From 36840c46c17c2e510858bc3487f1fd9d769e8252 Mon Sep 17 00:00:00 2001 From: marcusquinn <6428977+marcusquinn@users.noreply.github.com> Date: Mon, 21 Apr 2025 04:48:12 +0100 Subject: [PATCH] Configure SonarCloud and Codacy with proper settings --- .github/workflows/code-quality.yml | 65 ++++++++++++++++++++++++++++-- sonar-project.properties | 26 ++++++++---- 2 files changed, 79 insertions(+), 12 deletions(-) diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index dca0404..47a610d 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -36,8 +36,65 @@ jobs: composer run phpcbf -- --dry-run continue-on-error: true - # SonarCloud job temporarily removed due to Java version compatibility issues - # Will be re-added in a future PR with proper configuration + sonarcloud: + name: SonarCloud Analysis + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 - # Codacy job temporarily removed due to GitHub Actions compatibility issues - # Will be re-added in a future PR with proper configuration + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: 17 + distribution: 'temurin' + + - name: Cache SonarCloud packages + uses: actions/cache@v3 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + + - name: SonarCloud Scan + uses: SonarSource/sonarcloud-github-action@v2.0.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.projectKey=wpallstars_wp-plugin-starter-template-for-ai-coding + -Dsonar.organization=wpallstars + -Dsonar.sources=. + -Dsonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/** + -Dsonar.sourceEncoding=UTF-8 + continue-on-error: true + + codacy: + name: Codacy Analysis + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Run Codacy Analysis CLI + uses: codacy/codacy-analysis-cli-action@v4.3.0 + with: + project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} + verbose: true + output: results.sarif + format: sarif + # Adjust the below patterns based on your project structure + gh-code-scanning-compat: true + max-allowed-issues: 2147483647 + continue-on-error: true + + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif + continue-on-error: true diff --git a/sonar-project.properties b/sonar-project.properties index e8f0f99..83d64f8 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,17 +1,27 @@ +# Required metadata sonar.projectKey=wpallstars_wp-plugin-starter-template-for-ai-coding sonar.organization=wpallstars - -# This is the name and version displayed in the SonarCloud UI. sonar.projectName=wp-plugin-starter-template-for-ai-coding sonar.projectVersion=0.1.10 -# Path is relative to the sonar-project.properties file +# Path to source directories sonar.sources=. + +# Path to test directories (comment if no test) +sonar.tests=tests + +# Source encoding +sonar.sourceEncoding=UTF-8 + +# Exclusions for copy-paste detection +sonar.cpd.exclusions=tests/** + +# Exclude directories and files +sonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/**,.github/**,.git/** + +# PHP specific configuration sonar.php.coverage.reportPaths=coverage.xml sonar.php.tests.reportPath=test-report.xml -# Encoding of the source code. Default is default system encoding -sonar.sourceEncoding=UTF-8 - -# Exclude directories -sonar.exclusions=vendor/**,node_modules/**,tests/**,bin/**,build/**,dist/** +# Additional parameters +sonar.verbose=true