Files
VectorDBDemo/.gitea/workflows/sonar-scan.yml
ShaoHua e8b921833f
Some checks failed
SonarQube Code Quality Scan / scan (push) Failing after 12s
fix workflow: remove github dependency + duplicate scan
2025-12-02 04:33:48 +08:00

49 lines
2.2 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: SonarQube Code Quality Scan
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
jobs:
scan:
runs-on: windowsx64 # 与你的Runner标签完全一致已确认匹配
steps:
# 步骤1手动拉取Gitea仓库代码无GitHub依赖
- name: Checkout Code (Gitea Direct)
run: |
git clone https://git.we965.cn/learning/VectorDBDemo.git .
git fetch --depth=0 # 拉取完整历史SonarQube必需
git checkout ${{ github.ref_name }} # 切换到触发事件的分支
# 步骤2配置Sonar Scanner路径已替换为你的实际路径
- name: Add Sonar Scanner to PATH
run: |
$scannerPath = "D:\Paths\sonar-scanner-cli\bin" # 你的Scanner bin目录无需修改
echo "$scannerPath" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8
# 步骤3验证本地.NET SDK替代GitHub的setup-dotnet无网络依赖
- name: Verify .NET SDK (Local)
run: |
# 查看本地已安装的.NET SDK版本确保包含6.0.x
dotnet --list-sdks
# 验证dotnet命令可用
dotnet --version
# 步骤4编译C#项目Release模式
- name: Build .NET Project
run: |
dotnet restore # 还原依赖包本地SDK直接执行无需下载
dotnet build --configuration Release # 生成SonarQube所需的二进制文件
# 步骤5执行SonarQube扫描修复重复执行问题仅运行一次
- name: Run SonarQube Scan
run: |
sonar-scanner `
-Dsonar.projectKey=sqp_4bae541a7a6ccfd4ebae43150ce5b8b5c1c34c50 ` # 你的SonarQube项目密钥
-Dsonar.sources=./ ` # 代码根目录
-Dsonar.host.url=http://127.0.0.1:9000 ` # SonarQube本地地址
-Dsonar.login=${{ secrets.SONAR_TOKEN }} ` # 引用Gitea Secrets令牌
-Dsonar.language=csharp ` # 强制指定C#语言
-Dsonar.dotnet.build.directory=./**/bin/Release ` # 编译输出目录
-Dsonar.exclusions=**/obj/**,**/bin/Debug/** ` # 排除冗余目录
-Dsonar.coverage.exclusions=**/Test/**,**/*.Tests.cs # 排除测试代码