49 lines
2.2 KiB
YAML
49 lines
2.2 KiB
YAML
name: SonarQube Code Quality Scan
|
||
on:
|
||
push:
|
||
branches: [ main, develop ]
|
||
pull_request:
|
||
branches: [ main ]
|
||
jobs:
|
||
scan:
|
||
runs-on: windowsx64 # 与你的Runner标签完全一致(已确认匹配)
|
||
steps:
|
||
# 步骤1:手动拉取Gitea仓库代码(无GitHub依赖)
|
||
- name: Checkout Code (Gitea Direct)
|
||
run: |
|
||
git clone https://git.we965.cn/learning/VectorDBDemo.git .
|
||
git fetch --depth=0 # 拉取完整历史,SonarQube必需
|
||
git checkout ${{ github.ref_name }} # 切换到触发事件的分支
|
||
|
||
# 步骤2:配置Sonar Scanner路径(已替换为你的实际路径)
|
||
- name: Add Sonar Scanner to PATH
|
||
run: |
|
||
$scannerPath = "D:\Paths\sonar-scanner-cli\bin" # 你的Scanner bin目录(无需修改)
|
||
echo "$scannerPath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8
|
||
|
||
# 步骤3:验证本地.NET SDK(替代GitHub的setup-dotnet,无网络依赖)
|
||
- name: Verify .NET SDK (Local)
|
||
run: |
|
||
# 查看本地已安装的.NET SDK版本(确保包含6.0.x)
|
||
dotnet --list-sdks
|
||
# 验证dotnet命令可用
|
||
dotnet --version
|
||
|
||
# 步骤4:编译C#项目(Release模式)
|
||
- name: Build .NET Project
|
||
run: |
|
||
dotnet restore # 还原依赖包(本地SDK直接执行,无需下载)
|
||
dotnet build --configuration Release # 生成SonarQube所需的二进制文件
|
||
|
||
# 步骤5:执行SonarQube扫描(修复重复执行问题,仅运行一次)
|
||
- name: Run SonarQube Scan
|
||
run: |
|
||
sonar-scanner `
|
||
-Dsonar.projectKey=sqp_4bae541a7a6ccfd4ebae43150ce5b8b5c1c34c50 ` # 你的SonarQube项目密钥
|
||
-Dsonar.sources=./ ` # 代码根目录
|
||
-Dsonar.host.url=http://127.0.0.1:9000 ` # SonarQube本地地址
|
||
-Dsonar.login=${{ secrets.SONAR_TOKEN }} ` # 引用Gitea Secrets令牌
|
||
-Dsonar.language=csharp ` # 强制指定C#语言
|
||
-Dsonar.dotnet.build.directory=./**/bin/Release ` # 编译输出目录
|
||
-Dsonar.exclusions=**/obj/**,**/bin/Debug/** ` # 排除冗余目录
|
||
-Dsonar.coverage.exclusions=**/Test/**,**/*.Tests.cs # 排除测试代码 |