Learning/VectorDBDemo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9b3bf0697e0ecb0b9a8dd1312a48afe63ebdde58
VectorDBDemo/.gitea/workflows/sonar-scan.yml
ShaoHua 9b3bf0697e
Some checks failed
SonarQube Code Quality Scan / scan (push) Failing after 48m10s
Details
fix workflow: remove github dependency + duplicate scan
2025-12-02 23:54:20 +08:00

84 lines
2.8 KiB
YAML
Raw Blame History

name: SonarQube Code Quality Scan
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
scan:
runs-on: windowsx64
steps:
# ============================
# STEP 1: Checkout from Gitea
# ============================
- name: Checkout Code (Gitea Direct)
run: |
git clone https://git.we965.cn/learning/VectorDBDemo.git .
git fetch --depth=0
git checkout ${{ github.ref_name }}
# ============================
# STEP 2: Setup Sonar Scanner
# ============================
- name: Add Sonar Scanner to PATH
run: |
echo "D:\Paths\sonar-scanner-cli\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8
# ============================
# STEP 3: Check .NET SDK
# ============================
- name: Verify .NET SDK (Local)
run: |
dotnet --list-sdks
dotnet --version
- name: Install OWASP Dependency Check
run: |
Invoke-WebRequest -Uri "https://github.com/jeremylong/DependencyCheck/releases/download/v10.0.3/dependency-check-10.0.3-release.zip" -OutFile "dc.zip"
Expand-Archive -Path "dc.zip" -DestinationPath "./dc" -Force
echo "$PWD/dc/dependency-check/bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
- name: Run OWASP Dependency Check
run: |
dependency-check.bat --project "VectorDBDemo" --scan "." --format "XML" --out "./depcheck"
# ============================
# STEP 5: Build .NET
# ============================
- name: Build .NET Project
run: |
dotnet restore
dotnet build --configuration Release
# ============================
# STEP 6: SonarQube Scan
# ============================
- name: SonarQube Full Scan
run: |
dotnet tool install --global dotnet-sonarscanner
dotnet sonarscanner begin `
/k:"vectordbdemo" `
/d:sonar.host.url="http://127.0.0.1:9000" `
/d:sonar.login="${{ secrets.SONAR_TOKEN }}" `
/d:sonar.sources="./" `
/d:sonar.exclusions="**/obj/**,**/bin/**" `
/d:sonar.dependencyCheck.xmlReportPath="depcheck/dependency-check-report.xml"
dotnet build --configuration Release
dotnet sonarscanner end `
/d:sonar.login="${{ secrets.SONAR_TOKEN }}"
# ============================
# STEP 7: Fetch Blocker Issues
# ============================
- name: Fetch SonarQube Blocker Issues
id: fetch_issues
run: |
$projectKey = "vectordbdemo"
$sonarApiUrl = "http://127.0.0.1:9000/api/issues/search?projectKeys=$projectKey&severities=BLOCKER&statuses=OPEN"
$response = Invoke-R
Reference in New Issue View Git Blame Copy Permalink