diff --git a/.github/workflows/sonar-scan-for-channel-integrations.yml b/.github/workflows/sonar-scan-for-channel-integrations.yml new file mode 100644 index 0000000..592508f --- /dev/null +++ b/.github/workflows/sonar-scan-for-channel-integrations.yml @@ -0,0 +1,204 @@ +name: PHP Unit with Sonar Qube For Channel Integrations Repository + +on: + workflow_call: + secrets: + COMPOSER_TOKEN: + required: false + description: 'composer token' + SONAR_TOKEN: + required: true + description: 'SonarQube token' + inputs: + SONAR_HOST_URL: + required: false + type: string + description: 'SonaQube host URL' + default: 'https://sonar.nice.com' + PHP_VERSION: + required: false + type: string + description: 'PHP version' + default: '8.1' + PHP_EXTENSIONS: + required: false + type: string + description: 'A list of PHP extensions to install' + default: 'mbstring,sockets,xdebug' + PHP_INI_VALUES: + required: false + type: string + description: 'PHP ini values' + default: '' + COPY_CONFIGURATION_FILES: + required: false + type: string + description: 'Configuration files to copy before running the phpunit' + default: '' + SERVICES: + required: false + type: string + description: 'A list of services, currently available: mysql' + default: '' + MYSQL_DATABASE: + required: false + type: string + description: 'Mysql database name' + default: 'db' + MYSQL_USER: + required: false + type: string + description: 'Mysql user' + default: 'app' + MYSQL_PASSWORD: + required: false + type: string + description: 'Mysql password' + # Not a secret + default: '123' + MYSQL_ROOT_PASSWORD: + required: false + type: string + description: 'Mysql root password' + # Not a secret + default: '123' + RUNS_ON: + required: false + type: string + description: 'Runs on' + default: 'ubuntu-latest' + GITHUB_ACTIONS_REPOSITORY_REF: + required: false + type: string + description: 'Which version of BrandEmbassy/github-actions repository to checkout' + default: 'master' + +jobs: + phpunit-with-sonar-qube: + name: PHP Unit with Sonar Qube + runs-on: ${{ inputs.RUNS_ON }} + services: + mysql: + image: mysql:8.0 + env: + MYSQL_DATABASE: channels_integration_sdk + MYSQL_USER: dbuser + MYSQL_PASSWORD: 123 + MYSQL_ROOT_PASSWORD: root + ports: + - 3306:3306 + be_redis6381: + image: redis:3 + ports: + - 6379:6379 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + ini-values: ${{ inputs.PHP_INI_VALUES }} + php-version: ${{ inputs.PHP_VERSION }} + extensions: ${{ inputs.PHP_EXTENSIONS }} + + - name: Get composer cache directory + id: composer-cache + run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + + - name: Cache composer dependencies + uses: actions/cache@v4 + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: ${{ runner.os }}-composer- + + - name: Configure composer token + if: env.COMPOSER_TOKEN != '' + env: + COMPOSER_TOKEN: ${{ secrets.COMPOSER_TOKEN }} + run: composer config github-oauth.github.com ${{ secrets.COMPOSER_TOKEN }} + + - name: Install dependencies + run: composer install --no-progress --prefer-dist --optimize-autoloader + + - name: Copy configuration files + if: env.COPY_CONFIGURATION_FILES != '' + env: + COPY_CONFIGURATION_FILES: ${{ inputs.COPY_CONFIGURATION_FILES }} + run: | + IFS=' ' read -ra ADDR <<< "$COPY_CONFIGURATION_FILES" + for file in "${ADDR[@]}"; do + IFS=':' read -r src dest <<< "$file" + echo "Copying $src to $dest" + mkdir -p "$(dirname "$dest")" && cp "$src" "$dest" + done + + - name: Build list of desired docker-compose files + if: env.SERVICES != '' + env: + SERVICES: ${{ inputs.SERVICES }} + run: | + # Initialize an empty string to accumulate our docker-compose file paths + SERVICES_TO_RUN="" + + # Split the SERVICES string into an array based on commas + IFS=',' read -ra ADDR <<< "$SERVICES" + + # Loop through the array, trim whitespace, and append the specific docker-compose file path to SERVICES_TO_RUN + for SERVICE in "${ADDR[@]}"; do + SERVICE=$(echo "$SERVICE" | xargs) # Trim whitespace + SERVICES_TO_RUN+=".shared-github-actions/docker/docker-compose.$SERVICE.yaml " + done + + # Use GHA commands to set SERVICES_TO_RUN as an output variable + echo "SERVICES_TO_RUN=$SERVICES_TO_RUN" >> $GITHUB_ENV + + # Print the content of SERVICES_TO_RUN to the log + echo "Docker Compose files to run: $SERVICES_TO_RUN" + + - name: Checkout the github-actions repository with shared files + if: env.SERVICES_TO_RUN != '' + env: + GITHUB_ACTIONS_REPOSITORY_REF: ${{ inputs.GITHUB_ACTIONS_REPOSITORY_REF }} + uses: actions/checkout@v4 + with: + repository: 'BrandEmbassy/github-actions' + path: '.shared-github-actions' + ref: ${{ env.GITHUB_ACTIONS_REPOSITORY_REF }} + sparse-checkout: | + docker + + - name: Docker compose + if: env.SERVICES_TO_RUN != '' + env: + MYSQL_DATABASE: ${{ inputs.MYSQL_DATABASE }} + MYSQL_USER: ${{ inputs.MYSQL_USER }} + MYSQL_PASSWORD: ${{ inputs.MYSQL_PASSWORD }} + MYSQL_ROOT_PASSWORD: ${{ inputs.MYSQL_ROOT_PASSWORD }} + uses: hoverkraft-tech/compose-action@v1.5.1 + with: + compose-file: ${{ env.SERVICES_TO_RUN }} + up-flags: "--wait" + + - name: Init channel integrations config + run: bin/local-configs.sh + + - name: Create sample version file + run: cp .version.example .version + + - name: Add hostnames for service containers + run: echo "127.0.0.1 mysql be_redis6381" | sudo tee -a /etc/hosts + + - name: Run SDK migrations + run: CHANNEL_IDENT=console bin/run.php migrations:migrate --no-interaction + + - name: Run phpunit with code coverage + run: composer phpunit-cc + + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ inputs.SONAR_HOST_URL }}