions.forEach((version) => {
it(`accepts ${version}`, () => {
assert.equal(validateScannerVersion(version), undefined);
});
});
invalidVersions.forEach((version) =>
it(`throws for ${version}`, () => {
assert.throws(
() => validateScannerVersion(version),
{
message: expected,
},
`should have thrown for ${version}`
);
})
);
});
describe("checkSonarToken", () => {
it("calls core.warning when SONAR_TOKEN is not set", () => {
const originalToken = process.env.SONAR_TOKEN;
delete process.env.SONAR_TOKEN;
const warning = mock.fn();
checkSonarToken(mockCore({ warning }));
assert.equal(warning.mock.calls.length, 1);
assert.equal(
warning.mock.calls[0].arguments[0],
"Running this GitHub Action without SONAR_TOKEN is not recommended"
);
if (originalToken) {
process.env.SONAR_TOKEN = originalToken;
}
});
it("does not call core.warning when SONAR_TOKEN is set", () => {
const originalToken = process.env.SONAR_TOKEN;
process.env.SONAR_TOKEN = "test-token";
const warning = mock.fn();
checkSonarToken(mockCore({ warning }));
assert.equal(warning.mock.calls.length, 0);
if (originalToken) {
process.env.SONAR_TOKEN = originalToken;
} else {
delete process.env.SONAR_TOKEN;
}
});
});
describe("checkMavenProject", () => {
it("calls core.warning when pom.xml exists", async () => {
mockfs({ "/test/project/": { "pom.xml": "" } });
const warning = mock.fn();
checkMavenProject({ warning }, "/test/project");
assert.equal(warning.mock.calls.length, 1);
assert.equal(
warning.mock.calls[0].arguments[0],
"Maven project detected. Sonar recommends running the 'org.sonarsource.scanner.maven:sonar-maven-plugin:sonar' goal during the build process instead of using this GitHub Action to get more accurate results."
);
mockfs.restore();
});
it("does not call core.warning when pom.xml does not exist", async () => {
mockfs({ "/test/project/": {} });
const warning = mock.fn();
checkMavenProject(mockCore({ warning }), "/test/project");
assert.equal(warning.mock.calls.length, 0);
mockfs.restore();
});
it("handles project base dir with trailing slash", async () => {
mockfs({ "/test/project/": { "pom.xml": "" } });
const warning = mock.fn();
checkMavenProject(mockCore({ warning }), "/test/project/");
assert.equal(warning.mock.calls.length, 1);
mockfs.restore();
});
});
describe("checkGradleProject", () => {
it("calls core.warning when build.gradle exists", async () => {
mockfs({ "/test/project/": { "build.gradle": "" } });
const warning = mock.fn();
checkGradleProject(mockCore({ warning }), "/test/project");
assert.equal(warning.mock.calls.length, 1);
assert.equal(
warning.mock.calls[0].arguments[0],
"Gradle project detected. Sonar recommends using the SonarQube plugin for Gradle during the build process instead of using this GitHub Action to get more accurate results."
);
mockfs.restore();
});
it("calls core.warning when build.gradle.kts exists", async () => {
mockfs({ "/test/project/": { "build.gradle.kts": "" } });
const warning = mock.fn();
checkGradleProject(mockCore({ warning }), "/test/project");
assert.equal(warning.mock.calls.length, 1);
assert.equal(
warning.mock.calls[0].arguments[0],
"Gradle project detected. Sonar recommends using the SonarQube plugin for Gradle during the build process instead of using this GitHub Action to get more accurate results."
);
mockfs.restore();
});
it("does not call core.warning when neither gradle file exists", async () => {
mockfs({ "/test/project/": {} });
const warning = mock.fn();
checkGradleProject(mockCore({ warning }), "/test/project");
assert.equal(warning.mock.calls.length, 0);
mockfs.restore();
});
it("handles project base dir with trailing slash", async () => {
mockfs({ "/test/project/": { "build.gradle": "" } });
const warning = mock.fn();
checkGradleProject(mockCore({ warning }), "/test/project/");
assert.equal(warning.mock.calls.length, 1);
});
});

40
src/index.js
View File

@@ -1 +1,39 @@
console.log("Hi there");
import * as core from "@actions/core";
import {
checkGradleProject,
checkMavenProject,
checkSonarToken,
validateScannerVersion,
} from "./sanity-checks";
function getInputs() {
//FIXME: should not rely on ENV vars
const scannerVersion = process.env.INPUT_SCANNERVERSION; // core.getInput("scannerVersion");
const projectBaseDir = process.env.INPUT_PROJECTBASEDIR; // core.getInput("projectBaseDir") || ".";
console.log("scannerVersion: ", scannerVersion);
return { scannerVersion, projectBaseDir };
}
function runSanityChecks(inputs) {
try {
const { scannerVersion, projectBaseDir } = inputs;
validateScannerVersion(scannerVersion);
checkSonarToken(core);
checkMavenProject(core, projectBaseDir);
checkGradleProject(core, projectBaseDir);
} catch (error) {
core.setFailed(`Sanity checks failed: ${error.message}`);
process.exit(1);
}
}
function run() {
const inputs = getInputs();
runSanityChecks(inputs);
}
run();

44
src/sanity-checks.js Normal file
View File

@@ -0,0 +1,44 @@
import fs from "fs";
import { join } from "path";
export function validateScannerVersion(version) {
if (!version) {
return;
}
const versionRegex = /^\d+\.\d+\.\d+\.\d+$/;
if (!versionRegex.test(version)) {
throw new Error(
"Invalid scannerVersion format. Expected format: x.y.z.w (e.g., 7.1.0.4889)"
);
}
}
export function checkSonarToken(core) {
if (!process.env.SONAR_TOKEN) {
core.warning(
"Running this GitHub Action without SONAR_TOKEN is not recommended"
);
}
}
export function checkMavenProject(core, projectBaseDir) {
const pomPath = join(projectBaseDir.replace(/\/$/, ""), "pom.xml");
if (fs.existsSync(pomPath)) {
core.warning(
"Maven project detected. Sonar recommends running the 'org.sonarsource.scanner.maven:sonar-maven-plugin:sonar' goal during the build process instead of using this GitHub Action to get more accurate results."
);
}
}
export function checkGradleProject(core, projectBaseDir) {
const baseDir = projectBaseDir.replace(/\/$/, "");
const gradlePath = join(baseDir, "build.gradle");
const gradleKtsPath = join(baseDir, "build.gradle.kts");
if (fs.existsSync(gradlePath) || fs.existsSync(gradleKtsPath)) {
core.warning(
"Gradle project detected. Sonar recommends using the SonarQube plugin for Gradle during the build process instead of using this GitHub Action to get more accurate results."
);
}
}